Networking

• 1: VPC
• 1.1: Overview
• 1.1.1: ServiceWatch Metrics
• 1.2: How-to guides
• 1.2.1: Subnet
• 1.2.2: Port
• 1.2.3: Internet Gateway
• 1.2.4: NAT Gateway
• 1.2.5: Public IP
• 1.2.6: Private NAT
• 1.2.7: VPC Endpoint
• 1.2.8: VPC Peering
• 1.2.9: Transit Gateway
• 1.2.10: PrivateLink Service
• 1.2.11: PrivateLink Endpoint
• 1.2.12: NAT Logging
• 1.3: API Reference
• 1.4: CLI Reference
• 1.5: Release Note
• 2: Security Group
• 2.1: Overview
• 2.2: How-to guides
• 2.2.1: Security Group Logging
• 2.3: API Reference
• 2.4: CLI Reference
• 2.5: Release Note
• 3: Load Balancer
• 3.1: Overview
• 3.2: How-to guides
• 3.2.1: LB Server Group
• 3.2.2: LB Health Check
• 3.3: API Reference
• 3.4: CLI Reference
• 3.5: Release Note
• 4: DNS
• 4.1: Overview
• 4.1.1: TLD List
• 4.2: How-to guides
• 4.2.1: Private DNS
• 4.2.2: Hosted Zone
• 4.2.3: Public Domain Name
• 4.3: Release Note
• 5: VPN
• 5.1: Overview
• 5.2: How-to guides
• 5.2.1: VPN Tunnel
• 5.3: API Reference
• 5.4: CLI Reference
• 5.5: Release Note
• 6: Firewall
• 6.1: Overview
• 6.2: How-to guides
• 6.2.1: Firewall Logging
• 6.3: API Reference
• 6.4: CLI Reference
• 6.5: Release Note
• 7: Direct Connect
• 7.1: Overview
• 7.1.1: ServiceWatch Metrics
• 7.2: How-to guides
• 7.3: API Reference
• 7.4: CLI Reference
• 7.5: Release Note
• 8: Cloud LAN-Campus
• 8.1: Overview
• 8.2: How-to guides
• 8.3: Release Note
• 9: Cloud LAN-Data Center
• 9.1: Overview
• 9.2: How-to guides
• 9.2.1: vDevice
• 9.2.2: Interface
• 9.2.3: vCable
• 9.2.4: vEdge
• 9.3: Release Note
• 10: Cloud WAN
• 10.1: Overview
• 10.1.1: Monitoring Metrics
• 10.2: How-to guides
• 10.3: Release Note
• 11: SASE
• 11.1: Overview
• 11.2: How-to guides
• 11.3: Release Note
• 12: Cloud Last Mile
• 12.1: Overview
• 12.2: How-to guides
• 12.3: Release Note
• 13: Global CDN
• 13.1: Overview
• 13.2: How-to guides
• 13.3: API Reference
• 13.4: CLI Reference
• 13.5: Release Note
• 14: GSLB
• 14.1: Overview
• 14.2: How-to guides
• 14.3: API Reference
• 14.4: CLI Reference
• 14.5: Release Note
• 15: Cloud Virtual Circuit
• 15.1: Overview
• 15.2: How-to guides
• 15.3: Release Note
• 16: Private 5G Cloud
• 16.1: Overview
• 16.2: How-to guides
• 16.3: Release Note

1 - VPC

1.1 - Overview

Service Overview

Samsung Cloud Platform provides VPC services to support the use of logically separated, customer-dedicated private network spaces in the cloud environment.
VPC (Virtual Private Cloud) is a service that provides a logically isolated, customer-dedicated private network space in a cloud environment. Depending on the usage purpose, you can create a General Subnet and a Local Subnet for communication between servers, and you can freely select NAT Gateway and Internet Gateway to configure various networks. You can create multiple VPCs and operate them independently. VPC Peering allows configuration of connections between VPCs.

Service Architecture Diagram

Components

Subnet

Subnet means the IP address range of a VPC. Depending on the purpose, use a General Subnet to create a Subnet for Public or Private use. It is a service that allows users to segment the network within a VPC according to their purpose/scale. Subnet provides a Local Subnet for communication between a regular Subnet and a server.

• General Subnet Create/Read/Delete: When creating a VPC, the Subnet that is created by default is used according to purpose. For example, it can be used by distinguishing between a Public Subnet that can use the Internet and a Private Subnet that cannot use the Internet.

• VPC Endpoint Subnet Create/Read/Delete: It is possible to access the Samsung Cloud Platform via a private connection from an external network connected to the VPC, allowing entry to the VPC.

• Local Subnet creation/query/deletion: It does not allow connections to other Subnets or external access, and is a Subnet that only permits direct connections between Virtual Server-Virtual Server or Bare Metal Server-Bare Metal Server, so only settings between Virtual Server-Virtual Server within the VPC are possible.

Subnet types

It means Sub_network and is an IP address space subdivided into small units for use in IP networks. Subnet types are divided according to how routing for the Subnet is configured.

Internet Gateway

You can create an Internet Gateway to connect to a VPC, view detailed information, or delete an unused Internet Gateway. You can use an Internet Gateway to connect VPC resources to the internet.
You can assign a public IP to instances and load balancers that can be connected to the internet, allowing access from outside.

NAT Gateway

Create a NAT Gateway, connect it to a subnet, view detailed information, or delete an unused NAT Gateway.
To create a NAT Gateway for a subnet, you must first create an Internet Gateway and attach it to the VPC. Creating a NAT Gateway allows internet access for all resources in the subnet. To restrict internet access, apply firewall rules.
A NAT Gateway can be created when it is of the General type, and it is a service that maps a single representative public IP for a Virtual Server without a public IP NAT, for outbound internet usage.

Public IP

If you want to use the same IP address each time you stop and start an instance, you reserve a Public IP and use it.
This is a service that creates a desired public IP within the available Public IP Pool of Samsung Cloud Platform and assigns it to compute resources for use.
Compute resources assigned with the designated public IP will not have their IP changed even if they are rebooted.

Port

Provides a connection point to connect a single device such as a server’s NIC to the network. This allows addition beyond the default provided NIC.

VPC Endpoint

Provides an entry point of the VPC that can access the Samsung Cloud Platform via a Private connection from an external network connected to the VPC.

VPC Peering

Through a 1:1 private route between VPCs, IP communication is possible. By default, peering is provided between VPCs in the same Account, and only one connection is allowed between different Accounts.

Private NAT

You can map and connect the customer’s IP using Direct Connect from compute resources within the VPC.

Transit Gateway

Transit Gateway connects the customer’s network and Samsung Cloud Platform’s network easily and serves as a gateway service that acts as a connection hub for multiple VPCs within the cloud environment.
Through Transit Gateway, customers can configure various network topologies they desire. Additionally, it provides independent firewall configuration and routing functions for each connected network segment, allowing thorough security management.

PrivateLink

It is a service that connects internal data of Samsung Cloud Platform to a private path between VPC and SCP services without exposing it to the internet.

• PrivateLink Service is for service providers, and PrivateLink Endpoint is for service users.

Constraints

The VPC of Samsung Cloud Platform limits the number of VPCs and Subnets created as follows.

Prior Service

VPC has no preceding service.

1.1.1 - ServiceWatch Metrics

VPC - Internet Gateway sends metrics to ServiceWatch. The metrics provided by basic monitoring are data collected at a 5-minute interval.

Basic Indicators

Internet Gateway

The following are the basic metrics for the Internet Gateway namespace.

1.2 - How-to guides

The user can enter the essential information of the VPC service and create the service by selecting detailed options through the Samsung Cloud Platform Console.

Create VPC

You can create and use VPC services on the Samsung Cloud Platform Console.

To create a VPC, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC creation button. It moves to the VPC creation page.

• Service Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  VPC name	required	name of the VPC to be created enter within 3~20 characters using English letters and numbers
  IP range	required	IP range to be used In IP range format, enter within the range of /16 ~ /24 Example: 192.168.0.0/16 ~ /24
  Description	Selection	Enter a description of the VPC

  Table. VPC Service Information Input Items
• Additional Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Tag	Selection	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. VPC Additional Information Input Items

3. Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the VPC list page.

VPC detailed information check

VPC service is a service that can check and modify the entire resource list and detailed information. The VPC details page consists of details, tags, and operation history tabs.

To check the VPC details, follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC menu. It moves to the VPC list page.
3. VPC list page, click on the resource to check the detailed information. It moves to the VPC details page.

• VPC Details page displays status information and additional feature information, and consists of Details, Tags, Task History tabs.

  Classification	Detailed Description
  Status	VPC’s status Active: normal operation in progress Deleting: deletion in progress Creating: creation in progress Error: current status cannot be confirmed <li;if it occurs continuously, contact the registered administrator
  Service Cancellation	Button to cancel the service To cancel the VPC, there should be no connected services. When the service is canceled, the operating service may be stopped immediately, so proceed with the cancellation work after fully considering the impact that occurs when the service is stopped

  Table. VPC Status Information and Additional Features

Detailed Information

VPC List page where you can check the detailed information of the selected resource and modify the information if necessary.

Tag

VPC List page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

VPC list page where you can check the work history of the selected resource.

VPC Cancellation

You can cancel the unused VPC to reduce operating costs. However, when canceling the service, the operating service may be stopped immediately, so you should consider the impact of stopping the service sufficiently before proceeding with the cancellation work.

To cancel the VPC, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC menu. It moves to the VPC list page.
3. VPC list page, select the resource to be canceled and click the service cancellation button.
4. Once the cancellation is complete, check if the resource has been cancelled on the VPC list page.

1.2.1 - Subnet

Subnet creation

You can create and use the VPC Subnet service on the Samsung Cloud Platform Console.

To create a subnet, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Subnet creation button. It moves to the Subnet creation page.

• Service Information Input area, please enter or select the required information.

  Classification	Necessity	Detailed Description
  Subnet type	required	Select the Subnet type. General: Public and Private configuration possible Local: Can be specified by selecting either Virtual Server or Bare Metal Server VPC Endpoint: VPC Endpoint configuration possible Local Subnet is a Subnet for communication between servers only, and external communication is not possible
  VPC name	required	select a VPC to connect the subnet from the list of currently created VPCs
  Subnet name	required	name of the Subnet to be created enter within 3-20 characters using English uppercase and lowercase letters, and numbers
  IP range	required	IP range to be used In the format of IP range, enter within the range of /16 ~ /28 Example: 192.168.0.0/22 ~ /27 The IP range cannot be duplicated with the IP range (other subnets) currently in use within the VPC
  Gateway	Selection	The Subnet’s Gateway address is displayed If you enter the IP range, the corresponding IP will be automatically displayed

  Table. VPC Subnet service information input items
• Additional Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Description	Selection	Enter a description for the Subnet
  IP allocation range	selection	range setting possible within the IP range to be used default: entire IP range Subnet sub-resources are assigned an IP within the entire IP range or the range individually specified by the user
  DNS Name Server	Select	Use Select and then enter DNS Name Server IP
  host path	selection	use select and enter the host path after selection destination IP ranges should not overlap with each other
  Tag	Selection	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. Subnet Additional Information Input Items

3. Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the Subnet list page.

