Configuring security groups

Security groups are sets of IP filter rules that define networking access. The associated rules in each security group control the traffic to instances in the group. Any incoming traffic that is not matched by a rule is denied access by default.

You can add, remove, or modify rules from a security group you have created. You can also modify rules for the default security group. You can also modify the rules to allow access to instances through different ports and protocols. For example, you can modify rules to allow a service on an instance (like a web server) to be visible to the internet or to allow UDP traffic (like a DNS server running on an instance). 

Before you launch an instance, you should add security group rules to enable users to interact with the instance. To do this, you can either add rules to the default security group or add a new security group with rules.

You can assign as many security groups as you like to an instance at any time.

Add a rule to the default security group

If you add rules to the "default" security group, they will be applied to all instances within a given project (unless you explicitly remove the "default" group from an instance). In this example, a rule to open up TCP port 8080 to all incoming traffic will be created. This procedure can be adjusted as necessary to add additional security group rules to a project.

  1. Log in to the DreamCompute Dashboard.
  2. Select the appropriate project from the drop down menu at the top left.
  3. On the Project tab, open the Network tab and click the Security Groups category to see what security groups are available for this project.
  4. Click Manage Rules next to the default security group.
  5. Click Add Rule.
  6. Follow the steps below to add a new rule.

Add a new security group

  1. Log in to the DreamCompute Dashboard.
  2. Select the appropriate project from the drop down menu at the top left.
  3. On the Project tab, open the Network tab and click the Security Groups category to see what security groups are available for this project.
  4. Click Create Security Group.
    how-to-add-a-rule-to-a-security-group_5
  5. Type in a Name for the new security group, add a description (optional), and click Create Security Group.
  6. Click Manage Rules next to the new security group and add rules to it using the steps below.

Adding rule

  1. In the Add Rule pop-up, select/enter the following values:
    • Rule: Custom TCP Rule
    • Direction: Ingress
    • Open Port: Port
    • Port: 8080
    • Remote: CIDR
    • CIDR: 0.0.0.0/0

    To limit port requests to a particular range of IP addresses, specify the IP address block in the CIDR box.

    how-to-add-a-rule-to-a-security-group_3
  2. Click Add.

    Instances will now have port 8080 open for requests from any IP address.

Changing the Security Group

View the following article for instructions on how to change the Security Group of an instance:

Did this article answer your questions?

Article last updated PST.