youjiageng1/doc-exports
1
0
Fork 0
forked from laiweijian4/doc-exports
Code Pull Requests Activity
doc-exports/docs/vpc/umn/SecurityGroup_0003.html
Qin Ying, Fan 19f0993a37 VPC UMN 20231207 version 
Reviewed-by: Sarda, Priya <prsarda@noreply.gitea.eco.tsi-dev.otc-service.com>
Co-authored-by: Qin Ying, Fan <fanqinying@huawei.com>
Co-committed-by: Qin Ying, Fan <fanqinying@huawei.com>
2023-12-20 11:27:38 +00:00

55 lines
5.2 KiB
HTML
Raw Blame History

<a name="SecurityGroup_0003"></a><a name="SecurityGroup_0003"></a>
<h1 class="topictitle1">Default Security Group and Its Rules</h1>
<div id="body1529924412907"><div class="p" id="SecurityGroup_0003__p38211617154214">If you have not created any security groups yet, the system automatically creates a default security group for you and associates it with the instance (such as an ECS) when you create it. A default security group has the following rules:<ul id="SecurityGroup_0003__ul13643173351019"><li id="SecurityGroup_0003__li164313371013">Inbound rules control incoming traffic to instances in a security group. Only instances in the same security group can communicate with each other, and all inbound requests are denied.</li><li id="SecurityGroup_0003__li176437339108">Outbound rules allow all outbound traffic and response traffic to the outbound requests.</li></ul>
</div>
<div class="fignone" id="SecurityGroup_0003__fig997718156161"><span class="figcap"><b>Figure 1 </b>Default security group</span><br><span><img class="eddx" id="SecurityGroup_0003__image22171236172514" src="en-us_image_0000001230120807.png"></span></div>
<div class="note" id="SecurityGroup_0003__note154069174516"><img src="public_sys-resources/note_3.0-en-us.png"><span class="notetitle"> </span><div class="notebody"><ul id="SecurityGroup_0003__ul13707733161311"><li id="SecurityGroup_0003__li04874352138">You cannot delete the default security group, but you can modify existing rules or add rules to the group.</li><li id="SecurityGroup_0003__li131365102713">The default security group is automatically created to simplify the process of creating an instance for the first time. The default security group denies all external requests. To log in to an instance, add a security group rule by referring to <a href="en-us_topic_0081124350.html#en-us_topic_0081124350__section14933617154810">Remotely Logging In to an ECS from a Local Server</a>.</li></ul>
</div></div>
<p id="SecurityGroup_0003__p14738751115618"><a href="#SecurityGroup_0003__table493045171919">Table 1</a> describes the default rules for the default security group.</p>
<div class="tablenoborder"><a name="SecurityGroup_0003__table493045171919"></a><a name="table493045171919"></a><table cellpadding="4" cellspacing="0" summary="" id="SecurityGroup_0003__table493045171919" frame="border" border="1" rules="all"><caption><b>Table 1 </b>Default security group rules</caption><thead align="left"><tr id="SecurityGroup_0003__row12930145141920"><th align="left" class="cellrowborder" valign="top" width="11.83%" id="mcps1.3.5.2.6.1.1"><p id="SecurityGroup_0003__p3930145118194">Direction</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="11.97%" id="mcps1.3.5.2.6.1.2"><p id="SecurityGroup_0003__p129301851131913">Protocol</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="15%" id="mcps1.3.5.2.6.1.3"><p id="SecurityGroup_0003__p093075141919">Port/Range</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="25.22%" id="mcps1.3.5.2.6.1.4"><p id="SecurityGroup_0003__p149306511191">Source/Destination</p>
</th>
<th align="left" class="cellrowborder" valign="top" width="35.980000000000004%" id="mcps1.3.5.2.6.1.5"><p id="SecurityGroup_0003__p99301851161916">Description</p>
</th>
</tr>
</thead>
<tbody><tr id="SecurityGroup_0003__row17931125111193"><td class="cellrowborder" valign="top" width="11.83%" headers="mcps1.3.5.2.6.1.1 "><p id="SecurityGroup_0003__p1593111518191">Outbound</p>
</td>
<td class="cellrowborder" valign="top" width="11.97%" headers="mcps1.3.5.2.6.1.2 "><p id="SecurityGroup_0003__p19931105117191">All</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.5.2.6.1.3 "><p id="SecurityGroup_0003__p15931651181920">All</p>
</td>
<td class="cellrowborder" valign="top" width="25.22%" headers="mcps1.3.5.2.6.1.4 "><p id="SecurityGroup_0003__p179318515196">Destination: 0.0.0.0/0</p>
</td>
<td class="cellrowborder" valign="top" width="35.980000000000004%" headers="mcps1.3.5.2.6.1.5 "><p id="SecurityGroup_0003__p49315518196">Allows all outbound traffic.</p>
</td>
</tr>
<tr id="SecurityGroup_0003__row109311451131911"><td class="cellrowborder" valign="top" width="11.83%" headers="mcps1.3.5.2.6.1.1 "><p id="SecurityGroup_0003__p1293111513193">Inbound</p>
</td>
<td class="cellrowborder" valign="top" width="11.97%" headers="mcps1.3.5.2.6.1.2 "><p id="SecurityGroup_0003__p1493105115194">All</p>
</td>
<td class="cellrowborder" valign="top" width="15%" headers="mcps1.3.5.2.6.1.3 "><p id="SecurityGroup_0003__p1593155181920">All</p>
</td>
<td class="cellrowborder" valign="top" width="25.22%" headers="mcps1.3.5.2.6.1.4 "><p id="SecurityGroup_0003__p593115141917">Source: the current security group (for example, sg-<em id="SecurityGroup_0003__i2138146127154428">xxxxx</em>)</p>
</td>
<td class="cellrowborder" valign="top" width="35.980000000000004%" headers="mcps1.3.5.2.6.1.5 "><p id="SecurityGroup_0003__p2931151121912">Allows communications among ECSs within the security group and denies all inbound traffic (incoming data packets).</p>
</td>
</tr>
</tbody>
</table>
</div>
</div>
<div>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="vpc_SecurityGroup_0001.html">Security Group</a></div>
</div>
</div>
View Git Blame Copy Permalink