Copyright (c) 2006-2014 MindTouch Inc.
This file and accompanying files are licensed under the MindTouch Master Subscription Agreement (MSA).
At any time, you shall not, directly or indirectly: (i) sublicense, resell, rent, lease, distribute, market, commercialize or otherwise transfer rights or usage to: (a) the Software, (b) any modified version or derivative work of the Software created by you or for you, or (c) MindTouch Open Source (which includes all non-supported versions of MindTouch-developed software), for any purpose including timesharing or service bureau purposes; (ii) remove or alter any copyright, trademark or proprietary notice in the Software; (iii) transfer, use or export the Software in violation of any applicable laws or regulations of any government or governmental agency; (iv) use or run on any of your hardware, or have deployed for use, any production version of MindTouch Open Source; (v) use any of the Support Services, Error corrections, Updates or Upgrades, for the MindTouch Open Source software or for any Server for which Support Services are not then purchased as provided hereunder; or (vi) reverse engineer, decompile or modify any encrypted or encoded portion of the Software.
A complete copy of the MSA is available at http://www.mindtouch.com/msa
To create a new security group (or groups) to use with servers in deployments.
Table of Contents
Adding and editing security groups requires the "security_manager" role. See User Role Privileges.
Note: The "security_manager" role also enables you to run Infrastructure Audit reports (which include security group audit trail information).
Security groups are essentially firewalls for servers in the cloud. They define which ports are open to allow incoming connections to a server via specific protocols. Security groups only affect ingress (incoming) communications and do not prevent a server from initiating outbound communications.
Each server must have at least one security group assigned. By default, a new security group set up with no associated rules will deny all access to its associated servers. You must add rules in order to allow inbound traffic to the servers.
Security groups give you a flexible way to restrict server access, allowing you to set restrictions specific to particular protocols, ports, IP addresses, or combinations of these. Permissions defined in a security group are additive in nature; so, if a server has two security groups where one group has port 80 open and the other group has port 80 closed, port 80 will be open (not closed) on the server.
All firewall permissions apply to ingress communication. Create a rule for a specific port or range of ports. Create additional rules as necessary.
Use the "Add Group" feature to add security groups to other security groups or to add a security group to itself. This feature grants group-wide access permissions that apply to all servers in the added group. See Add a Security Group to another Security Group or Add a Security Group to Itself.
When experiencing communications issues with servers in a deployment, you may need to troubleshoot your security group settings. The following is a list of common issues often associated with the setup and configuration of security groups.
|Glossary | 用語 | 용어||Site Map | Site Help||Community||Corporate Site||Get Support||Dashboard Login|
|Doc Feedback||Product Feedback||Resources||MultiCloud Marketplace||Forums|
© 2006-2014 RightScale, Inc. All rights reserved.
RightScale is a registered trademark of RightScale, Inc. All other products and services may be trademarks or servicemarks of their respective owners.