nav-img
Advanced

Default Security Groups

When creating an instance, you must associate it with a security group. If there is no security group available, a default security group will be created and associated with the instance. Note the following when using default security group:

Default Security Group Rules

Note the following when using default security group rules:

  • Inbound rules control incoming traffic to instances in the default security group. The instances can communicate with each other but cannot be accessed from external networks.
  • Outbound rules allow all traffic from the instances in the default security group to external networks.

Figure 1 Default security group


Table 1 describes the default rules for the default security group.

Table 1 Rules in the default security group

Direction

Action

Type

Protocol & Port

Source/Destination

Description

Inbound

Allow

IPv4

All

Source: default security group (default)

Allows IPv4 instances in the security group to communicate with each other using any protocol over any port.

Inbound

Allow

IPv6

All

Source: default security group (default)

Allows IPv6 instances in the security group to communicate with each other using any protocol over any port.

Outbound

Allow

IPv4

All

Destination: 0.0.0.0/0

Allows all traffic from the instances in the security group to any IPv4 address over any port.

Outbound

Allow

IPv6

All

Destination: ::/0

Allows all traffic from the instances in the security group to any IPv6 address over any port.