Subnet detailed information check

Subnet service can check and modify the entire resource list and detailed information. The Subnet detail page consists of detailed information, tags, and operation history tabs.

To check the subnet detailed information, follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Subnet button. It moves to the Subnet list page.
3. Subnet list page, click on the resource to check the detailed information. It moves to the Subnet details page.

• Subnet details page displays status information and additional feature information, and consists of details, tags, operation history tabs.

  Classification	Detailed Description
  Status	Status of Subnet Active: normal operation in progress Creating: creation in progress Deleting: deletion in progress Failed: failed to create Error: current status unknown if it occurs continuously, contact the registered administrator
  Subnet deletion	Button to delete subnet

  Table. Subnet status information and additional functions

Detailed Information

Subnet list page where you can check the operation history of the selected resource.

Tag

Subnet list page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

Sunnet list page where you can check the work history of the selected resource.

Subnet cancellation

You can delete unused Subnet. However, since Subnet cannot be recovered once deleted, you should consider the impact of deleting the Subnet sufficiently before proceeding with the deletion work.

To delete a subnet, follow these procedures.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Subnet menu. It moves to the Subnet list page.
3. Subnet list page, click the resource to be deleted. It moves to the Subnet details page.
4. Subnet details page, click the delete button.
5. After deletion is complete, it checks if the resource has been deleted from the Subnet list.

Preceding service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service and prepare in advance for more details.

1.2.2 - Port

Port creation

You can create and use the Port service on the Samsung Cloud Platform Console.

To create a port, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Port creation button. Move to the Port creation page.

• Service Information Input area, please enter or select the required information.

  Classification	Necessity	Detailed Description
  VPC Name	Required	Select a VPC to create a port
  Subnet name	required	Select the Subnet to create a Port
  Port name	required	A name that can easily identify the port Enter within 3-20 characters using English uppercase and lowercase letters, and numbers
  IP allocation method	required	IP allocation method selection automatic allocation: IP is automatically allocated within the IP allocation range of Subnet direct input: The input IP is allocated within the subnet range fixed IP address Enter the IP address to be used for the Port
  Description	Selection	Enter a description of the Port
  Security Group	Selection	Use Select up to 5 Security Groups when selected

  Table. Port Service Information Input Items
• Additional Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Tag	Selection	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. Additional Port Information Input Items

3. Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the Port list page.

Port detailed information check

Port service allows you to check and modify the entire resource list and detailed information. Port details page consists of detailed information, tags, work history tabs.

Port detailed information to confirm, please follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Port menu. It moves to the Port list page.
3. Port list page, click the resource (Port name) to check the detailed information. It moves to the Port details page.

• Port Details page displays status information and additional feature information, and consists of Details, Tags, Work History tabs.

  Classification	Detailed Description
  Status	Port’s status Active: normal operation in progress Down: not connected to a resource, or connected but not operating Build: being created Error: current status cannot be confirmed if it occurs continuously, contact the registered administrator
  Port deletion	Button to delete the port

  Table. Port Status Information and Additional Functions

Detailed Information

Port list page where you can check the detailed information of the selected resource and modify the information if necessary.

Tag

Port list page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

Port list page where you can check the work history of the selected resource.

Port deletion

You can release unused Port to reduce operating costs. However, if you delete the Port, the service in operation may be stopped immediately, so you should consider the impact of stopping the service sufficiently and proceed with the cancellation work.

To delete a Port, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Port menu. It moves to the Port list page.
3. Port list page, click the resource (Port name) to be deleted. It moves to the Port details page.
4. Port details page, click the delete button.
5. After deletion is complete, it checks if the resource has been deleted from the Port list.

Preceding service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service and prepare in advance for more details.

1.2.3 - Internet Gateway

Internet Gateway creation

You can create and use the Internet Gateway service on the Samsung Cloud Platform Console.

To create an Internet Gateway, follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Create Internet Gateway button. It moves to the Create Internet Gateway page.

• Service Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  VPC name	required	Select a VPC connected to the Internet Gateway
  classification	essential	Select Internet Gateway type
  Internet Gateway name	selection	automatically generated as IGW_{VPC name}
  Description	Selection	Enter a description for the Internet Gateway
  Firewall use	selection	Firewall usage selection
  Firewall log storage option	Select	Select whether to store the Firewall log Store access logs when using the Firewall For more information, see How to use Firewall log storage

  Table. Internet Gateway service information input items
• Additional Information Input area, please enter or select the required information.

  Classification	Necessity	Detailed Description
  Tag	Selection	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. Additional Information Input Items for Internet Gateway

3. Summary panel where you can check the detailed information generated and the expected billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the Internet Gateway list page.

Internet Gateway detailed information check

Internet Gateway 서비스는 전체 자원 목록과 상세 정보를 확인하고 수정할 수 있습니다. Internet Gateway 상세 페이지에서는 상세 정보, 태그, 작업 이력 탭으로 구성되어 있습니다. -> Internet Gateway service can check and modify the entire resource list and detailed information. The Internet Gateway details page consists of details, tags, and operation history tabs.

Internet Gateway detailed information to confirm, please follow the next procedure.

1. All Services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Internet Gateway menu. It moves to the Internet Gateway list page.
3. Internet Gateway list page, click on the resource to check the detailed information. It moves to the Internet Gateway details page.

• Internet Gateway details page displays status information and additional feature information, and consists of details, tags, operation history tabs.

  Classification	Detailed Description
  Status	Internet Gateway Status Creating: Resource creation in progress Active: Connected Deleting: Deletion in progress Error: Current status cannot be confirmed If this occurs continuously, please contact the registered administrator
  Internet Gateway deletion	Internet Gateway delete button

  Table. Internet Gateway Status Information and Additional Functions

Detailed Information

Internet Gateway list page where you can check the detailed information of the selected resource and modify the information if necessary.

Tag

Internet Gateway list page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

Internet Gateway list page where you can check the operation history of the selected resource.

Internet Gateway resource management

Internet Gateway log storage usage, etc. can be managed to manage resources.

NAT log storage usage

To use NAT log saving, follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Internet Gateway menu. It moves to the Internet Gateway list page.
3. Internet Gateway list page, click the resource to check the detailed information. It moves to the Internet Gateway details page.
4. Modify NAT log storage button, click. Modify NAT log storage popup window will move to.
5. NAT log storage modification In the popup window, select use for the log storage and click the confirm button.

Do not use NAT log storage

To use NAT log saving, follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Internet Gateway menu. It moves to the Internet Gateway list page.
3. Internet Gateway list page, click on the resource to check the detailed information. It moves to the Internet Gateway details page.
4. Modify NAT log storage status button, click. Modify NAT log storage status popup window will move to.
5. NAT log storage modification In the popup window, uncheck use of the log storage and click the confirm button.
6. Notification Check the message in the popup window and click the Confirm button.

Internet Gateway deletion

To delete the Internet Gateway, follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Internet Gateway menu. It moves to the Internet Gateway list page.
3. Internet Gateway list page, click the resource to be deleted. It moves to the Internet Gateway details page.
4. Internet Gateway details page, click the Delete button.
5. After the deletion is complete, it checks if the resource has been deleted from the Internet Gateway list.

Preceding service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service and prepare in advance for more details.

1.2.4 - NAT Gateway

NAT Gateway creation

You can create and use the NAT Gateway service on the Samsung Cloud Platform Console.

To create an NAT Gateway, follow the next procedure.

1. All services > Networking > VPC menu, click. It moves to the Service Home page of VPC.
2. Service Home page, click the Create NAT Gateway button. It moves to the Create NAT Gateway page.

• Service Information Input area where you can input or select the necessary information.

  Classification	Mandatory	Detailed Description
  VPC name	required	Select the VPC to be connected
  Subnet name	required	select the connected Subnet
  NAT Gateway name	selection	created as NAT_GW_{subnet name}
  IP for NAT Gateway	required	Select Public IP for NAT Gateway
  Description	Selection	Enter a description for the NAT Gateway

  Table. NAT Gateway service information input items
• Additional Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Tag	Selection	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. NAT Gateway Additional Information Input Items

3. Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the NAT Gateway list page.

NAT Gateway detailed information check

NAT Gateway 서비스는 전체 자원 목록과 상세 정보를 확인하고 수정할 수 있습니다. NAT Gateway details 페이지에서는 details, tags, operation history 탭으로 구성되어 있습니다.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the NAT Gateway menu. It moves to the NAT Gateway list page.
3. NAT Gateway list page, click the resource to check the detailed information. It moves to the NAT Gateway details page.

• NAT Gateway details page displays status information and additional feature information, and consists of details, tags, operation history tabs.

  Classification	Detailed Description
  Status	NAT Gateway’s status Creating: Creating in progress Active: Operating normally Deleting: Deleting in progress Error: Current status cannot be confirmed If it occurs continuously, contact the registered administrator
  NAT Gateway deletion	a button to cancel the service In the case of no connected service, the NAT Gateway is canceled If the service is canceled, the operating service may be stopped immediately, so proceed with the cancellation work after fully considering the impact that occurs when the service is stopped

  Table. NAT Gateway Status Information and Additional Functions

Detailed Information

NAT Gateway List page where you can check the detailed information of the selected resource and modify the information if necessary.

Tag

NAT Gateway List page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

NAT Gateway list page where you can check the operation history of the selected resource.

NAT Gateway deletion

To delete an NAT Gateway, follow these procedures.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the NAT Gateway menu. It moves to the NAT Gateway list page.
3. NAT Gateway list page, click the resource to check the detailed information. It moves to the NAT Gateway details page.
4. NAT Gateway details page, click the delete button.
5. After deletion is complete, it checks if the resource has been deleted from the NAT Gateway list.

Preceding service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service and prepare in advance for more details.

1.2.5 - Public IP

Public IP creation

You can create and use the Public IP service on the Samsung Cloud Platform Console.

