Skip to main content

create and manage security groups

A security group controls the traffic of a connected network interface based on defined inbound and outbound rules. Here’s how to create and manage security groups in the VPC service.

info
  • VPC role management follows IAM role-based access control (RBAC), and all users can create and manage security groups.
  • For your IAM permissions by role, please contact your Organization Administrator (Admin).
  • Bare Metal Server (BMS) instances do not apply security group rules, even if a security group is assigned. This will be supported in a future release.

Create security group

You can create and apply a new security group to the network interface connected to your instance, instead of using the default security group. Typically, one or more security groups should be assigned to a network interface.

  1. Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.

  2. Click the Security Groups menu, then click the [Create Security Group] button.

  3. In the Create Security Group popup, enter the security group information.

    vpc_htg_sg_kr2_02.png [kr-central-2] Create Security Group Popup

    ItemDescription
    Security Group NameThe name of the security group
    Security Group Description (Optional)A description for the security group
    Applied RulesInbound and outbound rule settings
  4. In the Inbound Rules tab of the Create Security Group popup, click Add to enter the inbound rule information.

    vpc_htg_sg_kr2_03.png Inbound Rules Tab

    ItemDescription
    ProtocolThe protocol for communication
    - Types: TCP / UDP / ICMP / ALL
    SourceEnter the source IP or @ to specify a security group for allowed sources
    Port NumberThe port for communication
    - Enter the desired port number (e.g., 80)
    - Enter a port range (e.g., 1000-2000)
    Rule Description (Optional)Description for the rule
  5. In the Outbound Rules tab of the Create Security Group popup, click Add to enter the outbound rule information.

    vpc_htg_sg_kr2_03-1.png Outbound Rules Tab

    ItemDescription
    ProtocolThe protocol for communication
    - Types: TCP / UDP / ICMP / ALL
    DestinationEnter the destination IP or @ to specify a security group for allowed destinations
    Port NumberThe port for communication
    - Enter the desired port number (e.g., 80)
    - Enter a port range (e.g., 1000-2000)
    Rule Description (Optional)Description for the rule
  6. Click [Create].

    info

    As of October 2024, Bare Metal Server instances do not support security groups. Security group rules do not apply to network interfaces connected to Bare Metal Server instances.

Manage security group

View security group list

You can view the list of currently created security groups and their basic information.

  1. Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.

  2. Click the Security Groups menu, then view the list of created security groups.

    vpc_htg_sg_kr2_04.png [kr-central-2] View Security Group List

    ItemDescription
    Security Group NameThe name of the security group
    Creation DateThe creation date of the security group
    [More Options] IconEdit Security Group: Edit the name and description of the security group
    Modify Connected Resources: Manage network interface associations with the security group
    Copy Security Group: Copy the security group
    Delete Security Group: Delete the security group

View security group details

You can view the inbound and outbound rules and other detailed information for the security group.

  1. Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
  2. Click the Security Groups menu, then select the security group whose details you want to view.
  3. View the information on the security group's details page.

Copy security group

You can copy an existing security group to create a new one.

  1. Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
  2. Click the Security Groups menu, then select the [More Options] icon for the security group you want to copy > Copy Security Group.
  3. In the Copy Security Group popup, enter the security group information and the inbound/outbound rules, then click [Copy].

Delete security group

You can delete a security group that is no longer in use. Note that the default security group cannot be deleted.

  1. Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
  2. In the Security Groups menu, select the [More Options] icon for the security group you want to delete > Delete Security Group.
  3. In the Delete Security Group popup, enter the necessary information and click [Delete].

Manage rules

You can manage the inbound and outbound rules for the security group.

RuleDescription
InboundManage the inbound rules for the security group to allow packets coming to the resources connected to the security group based on protocol, port, and IP CIDR range
OutboundManage the outbound rules for the security group to allow packets leaving the resources connected to the security group based on protocol, port, and IP CIDR range
  1. Go to the KakaoCloud Console > Beyond Networking Service > VPC menu.
  2. Click the Security Groups menu, then select the security group whose rules you want to manage.
  3. Click the [Manage Inbound Rules] button in the Inbound Rules tab or the [Manage Outbound Rules] button in the Outbound Rules tab.
  4. In the Security Group Rules Management popup, click Add to add or delete inbound/outbound rules, and click [Close].