- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Operation Guide Overview
- Use Limits Overview
- Instances
- Creating Instances
- Batch Sequential Naming or Pattern String-Based Naming
- Resource Adjustment
- Query Info
- Renaming Instances
- Resetting Instance Password
- Management instance IP address
- Change Instance Subnet
- Change Security Group
- Search Instances
- Export Instances
- Querying the Repossession Status of a Spot Instance
- Renew Instances
- Shutdown Instances
- Restarting Instances
- Logging into Linux Instance
- Logging into Windows instance
- Reinstalling System
- Terminating Instances
- Instance Expires
- Spot Instances
- No Charges When Shut down for Pay-as-You-Go Instances
- Images
- Service Migration
- Online Migration
- Overview
- Online Migration Tool
- Tencent Cloud Migration Tutorial
- Migration Tutorial for Different Source Environments
- Migrating AWS EC2 Data to Tencent Cloud
- Migrating Alibaba Cloud ECS Data to Tencent Cloud
- Migrating Huawei Cloud ECS Data to Tencent Cloud
- Migrating UCloud UHost Data to Tencent Cloud
- Migrating Baidu Cloud BCC Data to Tencent Cloud
- Migrating VMWare Virtual Machine Data to Tencent Cloud
- Migrating China Telecom e-Cloud Cloud Server Data to Tencent Cloud
- Offline Migration
- Contact Us
- Online Migration
- Network
- Cloud Block Storage
- Security
- Security Groups
- Protection of Sensitive Operations
- Managing Login Password
- Managing SSH keys
- Spread Placement Group
- Unblocking Port 25
- Tags
- Monitoring and Alarms
- Console Example
- Best Practice
- Best Practices
- Setting up a Website
- Building an Environment
- Building a Website
- Building an Application
- Network Performance Test
- Using RemoteFx to Redirect USB Devices in Windows
- Using USB/IP to Share USB Devices in Linux
- OPS Guide
- Mount Data Disks
- Environment Configurations
- Upload File
- Copying Local Files to CVMs
- Uploading Files from MacOS to Windows CVM using MRD
- Uploading Files from Linux to Windows CVM using RDP
- Uploading Files from Linux to a CVM Using FTP
- Uploading files via WinSCP to a Linux CVM from Windows
- Uploading Files from Windows to a CVM Using FTP
- Uploading Files via SCP to a Linux CVM from Linux
- Uploading Files from Windows to a Windows CVM using MSTSC
- Installing Software
- User Data
- System-related
- Others
- Troubleshooting Issues
- Instance Related Failures
- Failed to shut down or restart a CVM
- Remote Connect Failure Due to Security Group Settings
- About Linux Instances
- About Windows Instances
- Windows Instance Login Failure
- Requires network-level identity verification
- Connection to a Windows CVM through Remote Desktop was denied
- An authentication error occurred when you tried to log in to a Windows instance remotely
- Problems occurred when you tried to log in to a Windows CVM remotely on Mac
- Credentials Not Work
- Failed to log in to a Windows CVM due to high CPU and memory usage
- Failed to connect to a remote computer through Remote Desktop
- Remote Login Failure Due To Port Issues
- Windows instance: no remote Desktop license server can provide license
- Network Namespace Creation Failure
- CVM Login Failures
- Login Failure Due to High Bandwidth Occupation
- Login Failure Due to Server Isolation
- Failed to Reset the CVM Password or the CVM Password Is Invalid
- Network Related Failures
- Downloading Remote Desktop for Mac
- Instance Related Failures
- API Documentation
- Introduction
- API Category
- Making API Requests
- CDH APIs
- Image APIs
- Key APIs
- Instance APIs
- AssociateSecurityGroups
- CreateDisasterRecoverGroup
- DeleteDisasterRecoverGroups
- DescribeDisasterRecoverGroupQuota
- DescribeInstanceFamilyConfigs
- DescribeDisasterRecoverGroups
- DescribeInstanceTypeConfigs
- DescribeInstanceVncUrl
- DescribeInstances
- DescribeInstancesOperationLimit
- DescribeInstancesStatus
- DescribeInternetChargeTypeConfigs
- DescribeZoneInstanceConfigInfos
- DisassociateSecurityGroups
- InquiryPriceResetInstance
- InquiryPriceResetInstancesInternetMaxBandwidth
- InquiryPriceResetInstancesType
- InquiryPriceResizeInstanceDisks
- InquiryPriceRunInstances
- ModifyDisasterRecoverGroupAttribute
- ModifyInstancesAttribute
- ModifyInstancesProject
- ModifyInstancesVpcAttribute
- RebootInstances
- ResetInstance
- ResetInstancesInternetMaxBandwidth
- ResetInstancesPassword
- ResetInstancesType
- ResizeInstanceDisks
- RunInstances
- StartInstances
- StopInstances
- TerminateInstances
- Region APIs
- Data Types
- Error Codes
- FAQs
- Service Agreement
- Notice
- Glossary
- Product Introduction
- Purchase Guide
- Getting Started
- Operation Guide
- Operation Guide Overview
- Use Limits Overview
- Instances
- Creating Instances
- Batch Sequential Naming or Pattern String-Based Naming
- Resource Adjustment
- Query Info
- Renaming Instances
- Resetting Instance Password
- Management instance IP address
- Change Instance Subnet
- Change Security Group
- Search Instances
- Export Instances
- Querying the Repossession Status of a Spot Instance
- Renew Instances
- Shutdown Instances
- Restarting Instances
- Logging into Linux Instance
- Logging into Windows instance
- Reinstalling System
- Terminating Instances
- Instance Expires
- Spot Instances
- No Charges When Shut down for Pay-as-You-Go Instances
- Images
- Service Migration
- Online Migration
- Overview
- Online Migration Tool
- Tencent Cloud Migration Tutorial
