You can use security group rules to control the access to public or internal networks of the ECS instances in a security group. To add security group rules, perform the steps on this procedure.
Prerequisites
Ensure that you have created a security group. For more information, see Create a Security Group.
Ensure that you know which internal or public network requests need to be allowed or denied for your instance.
Procedure
Click Create Rules Now.
The
Security Group page appears.
Click Add Security Group Rule.
The
Add Security Group Rule dialog box appears.
From the Rule Direction drop-down menu, select Inbound.
By default, all Outbound traffic is allowed.
From the Action drop-down menu, select Allow.
To allow inbound connectivity to your Edge, select Protocol Type and Port Range.
The port range is based on the protocol type. The following are some of the examples:
VCMP: UDP port 2426
SSH: TCP port 22
SNMP UDP port 161
ICMP Request/Reply
Select Authorization Type and Authorization Objects.
The authorized IP address is based on the authorization type. For example, for IPv4 CIDR block, specifying 0.0.0.0/0 will allow or deny all IP addresses, based on the authorization policy.
Click OK.
Results
Click the refresh icon to confirm that the security group rule is added. Changes to security group rules are automatically applied to Elastic Compute Service (ECS) instances in the security group.