What is a Security Group?
A security group is a virtual firewall that detects status and filters data packets. It is an important network isolation method used to set access control for ECS, BMS, load balancer, and database instance.
Default security group
When you create a BMS in a region, the system will create a default security group if no security group exists in the region.
The default security group rule allows all outgoing data packets and blocks incoming data packets. BMS in this security group can access each other already. You do not need to add additional rules.
Figure 1 Default security group
Table 1 lists the rules for a default security group.
Table 1 Default security group rules Direction Protocol Port Range Source/Destination Description Outbound All All Destination: 0.0.0.0/0 Allows all outbound traffic. Inbound All All Source: current security group ID (for example, sg-xxxxx) Allows inbound traffic from BMS in the same security group. Inbound TCP 22 Source: 0.0.0.0/0 Allows all IP addresses to access Linux BMSs over SSH. Inbound TCP 3389 Source: 0.0.0.0/0 Allows all IP addresses to access Windows BMSs over RDP.