An Elastic Compute Service (ECS) security group is a virtual firewall that is used to control the inbound and outbound traffic of ECS instances in the security group. This topic describes how to configure a security group.
Scenarios
After you create a PolarDB for MySQL cluster, you cannot connect to the cluster. You must configure a security group for the PolarDB for MySQL cluster. Then, the ECS instances in the security group can access the PolarDB for MySQL cluster.
For more information about security groups and how to configure a security group in the ECS console, see Create a security group.
You can configure both IP whitelists and security groups. After you add IP addresses to IP whitelists and add ECS instances to security groups of a PolarDB for MySQL cluster, the specified IP addresses and ECS instances can access the cluster.
Precautions
The network types of a PolarDB for MySQL cluster and its security groups must be the same. For example, if your PolarDB for MySQL cluster is deployed in a virtual private cloud (VPC), you can add only security groups of the VPC type.
You can create at most 10 security groups for each PolarDB for MySQL cluster.
Procedure
- Log on to the PolarDB console.
- In the upper-left corner of the console, select the region in which the cluster that you want to manage is deployed.
- Find the cluster and click the cluster ID.
In the left-side navigation pane, choose .
On the Whitelists page, you can click Select Security Group to add a security group. You can also click Modify in the Actions column to change the security groups that you have added.
In the Select Security Groups panel, select one or more security groups and click OK.
NoteFor more information about how to create a security group, see Create a security group.
Related API operations
API operation | Description |
Queries the IP addresses that are allowed to access a specified PolarDB for MySQL cluster. | |
Modifies the IP addresses that are allowed to access a specified PolarDB for MySQL cluster. |