No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

FusionCloud 6.3.1 Management Plane Hybrid Cloud Guide 05

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Creating a Security Group

Creating a Security Group

A security group can provide secure access policies for HUAWEI CLOUD ECSs in the same HUAWEI CLOUD VPC. If multiple HUAWEI CLOUD ECSs have the same security protection requirements and trust each other, they can be added to the same security group. After a security group is successfully created, it is shared to the upper-level and lower-level VDCs of the user. When creating a HUAWEI CLOUD ECS for these VDCs, you can select the security group.

Procedure

  1. Use a browser to log in to the ManageOne operation plane as a VDC administrator, a VDC operator, or an agent administrator.

    In the non-B2B scenario, the login address format is https://Address for accessing the Console page, for example, https://console.type.com.

    In the B2B scenario, the login address format is https://Address used by VDC users to access the ManageOne operation plane, for example, https://console.type.com.

  2. In the left part of the main menu, select a region and a project.
  3. Choose Console > Network > Virtual Private Cloud(HWS) from the main menu.
  4. In the navigation pane, choose Security Group(HWS). On the displayed page, click Create Security Group in the upper right corner.
  5. In the displayed dialog box, enter the name of the security group and click OK.
  6. In the security group list, find the newly created security group and add rules for the security group.

    You can add rules in either of the following ways:

    • Method 1: Click Add Rule, set rule information, and click OK, as shown in Figure 4-2.
      Figure 4-2 Adding a security group rule

      Table 4-2 lists the parameters to be configured.

      Table 4-2 Security group parameters

      Parameter

      Description

      Direction

      Indicates the access direction of HUAWEI CLOUD ECSs.
      • Inbound: indicates that an external network accesses a HUAWEI CLOUD ECS in the security group.
      • Outbound: indicates that a HUAWEI CLOUD ECS in the security group accesses an external network.

      Protocol

      Indicates the protocol that supports inbound or outbound accesses.

      Port/Range

      Indicates the port or port range supported by inbound or outbound accesses. Only ports in the selected port range support inbound or outbound accesses.

      Source

      Indicates the IP address or security group of the external network that is allowed to access the HUAWEI CLOUD ECS in the security group. This parameter can be specified only when Direction is set to Inbound.

      Destination

      Indicates the IP address or security group of the external network that the HUAWEI CLOUD ECS in the security group can access. This parameter can be specified only when Direction is set to Outbound.

    • Method 2: Click Fast Add Rule, set rule information, and click OK, as shown in Figure 4-3.
      Figure 4-3 Fast adding a security group rule

      Table 4-3 lists the parameters to be configured.

      Table 4-3 Security group parameters

      Parameter

      Description

      Direction

      Indicates the access direction of HUAWEI CLOUD ECSs.
      • Inbound: indicates that an external network accesses a HUAWEI CLOUD ECS in the security group.
      • Outbound: indicates that a HUAWEI CLOUD ECS in the security group accesses an external network.

      Common Port

      Indicates the common ports, which are used for quick selection. You do not need to replan or redefine ports.

      Custom Port

      Supports user-defined TCP or UDP access ports in the inbound or outbound direction.

      Source

      Indicates the IP address or security group of the external network that is allowed to access the HUAWEI CLOUD ECS in the security group. This parameter can be specified only when Direction is set to Inbound.

      Destination

      Indicates the IP address or security group of the external network that the HUAWEI CLOUD ECS in the security group can access. This parameter can be specified only when Direction is set to Outbound.

Follow-up Procedure

After creating a security group, you can perform the following operations:

  • Modify the security group information such as its name and description.
  • View information about created security group rules.
  • Add or delete security group rules.
  • View information about HUAWEI CLOUD ECSs in the security group.
  • Associate the NIC of the HUAWEI CLOUD ECS with the security group.
  • Delete the security group that is not associated with a NIC. If the security group has been associated with a NIC, disassociate the security group by following the instructions provided in Managing Security Groups and then delete the security group.
Translation
Download
Updated: 2019-01-17

Document ID: EDOC1100043116

Views: 32787

Downloads: 20

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next