To create a public IP, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Public IP Reservation button. It moves to the Public IP Reservation page.

• Service Information Input area, please enter or select the required information.

  Classification	Necessity	Detailed Description
  Classification	Essential	Select a gateway to reserve a Public IP Default: Internet Gateway
  Description	Selection	Enter a description for the Public IP

  Table. Public IP service information input items
• Additional Information Input area, please enter or select the necessary information.

  Classification	Mandatory	Detailed Description
  Tag	Select	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. Public IP Additional Information Input Items

3. Summary panel where you can check the detailed information generated and the estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the Public IP list page.

Public IP detailed information check

Public IP service can check and modify the entire resource list and detailed information. The Public IP details page consists of details, tags, work history tabs.

Public IP detailed information to check, please follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Public IP menu. It moves to the Public IP list page.
3. Public IP list page, click on the resource to check the detailed information. It moves to the Public IP details page.

• Public IP details page displays status information and additional feature information, and consists of details, tags, operation history tabs.

  Classification	Detailed Description
  Status	Public IP Status Attached: Attached Status Reserved: Reserved Status Error: Current status unknown If it occurs continuously, contact the registered administrator
  Public IP Return	Public IP Return Button

  Table. Public IP Status Information and Additional Features

Detailed Information

Public IP list page where you can check the detailed information of the selected resource and modify the information if necessary.

Tag

Public IP list page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

Public IP list page where you can check the operation history of the selected resource.

Public IP Return

To delete a public IP, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Public IP button. It moves to the Public IP list page.
3. Public IP list page, click on the resource to check the detailed information. It moves to the Public IP details page.
4. Public IP details page, click the return button.
5. When the return is complete, Public IP list is checked to see if the resource has been deleted.

Preceding service

This is a service that must be installed beforehand to create the service, please refer to the user guide provided in advance and prepare accordingly.

1.2.6 - Private NAT

The user can enter the required information for the Private NAT service through the Samsung Cloud Platform Console, select detailed options, and create the service.

Private NAT Create

You can create and use a Private NAT service from the Samsung Cloud Platform Console.

To create a Private NAT, follow the steps below.

1. All Services > Networking > VPC Click the menu. Navigate to the VPC’s Service Home page.
2. Click the Private NAT creation button on the Service Home page. You will be taken to the Private NAT creation page.
   • Service Information Input Please enter or select the required information in the area.

     Category	Required	Detailed description
     Private NAT name	Required	Enter Private NAT name Enter using letters and numbers, 3 to 20 characters
     Direct Connect name	Required	Select Direct Connect to connect Private NAT Click + New in the list to create Direct Connect
     Connected VPC Name	Required	Display VPC connected to Direct Connect
     NAT IP range	Required	Enter the NAT IP range to use Enter in CIDR format, e.g., 192.168.2.0/23 Cannot be used overlapping with connected VPCs or other Private NAT IP ranges
     Description	Select	Enter description for Private NAT

     Table. Private NAT Detailed Information Tab Items
   • Additional Information Input Enter or select the required information in the area.

     Category	Required	Detailed description
     Tag	Select	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key, Value values

     Table. Private NAT additional information input items
3. Summary Check the detailed information and estimated billing amount generated in the panel, and click the Complete button.
   • When creation is complete, check the created resources on the Private NAT List page.

Private NAT Check detailed information

Private NAT 서비스 can view and edit the full resource list and detailed information. Private NAT 상세 페이지 consists of 상세 정보, IP 관리, 태그, 작업 이력 tabs.

Private NAT To view detailed information, follow the steps below.

1. All Services > Networking > VPC Click the menu. Navigate to the VPC’s Service Home page.
2. Click the Private NAT menu on the Service Home page. Go to the Private NAT list page.
3. Click the resource to view detailed information on the Private NAT List page. It navigates to the Private NAT Details page.

• Private NAT Details page displays status information and additional feature information, and consists of Details, IP Management, Tags, Operation History tabs.

  Category	Detailed description
  Status	Private NAT Status Active: Running Creating: Creating Deleting: Deleting Error: Error occurred
  Private NAT Delete	Button to delete Private NAT

  Table. Private NAT status information and additional features

Detailed Information

Private NAT List page allows you to view detailed information of the selected resource and, if necessary, edit the information.

IP Management

Private NAT list page, you can check the Private NAT IP, and reserve or return it.

Tag

Private NAT list page allows you to view the tag information of the selected resource, and you can add, modify, or delete it.

Work History

Private NAT List You can view the operation history of the selected resource on the page.

Private NAT IP Management

You can reserve or release a private NAT IP.

Reserve Private NAT IP

To reserve Private NAT IP, follow the steps below.

1. All Services > Networking > VPC Click the menu. Go to the VPC’s Service Home page.
2. Click the Private NAT menu on the Service Home page. You will be taken to the Private NAT List page.
3. Private NAT List page, click the resource to reserve an IP. Private NAT Details page will be opened.
4. Private NAT Details on the page, click the IP Management tab. Navigate to the IP Management tab page.
5. IP Management on the tab page, click the Private NAT IP Reservation button. The IP reservation window appears.
6. Enter the Private NAT IP to be used in the IP reservation window and click the Confirm button. A notification confirmation window appears.
7. Click the Confirm button in the notification dialog. Verify that the resource entry has been added to the IP list.

Private NAT IP Return

To return the Private NAT IP, follow the steps below.

1. All Services > Networking > VPC Click the menu. Navigate to the VPC Service Home page.
2. Click the Private NAT menu on the Service Home page. Navigate to the Private NAT List page.
3. Private NAT List page, click the resource to reserve an IP. Move to the Private NAT Details page.
4. Private NAT Details on the page, click the IP Management tab. Navigate to the IP Management tab page.
5. IP Management on the tab page, click the Return button for the IP item to be returned. The IP return window appears.
6. Verify that the selected resource from the IP list has been deleted.

Private NAT Delete

You can cancel the unused Private NAT to reduce operating costs.

To cancel Private NAT, follow the steps below.

1. Click the All Services > Networking > VPC menu. Navigate to the VPC’s Service Home page.
2. Click the Private NAT menu on the Service Home page. Navigate to the Private NAT List page.
3. Click the resource to delete on the Private NAT List page. It moves to the Private NAT Details page.
4. Click the Delete Private NAT button on the Private NAT Details page.
5. When termination is complete, check whether the resource has been deleted from the Private NAT list.

Preliminary Service

This is a service that must be installed in advance before creating this service. Please refer to the user guide provided in advance and prepare.

1.2.7 - VPC Endpoint

Create VPC Endpoint

You can create and use the VPC Endpoint service on the Samsung Cloud Platform Console.

To create a VPC Endpoint, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Endpoint creation button. It moves to the VPC Endpoint creation page.

• Service Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  VPC Name	Required	Select the VPC to create the Endpoint
  Usage > Target Service	Required	Select the target service to create a VPC Endpoint
  usage purpose > connection resource	essential	Select the resource to create a VPC Endpoint
  VPC Endpoint name	required	Enter the VPC Endpoint name Enter 3-20 characters using English and numbers
  VPC Endpoint IP > Subnet name	required	Select VPC Endpoint Subnet
  VPC Endpoint IP > IP	required	Enter the IP to be used for VPC Endpoint (example) 192.168.x.x
  Description	Selection	Enter a description for the VPC Endpoint

  Table. VPC Endpoint details tab items
• Additional Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Tag	Select	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. VPC Endpoint Additional Information Input Items
  Reference

  After registering the VPC Endpoint, to connect to internal services of the Samsung Cloud Platform, you must set up the Direct Connect firewall settings. Refer to the port information for each service and register the firewall rules.

  Service	Port Information
  DNS	TCP 53, UDP 53
  Object Storage	TCP 8080, 8443, 80, 443, 4430
  File Storage	(NFS) TCP/UDP common 111, 300, 302, 304, 2049, 635, 4045, 4046, 4049 (CIFS) UDP 135, 137, 138, 389 / TCP 135, 139, 445, 40001
  Container Registry (authentication server, Registry)	TCP 443

  Table. Allowed port information by target service

3. Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the VPC Endpoint list page.

VPC Endpoint detailed information check

VPC Endpoint service can check and modify the entire resource list and detailed information. The VPC Endpoint details page consists of details, tags, operation history tabs.

Endpoint detailed information can be checked by following the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Endpoint menu. It moves to the VPC Endpoint list page.
3. VPC Endpoint list page, click the resource to check the detailed information. It moves to the VPC Endpoint details page.

• VPC Endpoint details page displays status information and additional feature information, and consists of details, tags, operation history tabs.

  Classification	Detailed Description
  Status	VPC Endpoint status Active: normal operation in progress Creating: creation in progress Deleting: deleting resource connection Deleted: resource connection deleted
  VPC Endpoint deletion	VPC Endpoint connection resource deletion button

  Table. VPC Endpoint Status Information and Additional Features

Detailed Information

VPC Endpoint List page where you can check the detailed information of the selected resource and modify the information if necessary.

Tag

VPC Endpoint list page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

VPC Endpoint list page where you can check the operation history of the selected resource.

VPC Endpoint deletion

You can release unused Endpoints to reduce operating costs. However, deleting an Endpoint may immediately stop the service in operation, so you should consider the impact of the service stoppage sufficiently before proceeding with the cancellation work.

To cancel the VPC Endpoint, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Endpoint menu. It moves to the VPC Endpoint list page.
3. VPC Endpoint list page, click the resource to be deleted. It moves to the VPC Endpoint details page.
4. VPC Endpoint details page, click the Delete Endpoint button.
5. Once the cancellation is complete, VPC Endpoint list is checked to see if the resource has been deleted.

Preceding service

This is a list of services that must be pre-configured before creating the service. Please refer to the guide provided for each service and prepare in advance for more details.

1.2.8 - VPC Peering

The user can enter the essential information of the VPC Peering service and select detailed options through the Samsung Cloud Platform Console to create the service.

VPC Peering creation

You can create and use the VPC Peering service on the Samsung Cloud Platform Console.

To create VPC Peering, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Peering creation button. It moves to the VPC Peering creation page.

• Service Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  VPC Peering name	required	Enter the VPC Peering name Enter 3-20 characters using English and numbers
  Request VPC name	Mandatory	Select the VPC to request VPC Peering Clicking + New Creation in the list allows VPC creation
  Approval Account	Required	Select the account to approve the VPC Peering and then select the corresponding VPC or enter the information Same account selection: Select the approval VPC name Clicking + New Creation in the list allows VPC creation Different account selection: Enter the approval account ID and approval VPC ID
  Description	Selection	Enter a description for VPC Peering

  Table. VPC Peering detailed information tab items
• Additional Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Tag	Select	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. VPC Peering Additional Information Input Items

3. Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

• When connecting to a different Account’s VPC, the peering process is performed after going through an approval process, so it may take time for the connection work to be completed.
• Once creation is complete, check the created resource on the VPC Peering list page.

