- 动态与公告
- 腾讯云网络总览
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 最佳实践
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Making API Requests
- VPC APIs
- DeleteTrafficPackages
- DescribeUsedIpAddress
- DescribeAccountAttributes
- CreateDefaultVpc
- CreateVpc
- ModifyVpcAttribute
- DescribeVpcs
- DescribeVpcPrivateIpAddresses
- DescribeVpcInstances
- DeleteVpc
- AttachClassicLinkVpc
- DescribeClassicLinkInstances
- DetachClassicLinkVpc
- AssignIpv6CidrBlock
- DescribeVpcIpv6Addresses
- UnassignIpv6CidrBlock
- CreateAssistantCidr
- ModifyAssistantCidr
- DescribeAssistantCidr
- CheckAssistantCidr
- DeleteAssistantCidr
- DescribeVpcResourceDashboard
- ModifyLocalGateway
- DescribeLocalGateway
- DeleteLocalGateway
- CreateLocalGateway
- AdjustPublicAddress
- DescribeTrafficPackages
- Subnet APIs
- Route Table APIs
- EIP APIs
- Highly Available Virtual IP APIs
- ENI APIs
- AssignPrivateIpAddresses
- UnassignPrivateIpAddresses
- ModifyNetworkInterfaceAttribute
- DetachNetworkInterface
- DescribeNetworkInterfaces
- CreateNetworkInterface
- AttachNetworkInterface
- MigratePrivateIpAddress
- MigrateNetworkInterface
- DeleteNetworkInterface
- ModifyPrivateIpAddressesAttribute
- UnassignIpv6Addresses
- ModifyIpv6AddressesAttribute
- AssignIpv6Addresses
- DescribeNetworkInterfaceLimit
- DisassociateNetworkInterfaceSecurityGroups
- AssociateNetworkInterfaceSecurityGroups
- CreateAndAttachNetworkInterface
- IP Location APIs
- Bandwidth Package APIs
- NAT Gateway APIs
- DescribeNatGateways
- ResetNatGatewayConnection
- ModifyNatGatewayDestinationIpPortTranslationNatRule
- ModifyNatGatewayAttribute
- DisassociateNatGatewayAddress
- DescribeNatGatewayDestinationIpPortTranslationNatRules
- DeleteNatGatewayDestinationIpPortTranslationNatRule
- DeleteNatGateway
- CreateNatGatewayDestinationIpPortTranslationNatRule
- CreateNatGateway
- AssociateNatGatewayAddress
- ModifyNatGatewaySourceIpTranslationNatRule
- DescribeNatGatewaySourceIpTranslationNatRules
- DeleteNatGatewaySourceIpTranslationNatRule
- CreateNatGatewaySourceIpTranslationNatRule
- RefreshDirectConnectGatewayRouteToNatGateway
- DescribeNatGatewayDirectConnectGatewayRoute
- VPN Gateway APIs
- GenerateVpnConnectionDefaultHealthCheckIp
- ResetVpnGatewayInternetMaxBandwidth
- ResetVpnConnection
- RenewVpnGateway
- ModifyVpnGatewayAttribute
- ModifyVpnConnectionAttribute
- ModifyCustomerGatewayAttribute
- InquiryPriceResetVpnGatewayInternetMaxBandwidth
- InquiryPriceRenewVpnGateway
- InquiryPriceCreateVpnGateway
- DownloadCustomerGatewayConfiguration
- DescribeVpnGateways
- DescribeVpnConnections
- DescribeCustomerGateways
- DescribeCustomerGatewayVendors
- DeleteVpnGateway
- DeleteVpnConnection
- DeleteCustomerGateway
- CreateVpnGateway
- CreateVpnConnection
- CreateCustomerGateway
- ModifyVpnGatewayCcnRoutes
- DescribeVpnGatewayCcnRoutes
- ModifyVpnGatewayRoutes
- DescribeVpnGatewayRoutes
- DeleteVpnGatewayRoutes
- CreateVpnGatewayRoutes
- SetVpnGatewaysRenewFlag
- Direct Connect Gateway APIs
- ReplaceDirectConnectGatewayCcnRoutes
