Scenarios
You can modify the port, protocol, and IP address of your security group rules as required to ensure the security of your instances.
Before modifying a security group rule, assess its impact to avoid network disruptions or security risks.
Do not directly modify security group rules for running services. Before you modify a security group rule that is in use, you can clone the security group and modify the rule in the test environment to ensure that the modified rule works. For details, see Cloning a Security Group.
Notes and Constraints
Security group rules are like a whitelist. If there are no rules that allow or deny specific traffic, the security group denies all traffic to or from the instances in it.
Procedure
- Log in to the management console.
- Click
in the upper left corner and choose Network > Virtual Private Cloud.The Virtual Private Cloud page is displayed.
- In the navigation pane on the left, choose Access Control > Security Groups.
The security group list is displayed.
- In the security group list, click the name of the security group.
The security group details page is displayed.
- Click the Inbound Rules or Outbound Rules tab as required.
The security group rule list is displayed.
- Locate the target rule and click Modify in the Operation column.
- Modify the security group rule information as prompted and click Confirm.