VPC Peering detailed information check

VPC Peering service allows you to check and modify the entire resource list and detailed information. The VPC Peering details page consists of details, rules, tags, and operation history tabs.

VPC Peering detailed information to confirm, please follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Peering menu. It moves to the VPC Peering list page.
3. VPC Peering list page, click the resource to check the detailed information. It moves to the VPC Peering details page.

• VPC Peering Details page displays status information and additional feature information, and consists of Details, Rules, Tags, Operation History tabs.

  Classification	Detailed Description
  Status	VPC Peering status Active: in operation Requesting: connecting or deleting request in progress Creating Requesting: connecting request in progress Deleting Requesting: deletion request in progress Editing: being modified Rejected: approval rejected Canceled: request canceled Error: error occurred if it occurs continuously, contact the registered administrator
  VPC Peering deletion/VPC Peering deletion request	VPC Peering resource deletion request button Cancel connection request: Possible to cancel if a VPC Peering connection is requested Approve connection: Possible to approve if a VPC Peering connection request is received Reject connection can be clicked to refuse the connection Cancel deletion request: Possible to cancel if a VPC Peering deletion is requested Approve deletion: Possible to approve if a VPC Peering deletion request is received Reject deletion can be clicked to refuse the deletion Re-approval request: Re-approval request if VPC approval is rejected

  Table. VPC Peering Status Information and Additional Features

Detailed Information

VPC Peering List page where you can check the detailed information of the selected resource and modify the information if necessary.

Rule

VPC Peering List page where you can check the rules connected to the selected resource, and add or delete them.

Tag

VPC Peering list page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

VPC Peering List page where you can check the operation history of the selected resource.

VPC Peering rule management

You can add or delete rules to VPC Peering.

Adding rules

To add rules to VPC Peering, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Peering menu. It moves to the VPC Peering list page.
3. VPC Peering list page, click the resource to be deleted. It moves to the VPC Peering details page.
4. VPC Peering details page, click the Rules tab. It moves to the Rules tab page.
5. Rule tab page where you click the Add Rule button. The add rule window appears.
6. Enter the starting point and destination in the rule addition window and click the confirm button. A notification confirmation window appears.

• It must not overlap with the already entered rules.
• It can be entered within the IP address range of the destination VPC.
• Subnet range must be entered identically.
• Destination IP range 0.0.0.0/0 cannot be used.

7. In the notification confirmation window, click the confirm button. Check if a resource item has been added to the rules list.

Deleting rules

To delete VPC Peering rules, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Peering menu. It moves to the VPC Peering list page.
3. VPC Peering list page, click the resource to be deleted. It moves to the VPC Peering details page.
4. VPC Peering details page, click the Rules tab. It moves to the Rules tab page.
5. Rule tab page where you want to delete the item, click the Delete button. A notification confirmation window appears.
6. Click the Confirm button in the notification confirmation window. Check if the selected resource has been deleted from the rule list.

VPC Peering cancellation

You can terminate unused VPC Peering to reduce operating costs.

To terminate VPC Peering within the same Account, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Peering menu. It moves to the VPC Peering list page.
3. VPC Peering list page, click the resource to be deleted. It moves to the VPC Peering details page.
4. VPC Peering details page, click the Delete VPC Peering button.
5. Once the deletion is complete, VPC Peering list is checked to see if the resource has been deleted.

Disconnect VPC Peering connected to another Account

To disconnect VPC Peering connected to a different Account, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the VPC Peering menu. It moves to the VPC Peering list page.
3. VPC Peering list page, click the resource to be deleted. It moves to the VPC Peering details page.
4. VPC Peering details page, click the VPC Peering deletion request button.
5. When the cancellation is complete, VPC Peering list is checked to see if the resource has been deleted.

• It will be normally terminated if the deletion request from the relative Account is approved.

Preceding service

This is a service that must be pre-installed before creating the service, please refer to the user guide provided in advance and prepare accordingly.

1.2.9 - Transit Gateway

The user can enter the essential information of the Transit Gateway service through the Samsung Cloud Platform Console and create the service by selecting detailed options.

Creating Transit Gateway

You can create and use the Transit Gateway service on the Samsung Cloud Platform Console.

To create a Transit Gateway, follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Create Transit Gateway button. It moves to the Create Transit Gateway page.

• Service Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Transit Gateway name	required	Enter the Transit Gateway name Enter 3-20 characters using English and numbers
  Description	Selection	Enter a description for the Transit Gateway

  Table. Transit Gateway details tab items
• Additional Information Input area, please enter or select the required information.

  Classification	Mandatory	Detailed Description
  Tag	Select	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value

  Table. Input Items for Adding Transit Gateway Information

3. Summary panel where you created detailed information and estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resource on the Transit Gateway list page.

Transit Gateway detailed information check

The Transit Gateway service can view and modify the entire resource list and detailed information. The Transit Gateway details page consists of details, connected VPC management, rules, tags, and operation history tabs.

To check the Transit Gateway details, follow the next procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Transit Gateway menu. It moves to the Transit Gateway list page.
3. Transit Gateway list page, click the resource to check the detailed information. It moves to the Transit Gateway details page.

• Transit Gateway details page displays status information and additional feature information, and consists of details, connected VPC management, rules, tags, task history tabs.

  Classification	Detailed Description
  Status	Transit Gateway status Active: in operation Creating: being created Editing: being modified Deleting: being deleted Error: error occurred
  Transit Gateway deletion	Transit Gateway resource deletion button

  Table. Transit Gateway Status Information and Additional Features

Detailed Information

Transit Gateway list page where you can check the detailed information of the selected resource and modify the information if necessary.

Managing Connected VPC

Transit Gateway list page where you can check the VPC connected to the selected resource, and add or delete it.

Rule

Transit Gateway list page where you can check the rules connected to the selected resource, and add or delete them.

Tag

Transit Gateway list page where you can check the tag information of the selected resource, and add, change or delete it.

Work History

Transit Gateway list page where you can check the operation history of the selected resource.

Transit Gateway associated service management

You can apply for, modify, and cancel the necessary Uplink, Firewall connection services to use the Transit Gateway service.

To apply for the associated services of Transit Gateway, follow the following procedure.

1. All services > Networking > VPC menu, click. It moves to the Service Home page of VPC.
2. Service Home page, click the Transit Gateway menu. It moves to the Transit Gateway list page.
3. Transit Gateway list page, click the resource to be deleted. It moves to the Transit Gateway details page.
4. Transit Gateway details page, click Connected Service (IGW, FW) line application/modification/cancellation request shortcut, it will move to the service request page.
5. Service Request page, enter or select the corresponding information in the required input field.

   Input Item	Detailed Description
   Title	Enter the title of the service request content Example: TGW Uplink line application
   Region	Select the location of the Samsung Cloud Platform Automatically entered as the region corresponding to the account
   Service	Service category and service selection Service category: Networking Service: Transit Gateway
   Work classification	Select the type you want to request Uplink line application/modification/cancellation: Enter detailed contents in the service request classification item after selecting the work classification
   Content	Write detailed items of the service application form Service request classification: Directly enter the application / modification / cancellation Account name/ID: Enter the account name and ID Transit Gateway name/ID: Enter the created Transit Gateway name and ID Applicant information: Enter the applicant’s email, phone number, etc. Service request work classification: Select and enter Uplink line connection/BM VPC Firewall connection Firewall usage: Enter whether to use the firewall
   attachment file	if you have additional files you want to share, upload them attached files can be up to 5 files, each within 5MB only doc, docx, xls, xlsx, ppt, ppts, hwp, txt, pdf, jpg, jpeg, png, gif, tif files can be attached

   Table. Associated Service Creation Request Items
6. 서비스 요청 페이지에서 request 버튼을 클릭하세요. should be translated to: 6. On the service request page, click the request button.

• Once the application is completed, Support Center > Service Request List page will show the details of your application.
• When the service request task is completed, you can check the requested resource on the Transit Gateway details page.

Managing VPC connections for Transit Gateway

You can add or remove VPCs from the Transit Gateway.

VPC Connection Addition

To add a VPC connection to Transit Gateway, follow these procedures.

1. All Services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Transit Gateway menu. It moves to the Transit Gateway list page.
3. Transit Gateway list page, click the resource to be deleted. It moves to the Transit Gateway details page.
4. Transit Gateway details page, click the Connected VPC management tab. It moves to the Connected VPC management tab page.
5. Connected VPC Management tab page, click the Add VPC Connection button. The Add VPC Connection window appears.
6. VPC 연결 추가창에서 VPC를 선택하고 confirm 버튼을 클릭하세요. notification confirmation window appears.

• Clicking +Create New on the list allows you to create and select a VPC.

7. In the notification confirmation window, click the Confirm button. Check if a resource item has been added to the VPC connection list.

VPC Connection Deletion

To delete a VPC attachment from Transit Gateway, follow these procedures.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Transit Gateway menu. It moves to the Transit Gateway list page.
3. Transit Gateway list page, click the resource to be deleted. It moves to the Transit Gateway details page.
4. Transit Gateway details page, click the Connected VPC management tab. Move to the Connected VPC management tab page.
5. Connected VPC Management tab page, click the Delete button of the item to be deleted. A notification confirmation window appears.
6. Click the Confirm button in the notification confirmation window. Check if the selected resource has been deleted from the VPC connection list.

Managing Transit Gateway’s rule management

You can add or delete rules to the Transit Gateway.

Adding rules

To add rules to Transit Gateway, follow these procedures.

1. All services > Networking > VPC menu, click. It moves to the Service Home page of VPC.
2. Service Home page, click the Transit Gateway menu. It moves to the Transit Gateway list page.
3. Transit Gateway list page, click the resource to be deleted. It moves to the Transit Gateway details page.
4. Transit Gateway details page, click the rules tab. It moves to the rules tab page.
5. Rules tab page, click the Add Rule button. The add rule window appears.
6. Enter the starting point and destination in the rule addition window and click the confirm button. A notification confirmation window appears.

• It must not overlap with the already entered rules.
• x.x.x.x/28 range can be entered.
• In case the destination is VPC
• The destination VPC IP range can be entered within the range.
• Subnet range must be entered identically.
• Destination IP range 0.0.0.0/0 cannot be used.
• In case the destination is Transit Gateway
• Some IP ranges are for management purposes, so they cannot be used.
• VPC IP address range cannot be entered.