- DescribeDirectConnectGatewayCcnRoutes
- DeleteDirectConnectGatewayCcnRoutes
- CreateDirectConnectGatewayCcnRoutes
- CreateDirectConnectGateway
- ModifyDirectConnectGatewayAttribute
- DescribeDirectConnectGateways
- DeleteDirectConnectGateway
- DisassociateDirectConnectGatewayNatGateway
- AssociateDirectConnectGatewayNatGateway
- InquirePriceCreateDirectConnectGateway
- Cloud Connect Network APIs
- SetCcnRegionBandwidthLimits
- ModifyCcnAttribute
- EnableCcnRoutes
- DisableCcnRoutes
- DetachCcnInstances
- DescribeCcns
- DescribeCcnRoutes
- DescribeCcnRegionBandwidthLimits
- DescribeCcnAttachedInstances
- DeleteCcn
- CreateCcn
- AttachCcnInstances
- ResetAttachCcnInstances
- RejectAttachCcnInstances
- AcceptAttachCcnInstances
- ModifyCcnRegionBandwidthLimitsType
- GetCcnRegionBandwidthLimits
- DescribeCrossBorderCompliance
- AuditCrossBorderCompliance
- ModifyCcnAttachedInstancesAttribute
- Security Group APIs
- ReplaceSecurityGroupPolicies
- DeleteSecurityGroup
- DescribeSecurityGroupPolicies
- ModifySecurityGroupAttribute
- CreateSecurityGroup
- CreateSecurityGroupPolicies
- DescribeSecurityGroups
- DeleteSecurityGroupPolicies
- ModifySecurityGroupPolicies
- ReplaceSecurityGroupPolicy
- DescribeSecurityGroupAssociationStatistics
- DescribeSecurityGroupReferences
- CreateSecurityGroupWithPolicies
- CloneSecurityGroup
- Network ACL APIs
- Network Parameter Template-Related APIs
- CreateAddressTemplate
- CreateAddressTemplateGroup
- CreateServiceTemplate
- CreateServiceTemplateGroup
- DeleteAddressTemplate
- DeleteAddressTemplateGroup
- DeleteServiceTemplate
- DeleteServiceTemplateGroup
- DescribeAddressTemplateGroups
- DescribeAddressTemplates
- DescribeServiceTemplateGroups
- DescribeServiceTemplates
- ModifyAddressTemplateAttribute
- ModifyAddressTemplateGroupAttribute
- ModifyServiceTemplateAttribute
- ModifyServiceTemplateGroupAttribute
- Network Detection-Related APIs
- Flow Log APIs
- Gateway Traffic Monitor APIs
- Private Link APIs
- CreateVpcEndPointService
- DescribeVpcEndPointService
- ModifyVpcEndPointServiceAttribute
- DeleteVpcEndPointService
- CreateVpcEndPointServiceWhiteList
- DescribeVpcEndPointServiceWhiteList
- ModifyVpcEndPointServiceWhiteList
- EnableVpcEndPointConnect
- DeleteVpcEndPointServiceWhiteList
- DescribeVpcEndPoint
- CreateVpcEndPoint
- ModifyVpcEndPointAttribute
- DeleteVpcEndPoint
- DisassociateVpcEndPointSecurityGroups
- Snapshot Policy APIs
- Other APIs
- Data Types
- Error Codes
- 常见问题
- 联系我们
- 词汇表
- 动态与公告
- 腾讯云网络总览
- 产品简介
- 购买指南
- 快速入门
- 操作指南
- 最佳实践
- 故障处理
- API 文档
- History
- Introduction
- API Category
- Making API Requests
- VPC APIs
- DeleteTrafficPackages
- DescribeUsedIpAddress
- DescribeAccountAttributes
- CreateDefaultVpc
- CreateVpc
- ModifyVpcAttribute
- DescribeVpcs
- DescribeVpcPrivateIpAddresses
- DescribeVpcInstances
- DeleteVpc
- AttachClassicLinkVpc
- DescribeClassicLinkInstances
- DetachClassicLinkVpc
- AssignIpv6CidrBlock
- DescribeVpcIpv6Addresses
- UnassignIpv6CidrBlock
- CreateAssistantCidr
- ModifyAssistantCidr
