A security group acts as a virtual firewall to control inbound and outbound traffic for Elastic Compute Service (ECS) instances. This topic describes how to create a custom security group in the ECS console.

Background information

A virtual private cloud (VPC) is created. This requirement must be met if you want to create a security group of the VPC type. For more information, see Create and manage a VPC.

If you have not created a security group when you create an ECS instance, a default security group is automatically created. If you want to add an ECS instance to a custom security group, perform the following operations to create the security group.

For more information about security groups, see Overview.


  1. Go to the Security Groups page.
    1. Log on to the ECS console.
    2. In the left-side navigation pane, choose Network & Security > Security Groups.
    3. In the top navigation bar, select a region.
  2. Click Create Security Group.
  3. In the Basic Information section, specify the basic information about the security group.
    1. Specify the name, description, resource group, and tags of the security group. This allows you to easily identify the security group.
    2. Specify a network. You can select the classic network or a VPC. For more information, see Network types.
    3. Specify the type of security group. You can select the basic or advanced security group type.
  4. In the Access Rule section, configure security group rules.
    By default, basic security group rules are configured in the security group. To add custom rules, perform the following steps. For more information, see Add a security group rule.
    1. Click the Inbound or Outbound tab based on the direction of the rules that you want to create.
    2. Click Add Rule.
    3. Add custom rules. For more information about security group rules, see Overview.
  5. Click Create Security Group.
    After you create the security group, you can view the security group on the Security Groups page. For more information, see Search for security groups.

What to do next


For information about how to create a security group by calling an API operation, see CreateSecurityGroup.