7. In the notification confirmation window, click the confirm button. Check if a resource item has been added to the rules list.

Deleting rules

To delete Transit Gateway rules, follow these procedures.

1. All services > Networking > VPC menu, click. It moves to the Service Home page of VPC.
2. Service Home page, click the Transit Gateway menu. It moves to the Transit Gateway list page.
3. Transit Gateway list page, click the resource to be deleted. It moves to the Transit Gateway details page.
4. Transit Gateway details page, click the rules tab. It moves to the rules tab page.
5. Rule tab page click the Delete button of the item to be deleted. A notification confirmation window appears.
6. Click the Confirm button in the notification confirmation window. Check if the selected resource has been deleted from the rule list.

Transit Gateway cancellation

You can cancel the unused Transit Gateway to reduce operating costs.

To cancel the Transit Gateway, follow the following procedure.

1. All services > Networking > VPC menu is clicked. It moves to the Service Home page of VPC.
2. Service Home page, click the Transit Gateway menu. It moves to the Transit Gateway list page.
3. Transit Gateway list page, click the resource to be deleted. It moves to the Transit Gateway details page.
4. Transit Gateway details page, click the Delete Transit Gateway button.
5. Once the deletion is complete, Transit Gateway list is checked to see if the resource has been deleted.

Preceding service

This is a service that must be installed before creating this service, please refer to the user guide provided in advance and prepare.

1.2.10 - PrivateLink Service

The user can enter the required information for the PrivateLink Service through the Samsung Cloud Platform Console, select detailed options, and create the service.

PrivateLink Service Create

You can create and use a PrivateLink Service in the Samsung Cloud Platform Console.

To create a PrivateLink Service, follow these steps.

1. All Services > Networking > VPC Click the menu. Navigate to the VPC’s Service Home page.
2. Service Home page, click the Create PrivateLink Service button. Navigate to the Create PrivateLink Service page.
   • Service Information Input area, please enter or select the required information.

     Category	Required	Detailed description
     PrivateLink Service name	required	Enter PrivateLink Service name
     Approval Method	Required	Select PrivateLink Service approval method Automatic: Automatic approval when a PrivateLink Service connection request is received Manual: Manual approval after verification when a PrivateLink Service connection request is received The approval method cannot be changed after creation
     High-speed Data Transfer	Select	By default, it is in an unused state and not displayed in the Samsung Cloud Platform Console To use High-speed Data Transfer, submit a service usage request in Support Center > Contact Us, and once processing is complete, it can be selected on the screen
     VPC name	required	Select VPC to connect
     Subnet name	Required	Select the Subnet of the VPC to connect
     PrivateLink Service IP	Required	Select the Subnet to connect and enter the PrivateLink Service IP IP addresses already in use within the Subnet cannot be entered, and the first/last IP of the Subnet IP range cannot be used
     Connected Resources	Required	Select resources to connect to the selected VPC Load Balancer: Select Load Balancer to connect (cannot select LB when using Local subnet) IP: Enter Compute resource IP of the selected VPC
     Security Group	Select	Select button click to select the Security Group to connect You can select up to 5 If no Security Group is selected, all connections will be blocked
     Description	Select	Enter description for PrivateLink Service

     Table. PrivateLink Service Detailed Information Tab Items
   • Additional Information Input Enter or select the required information in the area.

     Category	Required	Detailed description
     Tag	Select	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key, Value values

     Table. PrivateLink Service Additional Information Input Items
3. Summary Check the detailed information and estimated billing amount generated in the panel, and click the Complete button.

• Once creation is complete, check the created resource on the PrivateLink Service List page.

PrivateLink Service Check detailed information

PrivateLink Service can view and edit the full resource list and detailed information. PrivateLink Service Detail page consists of Detailed Information, Connection Management, Tags, Operation History tabs.

To view detailed information of the PrivateLink Service, follow the steps below.

1. All Services > Networking > VPC Click the menu. Navigate to the VPC’s Service Home page.
2. Click the PrivateLink Service menu on the Service Home page. Navigate to the PrivateLink Service list page.
3. Click the resource on the PrivateLink Service List page to view detailed information. You will be taken to the PrivateLink Service Detail page.
   • PrivateLink Service Details page displays status information and additional feature information, and consists of Details, Connection Management, Tags, Activity History tabs.

     Category	Detailed description
     Status	PrivateLink Service status Active: Operating Creating: Being created Deleting: Being deleted Error: Error occurred
     PrivateLink Service Delete	Button to delete the PrivateLink Service resource

     Table. PrivateLink Service status information and additional features

Detailed Information

On the PrivateLink Service List page, you can view detailed information of the selected resource and, if necessary, edit the information.

Connection Management

PrivateLink Service List page, you can view the connection information of the selected resource. You can review connection requests and approve or reject them.

Tag

On the PrivateLink Service List page, you can view the tag information of the selected resource, and you can add, modify, or delete it.

Work History

You can view the operation history of the selected resource on the PrivateLink Service List page.

PrivateLink Service Cancel

You can cancel unused PrivateLink Service to reduce operating costs.

To cancel the PrivateLink Service, follow the steps below.

1. All Services > Networking > VPC Click the menu. Navigate to the Service Home page of VPC.
2. Click the PrivateLink Service menu on the Service Home page. Navigate to the PrivateLink Service list page.
3. Click the resource to delete on the PrivateLink Service List page. Navigate to the PrivateLink Service Details page.
4. Click the Delete PrivateLink Service button on the PrivateLink Service Details page.
5. When termination is complete, check whether the resource has been deleted from the PrivateLink Service list.

Preliminary Service

This is a service that must be pre-installed before creating this service. Please refer to the user guide provided in advance and prepare.

1.2.11 - PrivateLink Endpoint

The user can enter the required information for the PrivateLink Endpoint service through the Samsung Cloud Platform Console, select detailed options, and create the service.

PrivateLink Endpoint Create

You can create and use a PrivateLink Endpoint service from the Samsung Cloud Platform Console.

To create a PrivateLink Endpoint, follow these steps.

1. All Services > Networking > VPC Click the menu. Navigate to the VPC’s Service Home page.
2. Click the Create PrivateLink Endpoint button on the Service Home page. You will be taken to the Create PrivateLink Endpoint page.
   • Service Information Input Enter or select the required information in the area.

     Category	Required	Detailed description
     PrivateLink Endpoint name	Required	Enter PrivateLink Endpoint name
     VPC name	required	Select VPC to connect
     Subnet name	Required	Select the Subnet of the VPC to connect
     PrivateLink Endpoint IP	Required	Select the Subnet to connect and enter the PrivateLink Endpoint IP IP addresses already in use within the Subnet cannot be entered, and the first/last IP of the Subnet IP range cannot be used
     PrivateLink Endpoint ID	Required	Enter the PrivateLink Service ID to connect Enter using English letters and numbers, within 3-60 characters Before applying for the service, you need to verify the Service ID of the PrivateLink Service to connect; after creating the Endpoint, you must provide the Endpoint ID to the service provider
     Security Group	Select	Select button click to select the Security Group to connect You can select up to 5 If no Security Group is selected, all connections will be blocked
     Description	Select	Enter description for PrivateLink Endpoint

     Table. PrivateLink Endpoint Detailed Information Tab Items
   • Additional Information Input Enter or select the required information in the area.

     Category	Required	Detailed description
     Tag	Select	Add Tag Up to 50 can be added per resource After clicking the Add Tag button, enter or select Key, Value values

     Table. PrivateLink Endpoint Additional Information Input Items
3. Summary Check the detailed information and estimated billing amount generated in the panel, and click the Complete button.
   • When creation is complete, check the created resource on the PrivateLink Endpoint List page.
   • When connection approval is required in PrivateLink Service

PrivateLink Endpoint Check Detailed Information

PrivateLink Endpoint service can view and edit the full list of resources and detailed information. PrivateLink Endpoint Details page consists of Details, Tags, Activity History tabs.

To view detailed information of the PrivateLink Endpoint, follow the steps below.

1. All Services > Networking > VPC Click the menu. Navigate to the VPC’s Service Home page.
2. Click the PrivateLink Endpoint menu on the Service Home page. Navigate to the PrivateLink Endpoint List page.
3. Click the resource to view detailed information on the PrivateLink Endpoint List page. It navigates to the PrivateLink Endpoint Details page.
   • PrivateLink Endpoint Details The page displays status information and additional feature information, and consists of Details, Connection Management, Tags, Activity History tabs.

     Category	Detailed description
     Status	PrivateLink Endpoint status Requesting: Connection request/approval pending, Cancel request button displayed Active: Creation completed, operating Creating: Creating Deleting: Deleting Disconnected: Connection blocked Rejected: Connection rejected, Re-request approval button displayed Error: Error occurred Canceled: Connection request canceled, Re-request approval button displayed
     PrivateLink Endpoint Delete	PrivateLink Endpoint Button to delete the resource

     Table. PrivateLink Endpoint status information and additional features

Detailed Information

PrivateLink Endpoint List page allows you to view detailed information of the selected resource and, if necessary, edit the information.

Tag

PrivateLink Endpoint List page allows you to view the tag information of the selected resource, and you can add, modify, or delete it.

Work History

You can view the operation history of the selected resource on the PrivateLink Endpoint List page.

PrivateLink Endpoint Cancel

You can cancel unused PrivateLink Endpoints to reduce operating costs.

To cancel a PrivateLink Endpoint, follow the steps below.

1. All Services > Networking > VPC Click the menu. Navigate to the VPC’s Service Home page.
2. Service Home page, click the PrivateLink Endpoint menu. Navigate to the PrivateLink Endpoint List page.
3. Click the resource to delete on the PrivateLink Endpoint List page. It navigates to the PrivateLink Endpoint Details page.
4. Click the Delete PrivateLink Endpoint button on the PrivateLink Endpoint Details page.
5. When the termination is complete, check whether the resource has been deleted from the PrivateLink Endpoint list.

Prior Service

This is a service that must be pre-installed before creating this service. Please refer to the user guide provided in advance and prepare.

1.2.12 - NAT Logging

To save NAT logs, you must first create a bucket in Object Storage to save the logs, and then set the bucket as the log repository in NAT Logging, after that, by setting log saving in NAT detail inquiry, NAT logs will be saved in the Object Storage bucket.

NAT log saving requires settings in the following order.

