Security groups are sets of IP filter rules that define networking access and are applied to all instances within a project. Group rules are project-specific; project members can edit the default rules for their group and add new rule sets. All projects have a default security group that is applied to any instance that has no other defined security group. When unmodified, the default security group denies all incoming traffic and allows only outgoing traffic to your instance. A common use case is to edit the default security group to permit SSH access and ICMP access, so that users can log into and ping instances. For information about updating global controls on the command line, see .

Log in to the dashboard as a project member. Select a project from the drop-down menu at the top of the screen. On the Project tab, click the Access & Security category. On the Security Groups tab, click Create Security Group. Provide a name and appropriate description for the group, and click Create Security Group. By default, the new rule provides outgoing access rules for the group.

Log in to the dashboard as a project member. Select a project from the drop-down menu at the top of the screen. On the Project tab, click the Access & Security category. On the Security Groups tab, click Manage rules for the appropriate security group. To add a rule, click Add Rule. Set the attributes for the rule, and click Add. The following attributes can be configured: Rule The rule protocol type. Valid types are: Custom TCP Rule.Typically used to exchange data between systems, and for end-user communication. Custom UDP Rule. Typically used to exchange data between systems, particularly at the application level. Custom ICMP Rule. Typically used by network devices (for example, routers) to send error or monitoring messages. Other Protocol: Enables you to manually specify another rule protocol, if it is not included in the list. Other standard IP protocols, including: All ICMP, All TCP, All UDP, DNS, HTTP, HTTPS, IMAP, IMAPS, LDAP, MS SQL, MYSQL, POP3, POP3S, RDP, SMTP, SMTPS, and SSH. Direction The direction of network traffic to which the rule applies: Ingress (inbound) or Egress (outbound). This option is available only when Custom TCP Rule, Custom UDP Rule, Custom ICMP Rule, All ICMP, All TCP, All UDP, or Other Protocol is selected. Open Port The Port or Port Range to open for the rule. This option is available only when Custom TCP Rule or Custom UDP Rule is selected. For a range of ports, enter port values in the From Port and To Port fields. For a single port, enter the port value in the Port field. Type Specifies the ICMP message that is being passed. This option is available only when Custom ICMP Rule is selected. Code For ICMP rules, specifies the ICMP subtype code, which provides further information about the Type message. This option is available only when Custom ICMP Rule is selected. IP Protocol For Other Protocol rules, specifies the IP protocol to be used for the rule. Specify the protocol as an integer. See http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml. This option is available only when Other Protocol is selected. Remote The source of the traffic for this rule: CIDR (Classless Inter-Domain Routing). When selected, access is limited only to IP addresses within the specified block. When selected, enter the CIDR in the CIDR field. Security Group. When selected, any instance in the selected security group can access any other group instance. When selected, choose the Security Group and the Ether Type, which can be either IPv4 or IPv6.

Log in to the dashboard as a project member. Select a project from the drop-down menu at the top of the screen. On the Project tab, click the Access & Security category. On the Security Groups tab, click Manage rules for the appropriate security group. To delete a rule, select the rule and click Delete Rule and confirm that you want to delete the rule.

Log in to the dashboard as a project member. Select a project from the drop-down menu at the top of the screen. On the Project tab, click the Access & Security category. On the Security Groups tab, select the appropriate group, and click Delete Security Group and confirm that you want to delete the group.