Improper settings of security group rules may impose serious security risks. You can modify improper rules in a security group.


You have created a security group, and added security group rules in that security group.


  1. Log on to the ECS console.
  2. In the left-side navigation pane, choose Network & Security > Security Groups.
  3. In the top navigation bar, select a region.
  4. On the Security Groups page, find the target security group, and then click Add Rules in the Actions column.
  5. Click the traffic direction to which a security group rule applies.
    • If you need to modify security group rules for a VPC, select Inbound or Outbound.
    • If you need to modify security group rules for the classic network, select Internal Network Inbound, Internal Network Outbound, Internet Inbound or Internet Outbound.
  6. Find the target security group rule, and click Modify in the Actions column. For how to configure security group rules, see Add security group rules. For use cases of security group rules, see Typical applications of security group rules.

API operations

You can call ModifySecurityGroupRule to modify an inbound rule.

What to do next