A security group is a virtual firewall that is used to control the inbound and outbound traffic of specific Elastic Compute Service (ECS) instances. After a security group is added to an ApsaraDB for MongoDB instance, the ECS instances in the security group can access the ApsaraDB for MongoDB instance. This topic describes how to add a security group.

Background information

After an ApsaraDB for MongoDB instance is created, you must add a whitelist or security group to the instance to allow external devices to access the instance. For more information about security groups, see Overview.
Note You can configure both whitelists and security groups for your ApsaraDB for MongoDB instances. In this case, IP addresses in the whitelists and the ECS instances in the security groups are allowed to access the ApsaraDB for MongoDB instances.

Usage notes

  • Only security groups of the same network type as that of the ApsaraDB for MongoDB instance can be added to the instance. For example, if the network type of the instance is VPC, you can add only security groups whose network type is VPC to the instance.
  • After you change the network type of your RDS instance, the configured security groups become invalid. In this case, you must reconfigure the security groups with the new network type.
  • You can add up to 10 security groups to a single ApsaraDB for MongoDB instance.

Procedure

  1. Log on to the ApsaraDB for MongoDB console.
  2. In the upper-left corner of the page, select the resource group and region to which the instance belongs.
  3. In the left-side navigation pane, click Replica Set Instances or Sharded Cluster Instances based on the instance type.
  4. Click the ID of an instance, or click More icon in the Actions column corresponding to the instance and select Manage.
  5. In the left-side navigation pane of the instance details page, choose Data Security > Whitelist Settings.
  6. Click Add Security Group.
  7. In the Add Security Group panel, select the security groups to be added.
    Note
    • If no security group meets your requirements, create a security group and add it to the instance. For more information about how to create a security group, see Create a security group.
    • Security groups whose names are followed by a VPC tag contain ECS instances that reside in VPCs.
  8. Click OK.