Specify the inbound access permissions of the security group to allow or deny other devices to send inbound traffic to instances in the security group.-Linux Operation and Maintenance-php.cn

Specify the inbound access permissions of the security group to allow or deny other devices to send inbound traffic to instances in the security group.

坏嘻嘻

Sep 25, 2018 pm 01:44 PM

linux

This article introduces the specific access rights of the security group in the inbound direction, allowing or denying other devices to send inbound traffic to the security group. It focuses on the specific steps. The content of this article is compact. I hope you can learn something. reward.

AuthorizeSecurityGroup

Add a security group inbound rule. Specify the inbound access permissions of the security group to allow or deny other devices to send inbound traffic to instances in the security group.

Description

We define the initiating end of the inbound traffic as the source end (Source), and the receiving end of the data transmission as the destination end (Destination) ),As shown below.

Specify the inbound access permissions of the security group to allow or deny other devices to send inbound traffic to instances in the security group.

When calling this interface, you need to understand:

A security group can have up to 100 security group rules.

Security group rules are divided into two categories: accept access (accept) and deny access (drop).

The security group rule priority (Priority) optional range is [1, 100]. The smaller the number, the higher the priority.

Among security group rules with the same priority, rules that deny access (drop) take precedence.

The source device can be a specified IP address range (SourceCidrIp) or an instance in another security group (SourceGroupId).

Any set of parameters below can determine a security group rule. Specifying only one parameter cannot determine a security group rule. If a matching security group rule already exists, this call to AuthorizeSecurityGroup fails.

Set the access permissions for the specified IP address segment, such as request example 1: IpProtocol, PortRange, (optional) SourcePortRange, NicType, Policy, (optional) DestCiderIp and SourceCidrIp

Set other security The access rights of the group, such as request example 2: IpProtocol, PortRange, (optional) SourcePortRange, NicType, Policy, (optional) DestCiderIp, SourceGroupOwnerAccount and SourceGroupId

Request parameters Specify the inbound access permissions of the security group to allow or deny other devices to send inbound traffic to instances in the security group.

Return parameters

are all public return parameters. See Public Parameters.

Example

For more examples of setting security group rules, please refer to Application Cases, Typical Applications of Security Group Rules and Security Group Five An introduction to tuple rules.

Request Example 1

Set the access permissions for the specified IP address range. At this time, the network card type (NicType) of the classic network type security group can be set to public network (internet) and intranet (intranet). The network card type (NicType) of the VPC type security group can only be set to the intranet.

https://ecs.aliyuncs.com/?Action=AuthorizeSecurityGroup
&SecurityGroupId=sg-F876FF7BA
&SourceCidrIp=0.0.0.0/0
&IpProtocol=tcp
&PortRange=1/65535
&NicType=intranet
&Policy=Allow
&<公共请求参数>

Request example two

Set the access permissions of other security groups. At this time, the network card type (NicType) can only be intranet. When security groups of the classic network type communicate with each other, you can set the access permissions of other security groups in the same region to your security group. This security group can be yours or another Alibaba Cloud account (SourceGroupOwnerAccount). When VPC security groups communicate with each other, you can set the access permissions of other security groups in the same VPC to this security group.

https://ecs.aliyuncs.com/?Action=AuthorizeSecurityGroup
&SecurityGroupId=sg-F876FF7BA
&SourceGroupId=sg-1651FBB64
&SourceGroupOwnerAccount=test@aliyun.com
&IpProtocol=tcp
&PortRange=1/65535
&NicType=intranet
&Policy=Drop
&<公共请求参数>

Return example

XML format

<AuthorizeSecurityGroupResponse>
    <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
</AuthorizeSecurityGroupResponse>

JSON format

{
    "RequestId":"CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

The following are the error codes unique to this interface. For more error codes, please visit the API Error Center. Specify the inbound access permissions of the security group to allow or deny other devices to send inbound traffic to instances in the security group.

The above is the detailed content of Specify the inbound access permissions of the security group to allow or deny other devices to send inbound traffic to instances in the security group.. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn

What is Maintenance Mode in Linux? ExplainedApr 22, 2025 am 12:06 AM

MaintenanceModeinLinuxisaspecialbootenvironmentforcriticalsystemmaintenancetasks.Itallowsadministratorstoperformtaskslikeresettingpasswords,repairingfilesystems,andrecoveringfrombootfailuresinaminimalenvironment.ToenterMaintenanceMode,interrupttheboo

Linux: A Deep Dive into Its Fundamental PartsApr 21, 2025 am 12:03 AM

The core components of Linux include kernel, file system, shell, user and kernel space, device drivers, and performance optimization and best practices. 1) The kernel is the core of the system, managing hardware, memory and processes. 2) The file system organizes data and supports multiple types such as ext4, Btrfs and XFS. 3) Shell is the command center for users to interact with the system and supports scripting. 4) Separate user space from kernel space to ensure system stability. 5) The device driver connects the hardware to the operating system. 6) Performance optimization includes tuning system configuration and following best practices.

Linux Architecture: Unveiling the 5 Basic ComponentsApr 20, 2025 am 12:04 AM

The five basic components of the Linux system are: 1. Kernel, 2. System library, 3. System utilities, 4. Graphical user interface, 5. Applications. The kernel manages hardware resources, the system library provides precompiled functions, system utilities are used for system management, the GUI provides visual interaction, and applications use these components to implement functions.

Linux Operations: Utilizing the Maintenance ModeApr 19, 2025 am 12:08 AM

Linux maintenance mode can be entered through the GRUB menu. The specific steps are: 1) Select the kernel in the GRUB menu and press 'e' to edit, 2) Add 'single' or '1' at the end of the 'linux' line, 3) Press Ctrl X to start. Maintenance mode provides a secure environment for tasks such as system repair, password reset and system upgrade.

Linux: How to Enter Recovery Mode (and Maintenance)Apr 18, 2025 am 12:05 AM

The steps to enter Linux recovery mode are: 1. Restart the system and press the specific key to enter the GRUB menu; 2. Select the option with (recoverymode); 3. Select the operation in the recovery mode menu, such as fsck or root. Recovery mode allows you to start the system in single-user mode, perform file system checks and repairs, edit configuration files, and other operations to help solve system problems.

Linux's Essential Components: Explained for BeginnersApr 17, 2025 am 12:08 AM

The core components of Linux include the kernel, file system, shell and common tools. 1. The kernel manages hardware resources and provides basic services. 2. The file system organizes and stores data. 3. Shell is the interface for users to interact with the system. 4. Common tools help complete daily tasks.

Linux: A Look at Its Fundamental StructureApr 16, 2025 am 12:01 AM

The basic structure of Linux includes the kernel, file system, and shell. 1) Kernel management hardware resources and use uname-r to view the version. 2) The EXT4 file system supports large files and logs and is created using mkfs.ext4. 3) Shell provides command line interaction such as Bash, and lists files using ls-l.

Linux Operations: System Administration and MaintenanceApr 15, 2025 am 12:10 AM

The key steps in Linux system management and maintenance include: 1) Master the basic knowledge, such as file system structure and user management; 2) Carry out system monitoring and resource management, use top, htop and other tools; 3) Use system logs to troubleshoot, use journalctl and other tools; 4) Write automated scripts and task scheduling, use cron tools; 5) implement security management and protection, configure firewalls through iptables; 6) Carry out performance optimization and best practices, adjust kernel parameters and develop good habits.

See all articles