This topic describes how to configure a security group for an ApsaraDB RDS for MySQL instance. A security group is a virtual firewall that is used to control the inbound and outbound traffic of the Elastic Compute Service (ECS) instances in that security group. After you add a security group to your RDS instance, all the ECS instances in that security group can access the instance.
Prerequisites
- MySQL 8.0
- MySQL 5.7
- MySQL 5.6
Scenario
After your RDS instance is created, you must configure IP address whitelists or security groups for the instance. This allows the specified devices to access the instance . For more information about how to configure an IP address whitelist, see Configure an IP address whitelist for an ApsaraDB RDS for MySQL instance.
For more information about security groups, see Create a security group.
Precautions
- The security groups that you can add to your RDS instance must have the same network type as the instance. For example, if your RDS instance uses the VPC network type, you can add only the security groups of the VPC network type.
- After you change the network type of your RDS instance, the configured security groups become invalid. In this case, you must reconfigure the security groups with the new network type.
- A maximum of 10 security groups are allowed per RDS instance.
Procedure
- Click Add Security Group. Note Security groups that are followed by a VPC tag contain ECS instances that reside in virtual private clouds (VPCs).
What to do next
Create accounts and databases for an ApsaraDB RDS for MySQL instance
Related operations
| API | Description |
|---|---|
| DescribeSecurityGroupConfiguration | Queries details about the ECS security groups that are associated with an ApsaraDB RDS instance. |
| ModifySecurityGroupConfiguration | Modifies details about the ECS security groups that are associated with an ApsaraDB RDS instance. |