PolarDB:Configure a security group

Prerequisites

Before you begin, ensure that you have:

• A PolarDB for PostgreSQL (Compatible with Oracle) cluster

• An ECS security group in the same network type as the cluster (for example, a virtual private cloud (VPC)-type security group for a VPC-deployed cluster)

For instructions on creating an ECS security group, see Create a security group.

Constraints

• Network type must match: Add only security groups of the same network type as the cluster. For a VPC-deployed cluster, add only VPC-type security groups.

• 10-group limit: Each cluster supports up to 10 security groups.

• IP extraction behavior: When you add a security group, PolarDB extracts the current IP addresses of all ECS instances in that group and adds them to the cluster's IP whitelist. The ECS security group's own inbound and outbound rules have no effect on cluster access.

Add a security group

1. Log on to the PolarDB console.

2. In the left-side navigation pane, click Clusters.

3. In the upper-left corner, select the region where the cluster is deployed.

4. Find the cluster and click its ID.

5. In the left-side navigation pane, choose Settings and Management > Cluster Whitelists.

6. On the Cluster Whitelists page, click Select Security Group. To modify an existing security group configuration, click Configure in the Actions column instead.

   

7. In the Select Security Group panel, select one or more security groups and click OK.

   

The ECS instances in the selected security groups can now connect to the cluster.

API reference