Security Groups
Security Groups place a barrier between your servers and other machines on the network to protect them from external attacks. Security Groups are network-based firewalls and stop traffic at the network layer before it reaches the server.
A security group consists set of network access rules that control incoming and outgoing traffic to instances assigned to this group. With security group rules, you can specify the type and direction of traffic that is allowed access to a virtual interface port. Traffic that does not satisfy any rule is dropped.
For each region, a default security group is automatically created in the control panel. This group allows all traffic on all ports for all protocols. When you attach a network interface to an instance, the interface is associated with the default security group, unless you explicitly select a custom security group.
When you add rules to security groups or remove them, the changes are enforced at runtime.

Disable Network Security

You have the ability to disable the security group feature per network interface of an instance. This feature is mostly required when you use a firewall distribution.

Plans and Pricing

Security Groups are free.

Regional Availability

Security Groups are available in all regions. They are region-specific resources and can only be assigned within the same region.

Limitations

  • You can manage only IPv4 security group rules.
Last modified 4mo ago