- DescribeAssistantCidr
- CheckAssistantCidr
- DeleteAssistantCidr
- DescribeVpcResourceDashboard
- ModifyLocalGateway
- DescribeLocalGateway
- DeleteLocalGateway
- CreateLocalGateway
- AdjustPublicAddress
- DescribeTrafficPackages
- Subnet APIs
- Route Table APIs
- EIP APIs
- Highly Available Virtual IP APIs
- ENI APIs
- AssignPrivateIpAddresses
- UnassignPrivateIpAddresses
- ModifyNetworkInterfaceAttribute
- DetachNetworkInterface
- DescribeNetworkInterfaces
- CreateNetworkInterface
- AttachNetworkInterface
- MigratePrivateIpAddress
- MigrateNetworkInterface
- DeleteNetworkInterface
- ModifyPrivateIpAddressesAttribute
- UnassignIpv6Addresses
- ModifyIpv6AddressesAttribute
- AssignIpv6Addresses
- DescribeNetworkInterfaceLimit
- DisassociateNetworkInterfaceSecurityGroups
- AssociateNetworkInterfaceSecurityGroups
- CreateAndAttachNetworkInterface
- IP Location APIs
- Bandwidth Package APIs
- NAT Gateway APIs
- DescribeNatGateways
- ResetNatGatewayConnection
- ModifyNatGatewayDestinationIpPortTranslationNatRule
- ModifyNatGatewayAttribute
- DisassociateNatGatewayAddress
- DescribeNatGatewayDestinationIpPortTranslationNatRules
- DeleteNatGatewayDestinationIpPortTranslationNatRule
- DeleteNatGateway
- CreateNatGatewayDestinationIpPortTranslationNatRule
- CreateNatGateway
- AssociateNatGatewayAddress
- ModifyNatGatewaySourceIpTranslationNatRule
- DescribeNatGatewaySourceIpTranslationNatRules
- DeleteNatGatewaySourceIpTranslationNatRule
- CreateNatGatewaySourceIpTranslationNatRule
- RefreshDirectConnectGatewayRouteToNatGateway
- DescribeNatGatewayDirectConnectGatewayRoute
- VPN Gateway APIs
- GenerateVpnConnectionDefaultHealthCheckIp
- ResetVpnGatewayInternetMaxBandwidth
- ResetVpnConnection
- RenewVpnGateway
- ModifyVpnGatewayAttribute
- ModifyVpnConnectionAttribute
- ModifyCustomerGatewayAttribute
- InquiryPriceResetVpnGatewayInternetMaxBandwidth
- InquiryPriceRenewVpnGateway
- InquiryPriceCreateVpnGateway
- DownloadCustomerGatewayConfiguration
- DescribeVpnGateways
- DescribeVpnConnections
- DescribeCustomerGateways
- DescribeCustomerGatewayVendors
- DeleteVpnGateway
- DeleteVpnConnection
- DeleteCustomerGateway
- CreateVpnGateway
- CreateVpnConnection
- CreateCustomerGateway
- ModifyVpnGatewayCcnRoutes
- DescribeVpnGatewayCcnRoutes
- ModifyVpnGatewayRoutes
- DescribeVpnGatewayRoutes
- DeleteVpnGatewayRoutes
- CreateVpnGatewayRoutes
- SetVpnGatewaysRenewFlag
- Direct Connect Gateway APIs
- ReplaceDirectConnectGatewayCcnRoutes
- DescribeDirectConnectGatewayCcnRoutes
- DeleteDirectConnectGatewayCcnRoutes
- CreateDirectConnectGatewayCcnRoutes
- CreateDirectConnectGateway
- ModifyDirectConnectGatewayAttribute
- DescribeDirectConnectGateways
- DeleteDirectConnectGateway
- DisassociateDirectConnectGatewayNatGateway
- AssociateDirectConnectGatewayNatGateway
- InquirePriceCreateDirectConnectGateway
- Cloud Connect Network APIs
- SetCcnRegionBandwidthLimits
- ModifyCcnAttribute
- EnableCcnRoutes
- DisableCcnRoutes
- DetachCcnInstances
- DescribeCcns
- DescribeCcnRoutes
- DescribeCcnRegionBandwidthLimits
