create and manage security groups
A security group controls the traffic of a connected network interface based on defined inbound and outbound rules. Here’s how to create and manage security groups in the VPC service.
- VPC role management follows IAM role-based access control (RBAC), and all users can create and manage security groups.
- For your IAM permissions by role, please contact your Organization Administrator (Admin).
- Bare Metal Server (BMS) instances do not apply security group rules, even if a security group is assigned. This will be supported in a future release.
Create security group
You can create and apply a new security group to the network interface connected to your instance, instead of using the default security group. Typically, one or more security groups should be assigned to a network interface.
-
Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
-
Click the Security Groups menu, then click the [Create Security Group] button.
-
In the Create Security Group popup, enter the security group information.
[kr-central-2] Create Security Group Popup
Item Description Security Group Name The name of the security group Security Group Description (Optional) A description for the security group Applied Rules Inbound and outbound rule settings -
In the Inbound Rules tab of the Create Security Group popup, click Add to enter the inbound rule information.
Inbound Rules Tab
Item Description Protocol The protocol for communication
- Types: TCP / UDP / ICMP / ALLSource Enter the source IP or @
to specify a security group for allowed sourcesPort Number The port for communication
- Enter the desired port number (e.g., 80)
- Enter a port range (e.g., 1000-2000)Rule Description (Optional) Description for the rule -
In the Outbound Rules tab of the Create Security Group popup, click Add to enter the outbound rule information.
Outbound Rules Tab
Item Description Protocol The protocol for communication
- Types: TCP / UDP / ICMP / ALLDestination Enter the destination IP or @
to specify a security group for allowed destinationsPort Number The port for communication
- Enter the desired port number (e.g., 80)
- Enter a port range (e.g., 1000-2000)Rule Description (Optional) Description for the rule -
Click [Create].
infoAs of October 2024, Bare Metal Server instances do not support security groups. Security group rules do not apply to network interfaces connected to Bare Metal Server instances.
Manage security group
View security group list
You can view the list of currently created security groups and their basic information.
-
Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
-
Click the Security Groups menu, then view the list of created security groups.
[kr-central-2] View Security Group List
Item Description Security Group Name The name of the security group Creation Date The creation date of the security group [More Options] Icon Edit Security Group: Edit the name and description of the security group
Modify Connected Resources: Manage network interface associations with the security group
Copy Security Group: Copy the security group
Delete Security Group: Delete the security group
View security group details
You can view the inbound and outbound rules and other detailed information for the security group.
- Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
- Click the Security Groups menu, then select the security group whose details you want to view.
- View the information on the security group's details page.
Copy security group
You can copy an existing security group to create a new one.
- Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
- Click the Security Groups menu, then select the [More Options] icon for the security group you want to copy > Copy Security Group.
- In the Copy Security Group popup, enter the security group information and the inbound/outbound rules, then click [Copy].
Delete security group
You can delete a security group that is no longer in use. Note that the default security group cannot be deleted.
- Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
- In the Security Groups menu, select the [More Options] icon for the security group you want to delete > Delete Security Group.
- In the Delete Security Group popup, enter the necessary information and click [Delete].
Manage rules
You can manage the inbound and outbound rules for the security group.
Rule | Description |
---|---|
Inbound | Manage the inbound rules for the security group to allow packets coming to the resources connected to the security group based on protocol, port, and IP CIDR range |
Outbound | Manage the outbound rules for the security group to allow packets leaving the resources connected to the security group based on protocol, port, and IP CIDR range |
- Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
- Click the Security Groups menu, then select the security group whose rules you want to manage.
- Click the [Manage Inbound Rules] button in the Inbound Rules tab or the [Manage Outbound Rules] button in the Outbound Rules tab.
- In the Security Group Rules Management popup, click Add to add or delete inbound/outbound rules, and click [Close].