Create a Security Group Rule
By default, Amazon Web Services (AWS) Virtual Private Cloud (VPC) blocks all network traffic. This means that any rules are automatically configured to Allow traffic. You cannot edit this action.
Note | When you create a new security group rule you must associate it with a security group. |
The AWS console does not support rules that contain more than one source or destination. This means that if you deploy a single security group rule that contains more than one entity, Security Cloud Control translates the rule into separate rules before deploying it to the AWS VPC. For example, if you create an inbound rule that allows traffic from two port ranges into one cloud security group object, Security Cloud Control translates it into two separate rules: (1) to allow traffic from the first port range to the security group and (2) to allow traffic from the second port range to the security group.
Use this procedure to create a security group rule:
Procedure
Step 1 | In the left pane, click . | ||
Step 2 | Click the Template tab. | ||
Step 3 | Click the AWS tab and select the AWS VPC device template whose access control policy you want to edit.. | ||
Step 4 | In the Management pane at the right, select Policy. | ||
Step 5 | Click the blue plus button next to the security group you wish to add the rule to. | ||
Step 6 | Click Inbound or Outbound.
| ||
Step 7 | Enter the rule name. You can use alphanumeric characters, spaces, and these special characters: + . _ - | ||
Step 8 | Define the traffic matching criteria by using any combination of attributes in the following tabs:
| ||
Step 9 | Click Save. | ||
Step 10 | Review and deploy now the changes you made, or wait and deploy multiple changes at once.
|