1. To save NAT logs, you can create a bucket in Object Storage or use an existing bucket. To create a bucket, refer to Creating Object Storage.
2. To set this bucket as the log repository for NAT Logging, refer to Using NAT Logging log repository.
3. To set the log storage to use in the NAT detailed inquiry, please refer to NAT log storage usage.

NAT Logging Using the log storage

To set the NAT log storage to use, you must first set the log storage setting in NAT Logging.

1. All services > Management > Network Logging > NAT Logging menu, click. It moves to the NAT Logging list page.
2. NAT Logging List page, click the Log Storage Settings button at the top, it moves to the Log Storage Settings popup window.
3. Log Storage Settings popup window, select the Log Storage Bucket. When you select a bucket, the Log Storage Path will be displayed.
4. Log Storage Settings popup window, check the Log Storage Bucket and Log Storage Path, then click the Confirm button.
5. Notification Confirm the message in the popup window, then click the Confirm button.

NAT Logging list

NAT Logging log storage bucket is set, then the NAT Logging list is retrieved.

• All services > Management > Network Logging > NAT Logging menu is clicked. It moves to the NAT Logging list page.

  Division	Required	Detailed Description
  Resource ID	Required	NAT Resource ID
  Save target	Required	NAT resource name
  Save Registration Time	Required	NAT Log Storage Registration Time

  Table. NAT Logging list items

NAT Logging content check

Please refer to the contents below and check the saved Log contents.

NAT Logging do not use log storage

NAT Logging allows you to set the log repository to not be used.

1. All services > Management > Network Logging > NAT Logging menu should be clicked. It moves to the NAT Logging list page.
2. NAT Logging list page, click the top Log Storage Settings button. It moves to the Log Storage Settings popup window.
3. Log Storage Settings popup window, select Log Storage Bucket as Not Used, and click the OK button.

1.3 - API Reference

1.4 - CLI Reference

1.5 - Release Note

VPC

2 - Security Group

2.1 - Overview

Service Overview

Security Group is a virtual logical firewall that controls Inbound/Outbound traffic occurring in the virtual server of Samsung Cloud Platform. The target resources that can apply Security Group are Virtual Server, Database, Kubernetes Engine, etc. Security Group is applied to the port of the target resource, and multiple Security Groups can be applied according to the characteristics of each resource.

When the Security Group is created for the first time, it blocks all Inbound/Outbound traffic according to the default rules (Any/Deny).

The user can create Inbound/Outbound rules by specifying the IP address, port, and protocol, and only allowed traffic to the target resource is possible according to the created rules.

Component

The elements that make up the Security Group are as follows.

Constraints

The Security Group of Samsung Cloud Platform has a default quota (limit) set. There is a maximum number of Security Groups and Security Group rules that can be created. Samsung Cloud Platform Console is a space where you can check and manage quotas for many resources related to Samsung Cloud Platform services and request quota increases.

Preceding Service

Security Group has no preceding service.

2.2 - How-to guides

The user can enter the required information for the Security Group service through the Samsung Cloud Platform Console and create the service by selecting detailed options.

Create Security Group

You can create and use the Security Group service in the Samsung Cloud Platform Console.

To create a Security Group, follow these steps.

1. Click All Services > Networking > Security Group menu. It moves to the Service Home page of Security Group.

2. On the Service Home page, click the Create Security Group button. It moves to the Create Security Group page.

   • Enter Service Information area, please enter the necessary information.

     Division	Necessity	Detailed Description
     Security Group name	required	Name of the Security Group to be created It can use English letters, numbers, special characters(-) and can be entered up to a maximum of 255 characters Duplicated Security Group names can be used within the project
     Log storage option	Select	Security Group log storage option select Enabled: Store logs Disabled: Do not store logs Clicking Security Group Logging shortcut will move to the Security Group Logging list page

     Table. Security Group service information input items
   Reference

   To save Security Group logs, you must first create a bucket in Object Storage to save the logs, and then set the bucket as the log repository in Security Group Logging.

   • Log storage settings can be checked in Security Group Logging, and for more information, please refer to Security Group Logging.
   • If you set up a log storage, you will be charged for Object Storage fees for log storage.
   • Enter Additional Information Enter or select the required information in the area.

     Classification	Mandatory	Detailed Description
     Tag	Select	Add Tag Up to 50 can be added per resource Click the Add Tag button and enter or select Key, Value
     Description	Select	User Additional Description Up to 255 characters can be entered

     Table. Input items for adding Security Group information

3. Check the input information and click the Complete button.

   • Once creation is complete, check the created resource on the Security Group list page.

Check Security Group details

On the Security Group menu’s Security Group list page, you can check and modify the entire resource list and detailed information.

To check the Security Group details, follow the next procedure.

1. Click All services > Networking > Security Group menu. It moves to the Service Home page of Security Group.
2. On the Service Home page, click the Security Group menu. It moves to the Security Group list page.
3. Security Group list page, click the resource to check the detailed information. Move to the Security Group details page.
   • Security Group Details page displays status information and additional feature information, and consists of Details, Rules, Tags, Operation History tabs.

Detailed Information

You can check the detailed information of the selected resource in the Security Group list and modify the information if necessary.

Rule

In the rules tab, you can check the Security Group rule list and add or delete rules.

Tag

On the Security Group List page, you can check the tag information of the selected resource, and add, change, or delete it.

Work History

Security Group list page where you can check the operation history of the selected resource.

Security Group resource management

You can manage resources such as Security Group log storage settings, rule additions, and more.

Using Log Saving

To save Security Group logs, follow these procedures.

1. Click All Services > Networking > Security Group menu. It moves to the Service Home page of Security Group.
2. On the Service Home page, click the Security Group menu. It moves to the Security Group list page.
3. Security Group list page, click on the resource (Security Group name) to save the log. Move to the Security Group details page.
4. Click the Edit icon of Log Saving. It moves to the Edit Log Saving popup window.
5. Modify log storage In the 로그 저장 여부 수정 popup window, select 사용 and click the 확인 button.

Setting to not use log saving

To stop saving Security Group logs, follow these steps.

1. 모든 서비스 > Networking > Security Group menu should be clicked. It moves to the Service Home page of Security Group.
2. On the Service Home page, click the Security Group menu. It moves to the Security Group list page.
3. On the Security Group list page, click the Security Group name that does not save logs. It moves to the Security Group details page.
4. Click the Edit icon of Log Saving. It moves to the Edit Log Saving popup window.
5. Modify log saving In the pop-up window, uncheck Use for the log storage and click the OK button.
6. Check the message in the Notification popup window and click the OK button.

Add a rule

To add a Security Group rule, follow these steps.

1. Click on the menu for all services > Networking > Security Group. It moves to the Service Home page of Security Group.

2. On the Service Home page, click the Security Group menu. It moves to the Security Group list page.

3. Security Group list page, click the resource (Security Group name) to add rules. Move to the Security Group details page.

4. Click the Rules tab on the Security Group Details page. It moves to the Rules tab page.

5. Click the Rule tab and click the Add Rule button. It moves to the Add Rule popup window.

   Classification	Necessity	Detailed Description
   Direction	Required	Application target criteria, traffic access direction setting Inbound rule: External → Server Outbound rule: Server → External
   Type	Required	Protocol type selection by protocol Detailed input items vary depending on the selected protocol type
   Protocol Number	Required	If you select Custom Protocol in the protocol, enter the protocol number 1 ~ 254 values can be entered
   Protocol	Required	Protocol Type TCP, UDP, ICMP, ALL Select the desired protocol from these values ALL means all ports for all protocols
   Port Range	Required	If TCP/UDP is selected in the protocol, set the allowed port Well-known ports such as SSH, HTTP, TELENT can be selected When entering directly, values from 1 ~ 65,535 can be entered, and port range can be specified using ‘start value-end value’
   Type	Required	If you select ICMP in the protocol, set the ICMP Type Types defined as ICMP Type, such as Echo, can be used by selecting them When entering directly, values from 0 ~ 255 can be entered
   Remote	Required	Rule Remote Type Setting CIDR: Set target address by directly entering IP Security Group: Set created Security Group as target
   Remote > Destination Address	Required	If you select CIDR for the Remote type, entering the destination address is required When selecting CIDR: Enter in CIDR (IP address/subnet mask) format You can enter up to 128 addresses at once using , and -. To use the entire IP range (ANY), enter ‘0.0.0.0/0’
   원격 > Security Group	필수	Remote type is Security Group is selected, Security Group selection is required
   Description	Optional	Additional description written by the user Up to 255 characters can be entered

   Fig. Security Group rule addition details

6. Check the rules to be added, then click the Confirm button.

Rule Bulk Creation

To add multiple Security Group rules at once, follow these steps.

1. Click All Services > Networking > Security Group menu. It moves to the Service Home page of Security Group.
2. On the Service Home page, click the Security Group menu. It moves to the Security Group list page.
3. Security Group list page, click the resource (Security Group name) to add a rule. Move to the Security Group details page.
4. Click the Rules tab on the Security Group Details page. It moves to the Rules tab page.
5. Click the 규칙 tab and click the 엑셀 다운로드 button. The 규칙 bulk input Excel file will be downloaded.
6. Enter the rule information into the bulk input Excel file and save it.
7. Click the Batch Rule Input button. The Batch Rule Input popup window appears.
8. Bulk Input Rules In the Bulk Input Rules popup window, click File Attachment and attach the written Excel file, then click File Upload.
   • You cannot upload if the attached Excel file format is different from the registration form or the file is encrypted.
   • The number of bulk registration rules that can be uploaded at once is up to 100. If the maximum registration rule is exceeded, it cannot be uploaded.
   • If the maximum number of rules that can be registered in Account is exceeded, the file cannot be uploaded.
9. In the Check Rules popup window, check the details and click the Confirm button.

Deleting Rules

To delete a Security Group rule, follow these procedures.

1. Click on the menu for all services > Networking > Security Group. It moves to the Service Home page of Security Group.
2. On the Service Home page, click the Security Group menu. It moves to the Security Group list page.
3. Security Group list page, click the resource (Security Group name) to add rules. Move to the Security Group details page.
4. Click the Rule tab on the Security Group Details page. It moves to the Rule tab page.
5. Click the Delete button of the rule to be deleted in the Rules tab.

Security Group cancellation

You can delete unused Security Groups.

To cancel the Security Group, follow the procedure below.

1. Click All services > Networking > Security Group menu. It moves to the Service Home page of Security Group.
2. On the Service Home page, click the Security Group menu. It moves to the Security Group list page.
3. On the Security Group list page, select the resource (Security Group name) to be terminated and click the Service Termination button.
4. Once the cancellation is complete, please check if the resource has been cancelled on the Security Group list page.

