An Elastic Compute Service (ECS) security group is a virtual firewall that is used to control the inbound and outbound traffic of ECS instances in the security group. This topic describes how to configure a security group.

Scenarios

After you create a ApsaraDB PolarDB MySQL-compatible edition cluster, you cannot connect to the cluster. You must configure a security group for the ApsaraDB PolarDB MySQL-compatible edition cluster. Then, the ECS instances in the security group can access the ApsaraDB PolarDB MySQL-compatible edition cluster.
Note
  • For more information about security groups and how to configure a security group in the ECS console, see Create a security group.
  • You can configure both IP whitelists and security groups. After you add IP addresses to IP whitelists and add ECS instances to security groups of a ApsaraDB PolarDB MySQL-compatible edition cluster, the specified IP addresses and ECS instances can access the cluster.

Precautions

  • The network types of a ApsaraDB PolarDB MySQL-compatible edition cluster and its security groups must be the same. For example, if your PolarDB for MySQL cluster is deployed in a virtual private cloud (VPC), you can add only security groups of the VPC type.
  • You can create at most 10 security groups for each ApsaraDB PolarDB MySQL-compatible edition cluster.

Procedure

  1. Log on to the PolarDB console.
  2. In the upper-left corner of the console, select the region where the cluster is deployed.
  3. Find the cluster and click the cluster ID.
  4. In the left-side navigation pane, choose Settings and Management > Whitelists.
  5. On the Whitelists page, you can click Select Security Group to add a security group. You can also click Modify in the Actions column to change the security groups that you have added.
    Security groups
  6. In the Select Security Groups panel, select one or more security groups and click OK.
    Select security groups
    Note For more information about how to create a security group, see Create a security group.

Related API operations

API operation Description
DescribeDBClusterAccessWhitelist Queries the IP addresses that are allowed to access a specified PolarDB for MySQL cluster.
ModifyDBClusterAccessWhitelist Modifies the IP addresses that are allowed to access a specified PolarDB for MySQL cluster.