Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
en:services:server_services:gwdg_cloud_server:secgroup_manual [2021/06/30 09:09] – [Manage Security Rules] ssadeghen:services:server_services:gwdg_cloud_server:secgroup_manual [2021/08/09 11:19] (current) – [Create and Manage Security Groups] ssadegh
Line 1: Line 1:
 +====== Create and Manage Security Groups ======
 +\\ 
 +This manual provide a quick help on how to create or delete the security groups and their rules using [[https://cloud.gwdg.de/horizon/project/security_groups/| Security Groups Dashboard]].
 +
 +**To login:** \\
 +Authenticate using: Keystone Credentials \\
 +Domain: gwdg \\
 +User Name: your academic email (e.g. myname@gwdg.de) \\
 +Password: your Password \\
 +===== Manage Security Groups =====
 +You can create new security groups, in order to provide certain servers with specific access. They can be added to servers in the time of [[Instances_Manual | Create or Edit]] the server.
 +<WRAP Group> <WRAP column half> 1- From the left menu bar, select Project->Network→Security Groups and then click "Create Security Group" </WRAP><WRAP column half> {{ :en:services:server_services:gwdg_cloud_server:new:horizon_network_secgroup.png?direct&400 |}}</WRAP></WRAP>
 +
 +<WRAP Group> <WRAP column half> 2- Determine a unique meaningful name and an optional description then click "Create Security Group". </WRAP><WRAP column half> {{ :en:services:server_services:gwdg_cloud_server:new:create_sec_group.png?direct&400 |}} </WRAP></WRAP>
 +
 +<WRAP Group> <WRAP column half> Once the security group has been created successfully, it will be shown in the list with an option to manage its security rules. </WRAP><WRAP column half> {{ :en:services:server_services:gwdg_cloud_server:new:sec_group_row.png?direct&400 |}} </WRAP></WRAP>
 +===== Manage Security Rules =====
 +You can add/remove security rules to/from a security group, in order to change the provided access. If the security group is already added to a server, the changes would be applied immediately. 
 +
 +<WRAP Group> <WRAP column half> Click "Manage Rules" from the very right of the security group row. 
 +
 +A form containing all defined rules will be shown.  By default all ports are opened for outbound connections and no inbound connections are allowed. As a result, you can see that it contains 2 Egress rules whit no limitation on IPs and ports. 
 +
 +To add a new rule, click "Add Rule" on top-right of the form.
 +</WRAP><WRAP column half> {{ :en:services:server_services:gwdg_cloud_server:new:manage_sec_rules.png?direct&400 |}} </WRAP></WRAP>
 +
 +<WRAP Group> <WRAP column half> To define a rule, first select a protocol from "Rule" drop-down list (for example SSH), then fill its required field.
 +
 +Leave the "Remote" field with the value CIDR, and in "CIDR" field specify the IP range from where you want to connect to your server. The default value "0.0.0.0/0" means from any IP (no protection).
 + </WRAP><WRAP column half> {{ :en:services:server_services:gwdg_cloud_server:new:secgroup_add_rule.png?direct&400 |}} </WRAP></WRAP>