2.2.1 - Security Group Logging

To store Security Group logs, you must first create a bucket in Object Storage to store the logs and then set the bucket as the log storage for Security Group Logging. After that, you can enable log storage in the Security Group details, and Security Group logs will start being stored in the Object Storage bucket.

To store Security Group logs, you need to follow these steps:

1. You can create a new bucket in Object Storage for storing Security Group logs or use an existing bucket. To create a bucket, refer to Creating Object Storage.
2. To set the bucket as the log storage for Security Group Logging, refer to Using Security Group Logging Log Storage.
3. To enable log storage in the Security Group details, refer to Enabling Security Group Log Storage.

Using Security Group Logging Log Storage

To enable Security Group log storage, you must first set up the log storage in Security Group Logging.

1. Click All Services > Management > Network Logging > Security Group Logging. You will be taken to the Security Group Logging List page.
2. On the Security Group Logging List page, click the Log Storage Settings button at the top. You will be taken to the Log Storage Settings popup window.
3. In the Log Storage Settings popup window, select the Log Storage Bucket. After selecting the bucket, the Log Storage Path will be displayed.
4. In the Log Storage Settings popup window, confirm the Log Storage Bucket and Log Storage Path, and then click the Confirm button.
5. Confirm the message in the Notification popup window and click the Confirm button.

Security Group Logging List

After setting up the Security Group Logging log storage bucket, you can view the Security Group Logging list.

1. Click All Services > Management > Network Logging > Security Group Logging. You will be taken to the Security Group Logging List page.

   Category	Required	Description
   Resource ID	Required	Security Group ID
   Storage Target	Required	Security Group Name
   Storage Registration Date	Required	Security Group Log Storage Registration Date

   Table. Security Group Logging List Items

Checking Security Group Logging Content

Refer to the following content to check the stored log content.

1. TCP / UDP

2. ICMP

Disabling Security Group Logging Log Storage

You can disable Security Group Logging log storage.

1. Click All Services > Management > Network Logging > Security Group Logging. You will be taken to the Security Group Logging List page.
2. On the Security Group Logging List page, click the Log Storage Settings button at the top. You will be taken to the Log Storage Settings popup window.
3. In the Log Storage Settings popup window, select Do not use for the Log Storage Bucket, and then click the Confirm button.

2.3 - API Reference

2.4 - CLI Reference

2.5 - Release Note

Security Group

3 - Load Balancer

3.1 - Overview

Service Overview

Samsung Cloud Platform’s Load Balancer (LB) service automatically distributes traffic to available servers in case of unpredictable traffic spikes or server failures, ensuring the stability and continuity of customer services.

Load Balancer is deployed in a VPC Subnet as the service endpoint provided to clients, depending on the service type (L4 / L7), and you can configure multiple services by adding a Listener to the created Load Balancer.

Listener receives client requests through the service port and processes traffic according to routing rules. L4 supports TCP/UDP/TLS protocols, L7 supports HTTP/HTTPS protocols, and in L7 you can specify LB server groups per routing condition or set a redirect response for request URLs.

The LB server group forwards requests received by the Listener to specific servers based on load balancing and health checks. The server receives client requests from the Load Balancer’s Source NAT IP through the port set on the member, and the server status is periodically monitored by the Load Balancer’s health check IP.

LB health check defines the member health check method registered in the LB server group. You can select the LB health check resource provided by default in the LB server group, or create a new one to configure monitoring suitable for the application.

Features

• Various load balancing methods: Round Robin, Least Connection, IP Hash etc. provides various load balancing methods.
• SSL authentication encryption and Offloading: Supports SSL offloading and allows selection of encryption level.
• Enhanced Security: Use a firewall to manage Load Balancer communication and view connection logs through log storage.

Service Diagram

Provided Features

• Load Balancer: Choose the service type and set the IP to be used in the Load Balancer.
• Listener: Set the protocol, port, and routing rules. You can add multiple Listeners to a single Load Balancer.
• LB server group: Set the load balancing method. LB server group can be connected to a single Load Balancer.
• Member: Select the server to add to the LB server group. You can select Virtual Server or Bare Metal Server resources created in the same VPC as the Load Balancer, or directly enter an IP.
• LB Health Check: Set the member health check method. LB health check can be registered and used in multiple LB server groups.

Components

Load Balancer consists of Load Balancer(Listener), LB server group(member), LB health check.

Load Balancer

The components that make up a Load Balancer are as follows. Depending on the settings for each component, you can configure load balancing suitable for the customer’s workload.

LB Server Group

The elements that make up the LB server group are as follows. Traffic is delivered to members of the LB server group according to the settings of each component.

LB Health Check

LB health check components are as follows. Member health checks are performed according to settings for each component.

Constraints

Samsung Cloud Platform’s Load Balancer has a default quota applied, which imposes restrictions on the number of Load Balancers, Listeners, LB server groups, and members that can be created. Through the console, you can manage current usage and request additional quota for items that can be expanded.

Preceding Service

Before creating the Load Balancer service, this is the list of services that must be pre-configured. Please refer to the guide provided for each service for detailed information and prepare in advance.

3.2 - How-to guides

The user can enter required Load Balancer information and select detailed options through the Samsung Cloud Platform Console to create a service.

Load Balancer Create

You can create and use the Load Balancer service from the Samsung Cloud Platform Console.

To create a Load Balancer, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of Load Balancer.
2. Click the Load Balancer Create button on the Service Home page. You will be taken to the Load Balancer Create page.
3. Load Balancer creation on the page, enter the information required to create the service and select detailed options.
   • Service Information Input Enter or select the required information in the area.

• Additional Information Input Enter or select the required information in the area.

  Category	Required	Detailed description
  Description	Select	Enter resource description
  Tag	Select	Add Tag Up to 50 tags can be added per resource

  Table. Load Balancer Additional Information Input Items

4. Check the created service information and the estimated billing amount, and click the Complete button.
   • When creation is complete, check the created resources on the Load Balancer List page.
     Guide

     Load Balancer service does not provide access control functionality for Service IP and service ports.
     

     • Load Balancer when creating use Firewall to manage communication between client and Load Balancer, and between Load Balancer and members with Firewall rules, and use Firewall log storage to store access logs is recommended.
     Caution

     If you use the firewall, you must add rules required for Load Balancer communication. Register the rules, paying attention to the direction for each purpose.
     

     • If you do not add the rule, the Load Balancer service will not operate correctly.

     

     Purpose	Source IP	Destination IP	Protocol	Destination Port/Type	Direction
     Client → LB connection	Client IP	LB Service IP	Listener protocol	Listener service port	Outbound
     LB → Member Connection	LB Source NAT IP	LB Server Group Member IP	LB Server Group Protocol	Member Port	Inbound
     LB → Member Health Check	LB Health Check IP	LB Server Group Member IP	Health Check Protocol	Health Check Port If the health check port and member port are different, register the member port	Inbound

     Figures and Tables. Add Load Balancer Firewall Rule

Load Balancer Check Detailed Information

The Load Balancer service can view and edit the resource list and detailed information in the Load Balancer menu. Load Balancer Details page consists of Details, Connected Resources, Tags, Activity Log tabs.

To view detailed information of the Load Balancer service, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Go to the Service Home page of the Load Balancer.
2. Click the Load Balancer menu on the Service Home page. Navigate to the Load Balancer List page.
3. Click the resource to view detailed information on the Load Balancer List page. You will be taken to the Load Balancer Details page.
   • Load Balancer Detail page displays status information and additional feature information, and consists of Detail Information, Connected Resources, Tags, Operation History tabs.

     Category	Detailed description
     Status	Load Balancer resource status Active: The service is properly activated Deleting: Processing service termination request Creating: Processing service creation request Error: Cannot determine current status due to internal error Editing: Processing service modification request
     Service termination	Load Balancer resource deletion

     Table. Load Balancer status information and additional feature items

Detailed Information

Detailed Information tab allows you to view detailed information of the selected resource from the Load Balancer list, and modify necessary information.

Connected Resources

In the Connected Resources tab, you can view the list of Listeners attached to the Load Balancer, and create or delete Listeners.

• connected resource tab, when you select the Listener item, you go to the Listener details page where you can view detailed information and edit or delete it.
• Listener Details page items, clicking the Edit icon allows you to edit the information.

Tag

Load Balancer list page allows you to view the tag information of the selected resource, and you can add, modify, or delete it.

Work History

Work History tab allows you to view the work history of the selected resource.

Load Balancer Resource Management

You can manage resources such as creating and deleting Load Balancer listeners.

Creating a Listener

Create a Listener on the Load Balancer to receive client requests and handle traffic according to the Listener settings.

Creating a Listener in L4 Load Balancer

To create a Listener in L4 Load Balancer, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Load Balancer’s Service Home page.
2. Click the Load Balancer menu on the Service Home page. Go to the Load Balancer List page.
3. Load Balancer List page, click the Load Balancer resource to create a Listener. Go to the Load Balancer Details page.
4. Click the Connected Resources tab on the Load Balancer Details page. It navigates to the Connected Resources tab page.
5. Connected Resources tab page, click the Create Listener button in the upper right.
6. Service Information Input Enter or select the required information in the area.
   • Protocol determines which information can be entered.

7. Enter Additional Information In the area, enter or select the required information.

8. Check the created service information and click the Complete button.
   • When creation is complete, check the created resources in the Load Balancer Details page’s Connected Resources tab.

Creating a Listener in L7 Load Balancer

To create a Listener in L7 Load Balancer, follow the steps below.

1. Click the All Services > Networking > Load Balancer menu. Go to the Load Balancer’s Service Home page.
2. On the Service Home page, click the Load Balancer menu. You will be taken to the Load Balancer List page.
3. Load Balancer List on the page, click the Load Balancer resource to create a Listener. Navigate to the Load Balancer Details page.
4. Click the Connected Resources tab on the Load Balancer Details page. You will be taken to the Connected Resources tab page.
5. Connected Resources tab page, click the Create Listener button at the top right.
6. Service Information Input area, enter or select the required information.
   • The information that can be entered varies according to the Protocol.

7. Additional Information Input Please input or select the required information in the area.

8. Check the created service information and click the Complete button.
   • When creation is complete, check the created resource in the Connected Resources tab of the Load Balancer Details page.

SSL Security Level Support Items

The list of TLS versions and Cipher Suites supported by the Listener for each SSL security level is as follows.

Listener Check Detailed Information

Load Balancer Details page’s Connected Resources tab by selecting a Listener you can view and edit the detailed information.

