Quick Start

When adding a rule to a security group, you can set the following properties:

  • Traffic Type
    INGRESS (incoming) or EGRESS (outgoing).
  • Source Type
    a CIDR or a security group. Source type allows you to define internal rules between security groups without using IP addresses directly. Traffic between your machines will be routed internally with no exposure to the internet.
  • Protocol
    TCP, UDP or ICMP. The special tunneling protocols AH, ESP and GRE are also available. Learn more on our blog.
  • Start Port and End Port
    define rules for a specific port (the same port as start and end port) or for a whole range.

Additionally ICMP protocol let you specify type and code.

The interface easily allows you to create your rules

Example: Access via SSH

Say you want to access your instance via SSH. On a new instance with no custom SSH configuration, you will need to set a rule in an attributed security group to allow TCP ingress on port 22. You can set it as follows:

  • Type: INGRESS
  • Protocol: TCP
  • Source: 0.0.0.0/0
  • Start Port: 22
  • End Port: 22

For the most common cases, you can choose between PING, SSH and RDP in the Portal.

You can add some common rules in one click on