- DescribeCcnAttachedInstances
- DeleteCcn
- CreateCcn
- AttachCcnInstances
- ResetAttachCcnInstances
- RejectAttachCcnInstances
- AcceptAttachCcnInstances
- ModifyCcnRegionBandwidthLimitsType
- GetCcnRegionBandwidthLimits
- DescribeCrossBorderCompliance
- AuditCrossBorderCompliance
- ModifyCcnAttachedInstancesAttribute
- Security Group APIs
- ReplaceSecurityGroupPolicies
- DeleteSecurityGroup
- DescribeSecurityGroupPolicies
- ModifySecurityGroupAttribute
- CreateSecurityGroup
- CreateSecurityGroupPolicies
- DescribeSecurityGroups
- DeleteSecurityGroupPolicies
- ModifySecurityGroupPolicies
- ReplaceSecurityGroupPolicy
- DescribeSecurityGroupAssociationStatistics
- DescribeSecurityGroupReferences
- CreateSecurityGroupWithPolicies
- CloneSecurityGroup
- Network ACL APIs
- Network Parameter Template-Related APIs
- CreateAddressTemplate
- CreateAddressTemplateGroup
- CreateServiceTemplate
- CreateServiceTemplateGroup
- DeleteAddressTemplate
- DeleteAddressTemplateGroup
- DeleteServiceTemplate
- DeleteServiceTemplateGroup
- DescribeAddressTemplateGroups
- DescribeAddressTemplates
- DescribeServiceTemplateGroups
- DescribeServiceTemplates
- ModifyAddressTemplateAttribute
- ModifyAddressTemplateGroupAttribute
- ModifyServiceTemplateAttribute
- ModifyServiceTemplateGroupAttribute
- Network Detection-Related APIs
- Flow Log APIs
- Gateway Traffic Monitor APIs
- Private Link APIs
- CreateVpcEndPointService
- DescribeVpcEndPointService
- ModifyVpcEndPointServiceAttribute
- DeleteVpcEndPointService
- CreateVpcEndPointServiceWhiteList
- DescribeVpcEndPointServiceWhiteList
- ModifyVpcEndPointServiceWhiteList
- EnableVpcEndPointConnect
- DeleteVpcEndPointServiceWhiteList
- DescribeVpcEndPoint
- CreateVpcEndPoint
- ModifyVpcEndPointAttribute
- DeleteVpcEndPoint
- DisassociateVpcEndPointSecurityGroups
- Snapshot Policy APIs
- Other APIs
- Data Types
- Error Codes
- 常见问题
- 联系我们
- 词汇表
参数模板使用案例
参数模板是安全组添加规则时一种高效、快捷、易维护的添加方式,例如当您需要添加多个地址段、指定 IP,及多个类型的协议端口时,可以定义参数模板,后期也可以通过参数模板来维护安全组规则中的 IP 来源和协议端口。
说明:
文中所有 IP 地址和协议端口均为举例,实际配置时,请根据业务实际情况进行替换。
示例描述
假设某用户期望配置如下安全组规则,且后续需要更新入站的来源 IP 范围和协议端口:
入站规则:
允许来源 IP 范围:10.0.0.16-10.0.0.30,协议端口:TCP:80,443
允许来源 CIDR 网段:192.168.3.0/24,协议端口:TCP:3600-15000
出站规则:
拒绝目标 IP 地址:192.168.10.4,协议端口为:TCP:800
解决方案
由于用户多个 IP 网段和协议端口有相同的安全组策略,且后续需要更新来源 IP 范围,因此可结合参数模板来实现安全组规则的添加维护。
步骤一:新建参数模板
1. 登录 私有网络控制台。
2. 选择左侧目录中的安全 > 参数模板,进入管理页面。
3. 在IP 地址页签,单击**+新建**,分别新建用于添加入站、出站规则的 IP 地址参数模板。
4. 在弹框中,输入来源 IP 地址范围,并单击提交。
新建成功的 IP 地址参数模板如下图所示。
5. 在“协议端口”页签,单击新建,分别新建用于添加入站、出站规则的协议端口参数模板。
新建成功的协议端口参数模板如下图所示。
步骤二:添加安全组规则
1. 登录 私有网络控制台。
2. 选择左侧目录中的安全 > 安全组,进入管理页面。
3. 在列表中,找到需要引用参数模板的安全组,单击其 ID,进入详情页。
4. 在入站规则 / 出站规则页签中,单击添加规则。
5. 在弹框中选择自定义类型,来源/目标分别选择对应的 IP 参数模板,协议端口分别选择对应的协议端口参数模板,并单击完成。
步骤三:更新参数模板
假设用户需要增加 IP 来源为10.0.1.0/27网段,协议端口为 UDP:58 的入站规则。可以直接更新 IP 地址 ipm-0ge3ob8e 和协议端口 ppm-4ty1ck3i 的参数模板。
1. 在参数模板的“IP 地址”页签,找到 ipm-0ge3ob8e 参数模板。
2. 在右侧单击编辑。
3. 在弹框中,换行增加10.0.1.0/27网段,单击提交。
4. 在参数模板的“协议端口”页签,找到 ppm-4ty1ck3i 参数模板。
5. 在右侧单击编辑。
6. 在弹框中,换行增加 UDP:58 入站协议端口,单击提交。
是
否
本页内容是否解决了您的问题?