- Migration Tutorial for Different Source Environments
- Migrating AWS EC2 Data to Tencent Cloud
- Migrating Alibaba Cloud ECS Data to Tencent Cloud
- Migrating Huawei Cloud ECS Data to Tencent Cloud
- Migrating UCloud UHost Data to Tencent Cloud
- Migrating Baidu Cloud BCC Data to Tencent Cloud
- Migrating VMWare Virtual Machine Data to Tencent Cloud
- Migrating China Telecom e-Cloud Cloud Server Data to Tencent Cloud
- Offline Migration
- Contact Us
- Online Migration
- Network
- Cloud Block Storage
- Security
- Security Groups
- Protection of Sensitive Operations
- Managing Login Password
- Managing SSH keys
- Spread Placement Group
- Unblocking Port 25
- Tags
- Monitoring and Alarms
- Console Example
- Best Practice
- Best Practices
- Setting up a Website
- Building an Environment
- Building a Website
- Building an Application
- Network Performance Test
- Using RemoteFx to Redirect USB Devices in Windows
- Using USB/IP to Share USB Devices in Linux
- OPS Guide
- Mount Data Disks
- Environment Configurations
- Upload File
- Copying Local Files to CVMs
- Uploading Files from MacOS to Windows CVM using MRD
- Uploading Files from Linux to Windows CVM using RDP
- Uploading Files from Linux to a CVM Using FTP
- Uploading files via WinSCP to a Linux CVM from Windows
- Uploading Files from Windows to a CVM Using FTP
- Uploading Files via SCP to a Linux CVM from Linux
- Uploading Files from Windows to a Windows CVM using MSTSC
- Installing Software
- User Data
- System-related
- Others
- Troubleshooting Issues
- Instance Related Failures
- Failed to shut down or restart a CVM
- Remote Connect Failure Due to Security Group Settings
- About Linux Instances
- About Windows Instances
- Windows Instance Login Failure
- Requires network-level identity verification
- Connection to a Windows CVM through Remote Desktop was denied
- An authentication error occurred when you tried to log in to a Windows instance remotely
- Problems occurred when you tried to log in to a Windows CVM remotely on Mac
- Credentials Not Work
- Failed to log in to a Windows CVM due to high CPU and memory usage
- Failed to connect to a remote computer through Remote Desktop
- Remote Login Failure Due To Port Issues
- Windows instance: no remote Desktop license server can provide license
- Network Namespace Creation Failure
- CVM Login Failures
- Login Failure Due to High Bandwidth Occupation
- Login Failure Due to Server Isolation
- Failed to Reset the CVM Password or the CVM Password Is Invalid
- Network Related Failures
- Downloading Remote Desktop for Mac
- Instance Related Failures
- API Documentation
- Introduction
- API Category
- Making API Requests
- CDH APIs
- Image APIs
- Key APIs
- Instance APIs
- AssociateSecurityGroups
- CreateDisasterRecoverGroup
- DeleteDisasterRecoverGroups
- DescribeDisasterRecoverGroupQuota
- DescribeInstanceFamilyConfigs
- DescribeDisasterRecoverGroups
- DescribeInstanceTypeConfigs
- DescribeInstanceVncUrl
- DescribeInstances
- DescribeInstancesOperationLimit
- DescribeInstancesStatus
- DescribeInternetChargeTypeConfigs
- DescribeZoneInstanceConfigInfos
- DisassociateSecurityGroups
- InquiryPriceResetInstance
- InquiryPriceResetInstancesInternetMaxBandwidth
- InquiryPriceResetInstancesType
- InquiryPriceResizeInstanceDisks
- InquiryPriceRunInstances
- ModifyDisasterRecoverGroupAttribute
- ModifyInstancesAttribute
- ModifyInstancesProject
- ModifyInstancesVpcAttribute
- RebootInstances
- ResetInstance
- ResetInstancesInternetMaxBandwidth
- ResetInstancesPassword
- ResetInstancesType
- ResizeInstanceDisks
- RunInstances
- StartInstances
- StopInstances
- TerminateInstances
- Region APIs
- Data Types
- Error Codes
- FAQs
- Service Agreement
- Notice
- Glossary
Creating a Security Group
Last updated: 2020-03-06 10:50:16
Scenario
Security Groups act as virtual firewalls for CVMs. Each CVM instance must associate with at least one security group. By default, each CVM instance has two templates (Open all ports and Open port 22, 80, 443, 3389 and ICMP protocol) for creating a default security group. For details, refer to Security Group Overview.
If the default security group does not meet your needs, you can create your own security group as instructed below.
Directions
- Log in to the CVM Console.
- In the left sidebar, select Security Group. The Security Group page then appears.
- Select a region for the security group. Click +New.
- In the Create a security group page, complete the following configurations:
- Template: select a template that suits your needs, as shown below:
Template Description Notes Open all ports All ports are open. May present security issues. - Open port 22,80,443,3389 and ICMP protocol Port 22, 80, 443 and 3389, and the ICMP protocol are open. All ports are open internally. Suitable for instances with web services. Custom Creates a blank security group in which rules are added afterwards. For details on how to add rules, refer to this article. - - Name: name of the security group.
- Project: by default, Default project is selected. Select a project for better management.
- Notes: a short description for the security group.
- Template: select a template that suits your needs, as shown below:
- Click OK to create the security group.
If you select Custom as the template for your security group, click Add rules now to add security group rules.
Was this page helpful?