ApsaraDB RDS:Configure a security group for an ApsaraDB RDS for PostgreSQL instance

Background

By default, a newly created RDS instance does not allow external access. To enable access, configure at least one of the following:

• IP address whitelist: Grants access to specific IP addresses or CIDR blocks. For more information, see Configure an IP address whitelist for an ApsaraDB RDS for PostgreSQL instance.

• Security group: Grants access to all ECS instances in the associated ECS security group.

You can use both methods simultaneously. When both are configured, access is granted to all IP addresses in the whitelists and all ECS instances in the associated security groups.

For more information about ECS security groups, see Create a security group.

Prerequisites

• An ApsaraDB RDS for PostgreSQL instance is created.

• An ECS security group exists with the same network type (VPC or classic network) as the RDS instance.

Limits

Note: If you change the network type of your RDS instance, all previously configured security groups become invalid. You must configure security groups that match the new network type.

Procedure

1. Go to the Instances page. In the top navigation bar, select the region in which the RDS instance resides. Then, find the RDS instance and click the ID of the instance.

2. In the left-side navigation pane, click Whitelist and SecGroup. On the page that appears, click the Security Group tab.
3. Click Add Security Group.
   Note Security groups followed by a VPC tag contain ECS instances that reside in virtual private clouds (VPCs).

   
4. Select the security group that you want to add, and then click OK.

What to do next

Create an account and a database

Related operations