To view the detailed information of the Listener, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of Load Balancer.
2. On the Service Home page, click the Load Balancer menu. You will be taken to the Load Balancer List page.
3. Load Balancer List Click the resource to view detailed information on the page. Go to the Load Balancer Details page.
4. Click the Connected Resources tab on the Load Balancer Details page.
5. Click the Listener to view detailed information from the list of connected resources. It moves to the Listener Details page.
   • Listener Details page displays status information and additional feature information, and consists of Details, Tags, Activity History tabs.

Detailed Information

Detailed Information tab allows you to view the listener’s detailed information and edit necessary information. Detailed information varies depending on the Load Balancer in use.

L4 Load Balancer Detailed Information

L7 Load Balancer Detailed Information

Tag

You can view the tag information of the Listener, and add, modify, or delete it.

Work History

You can view the Listener’s operation history.

Edit routing rules

On the Connected Resources tab of the Load Balancer Details page, you can modify the Listener’s routing rules.

To modify the Listener’s routing rules, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to Load Balancer’s Service Home page.
2. Click the Load Balancer menu on the Service Home page. Navigate to the Load Balancer List page.
3. Load Balancer List page, click the resource to view detailed information. It navigates to the Load Balancer Details page.
4. Click the Connected Resources tab on the Load Balancer Details page.
5. Click the Listener to add a lighting condition from the list of connected resources. Listener Details page.
6. Click the Edit icon of the Routing Rule item on the Listener Details page. The Edit Routing Rule popup opens.
7. After modifying the routing rules according to the routing action, click the Confirm button.

   Category	Required or not	Detailed description
   Routing Action	-	Current routing method (cannot be modified)
   Routing Condition	Required	Routing condition can be modified when routing action is LB server group delivery URL Path: modify request URL path and LB server group (up to 20 additions possible) Host Header: modify request host and LB server group (up to 20 additions possible)
   Redirect target	Required	If the routing action is URL redirect, the redirect target can be edited Path: Can modify the changed URL path Host: Can modify the changed host Protocol/Port: Cannot modify (only HTTP → HTTPS redirect is possible)

   Table. Listener Routing Rule Modification Items

Listener Delete

To delete an unused Listener, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of the Load Balancer.
2. Click the Load Balancer menu on the Service Home page. Move to the Load Balancer List page.
3. Click the Load Balancer resource to delete the Listener on the Load Balancer List page. It navigates to the Load Balancer Detail page.
4. Load Balancer Details 페이지에서 Connected Resources 탭을 클릭하세요. Connected Resources 탭 페이지로 이동합니다.
5. On the Connected Resources tab page, click the Listener you want to delete. It navigates to the Listener Details page.
6. Click the Delete Listener button on the Listener Details page.

Load Balancer Cancel

You can cancel unused Load Balancers to reduce costs. However, since it may affect the application service, request cancellation after sufficient prior review.

To cancel the Load Balancer, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of the Load Balancer.
2. Click the Load Balancer menu on the Service Home page. You will be taken to the Load Balancer List page.
3. On the Load Balancer List page, click the resource to be terminated. It navigates to the Load Balancer Details page.
4. Click the Cancel Service button on the Load Balancer Details page.
5. Once termination is complete, check the resource termination status in the Load Balancer list.

3.2.1 - LB Server Group

Users can create an LB server group through the Samsung Cloud Platform Console and connect it to the Load Balancer’s listener.

Create LB server group

To create an LB server group, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of Load Balancer.
2. On the Service Home page, click LB server group. Navigate to the LB server group list page.
3. Click the Create LB Server Group button on the LB Server Group List page. It navigates to the Create LB Server Group page.
4. Create LB Server Group 페이지에서 서비스 생성에 필요한 정보를 입력하고 상세 옵션을 선택하세요.
   • Enter Service Information area, input or select the required information.

     Category	Required	Detailed description
     LB server group name	Required	LB server group resource name Enter 3~63 characters using English letters (uppercase and lowercase), numbers, and special characters (-_) LB server group name must be unique within the Account
     VPC	Required	Select VPC to create LB server group Select VPC where the Load Balancer that will connect to the LB server group is created
     Service Subnet	Required	Select VPC Subnet to create LB server group Select Subnet where Load Balancer that will connect to LB server group is created
     Load Balancing	Required	Select load balancing algorithm Round Robin: Distribute sequentially to registered members Weighted round robin: Distribute sequentially in proportion to the weight assigned to each member Least Connection: Distribute to the member with the fewest connections Weighted least connection: Distribute to the member with higher priority considering the weight assigned to each member and the number of connections IP Hash: Distribute to a specific member based on the hash value of the client IP address
     Protocol	Required	Select LB server group receive protocol Select the protocol to deliver to members of the LB server group
     LB health check	Required	Select LB health check Select from LB health checks created in the same Service Subnet as the LB server group

     Table. LB Server Group Service Information Input Items
   • Enter additional information Enter or select the required information in the area.

     Category	Required	Detailed description
     Description	Select	Enter resource description
     Tag	Select	Add Tag Up to 50 tags can be added per resource

     Table. LB Server Group Additional Information Input Items
5. Check the created service information and the estimated billing amount, and click the Complete button.

• Once creation is complete, check the created resources on the LB Server Group List page.

Check LB server group detailed information

LB server group menu allows you to view and edit the resource list and detailed information. The LB server group details page consists of Details, Connected Resources, Tags, Activity Log tabs.

To view detailed information of the LB server group, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of Load Balancer.

2. On the Service Home page, click LB server group. It navigates to the LB server group list page.

   • Column display can be modified by clicking the Settings button at the top right of the table.

     Category	Display status	Detailed description
     LB server group name	default	LB server group resource name
     Protocol	Default	LB Server Group Protocol
     Load Balancer	Default	Load Balancer resource name connected to LB server group
     LB Health Check	Default	Name of LB health check resource used by LB server group
     Member count	Default	Number of members registered in LB server group
     Creation Time	Default	LB Server Group Creation Time
     Status	Default	LB Server Group Resource Status

     Table. LB server group list item

3. Click the resource to view detailed information on the LB Server Group List page. It moves to the LB Server Group Details page.

• LB Server Group Details At the top of the page, status information and descriptions of additional functions are displayed.

  Category	Detailed description
  Status	LB server group resource status Active: Service is normally activated Deleting: Processing service termination request Creating: Processing service creation request Error: Cannot determine current status due to internal error If this status persists, contact via Support Center Editing: Processing service modification request
  Delete LB server group	Delete LB server group resource

  Table. LB Server Group Status Information and Additional Feature Items

Detailed Information

​ Detailed Information tab allows you to view detailed information of resources in the LB server group list, and modify the information if needed.

Linked Resources

Connected Resources tab allows you to view the list of members connected to the LB server group, and add or delete members.

Tag

LB server group list page, you can view the tag information of the selected resource, and you can add, modify, or delete it.

Work History

Work History tab allows you to view the work history of the selected resource.

Managing LB Server Group Resources

You can view the member list of the LB server group and add or remove members.

Add Member

You can add members to the LB server group to register server resources that handle client requests.

To add a member to the LB server group, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Go to the Load Balancer’s Service Home page.

2. Click LB server group on the Service Home page. You will be taken to the LB server group list page.

3. Click the resource to edit detailed information on the LB Server Group List page. You will be taken to the LB Server Group Details page.

4. LB Server Group Details 페이지에서 Connected Resources 탭을 클릭하세요. Connected Resources 탭 페이지로 이동합니다.

5. Click the Add Member button at the top right of the Connected Resources tab page.

6. Add Member After entering the required information in the popup window, click the Confirm button.

   Category	Required	Detailed description
   LB server group name	Default	LB server group name to add members
   Target Server	Required	Server information to add as member Virtual Server/Bare Metal Server: Select from the list of servers created in the same VPC as the LB server group Direct IP input: Directly input server IP Add button can be clicked to add target server
   Member Information	Required	Member Port and Weight Settings Member Name: Display server name and IP to be added as a member Port: Port that the member will receive Weight: Weight applied to load balancing When using Weighted Round Robin or Weighted Least Connection load balancing, a value between 1 and 1000 is required

   Table. LB server group member addition items

7. Check whether members have been added in the Connected Resources tab.

Member Edit

When you click a member name in the member list, you are taken to the Member Details page. You can view the member detail information, and you can click the Edit icon to change the information.

Weight Modification

Member weight can be modified by following the steps below. It can be modified when using weighted load balancing (Weighted Round Robin, Weighted Least Connection).

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of the Load Balancer.
2. Click LB Server Group on the Service Home page. You will be taken to the LB Server Group List page.
3. Click the resource to edit detailed information on the LB Server Group List page. You will be taken to the LB Server Group Details page.
4. LB Server Group Details 페이지에서 Connected Resources 탭을 클릭하세요. Connected Resources 탭 페이지로 이동합니다.
5. Connected Resources tab page, click the member to edit. Navigate to the Member Details page.
6. Click the Edit Weight button on the Member Details page.
7. Weight Modification In the popup, enter the weight to modify and click the Confirm button.
8. Check whether the weight has been modified in the Connected Resources tab.

Port Edit

To modify the member port, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of Load Balancer.
2. Click LB Server Group on the Service Home page. You will be taken to the LB Server Group List page.
3. Click the resource to edit detailed information on the LB Server Group List page. You will be taken to the LB Server Group Details page.
4. LB Server Group Details 페이지에서 Connected Resources 탭을 클릭하세요. Connected Resources 탭 페이지로 이동합니다.
5. Click the member to edit on the Connected Resources tab page. You will be taken to the Member Details page.
6. Member Details 페이지에서 Edit Port 버튼을 클릭하세요.
7. Port Modification In the popup, enter the port to modify and click the Confirm button.
8. Connected Resources tab, check whether the port has been modified.

Activation Edit

To modify member activation, follow these steps.

1. All Services > Networking > Load Balancer Click the menu. Go to the Load Balancer’s Service Home page.
2. Click LB server group on the Service Home page. You will be taken to the LB server group list page.
3. Click the resource to edit detailed information on the LB Server Group List page. It moves to the LB Server Group Details page.
4. Click the Connected Resources tab on the LB Server Group Details page. You will be taken to the Connected Resources tab page.
5. Connected Resources 탭 페이지에서 수정할 멤버를 클릭하세요. Member Details 페이지로 이동합니다.
6. Member Details 페이지에서 Edit Activation 버튼을 클릭하세요.
7. Edit Activation in the popup select Disable or Enable and click the Confirm button.
8. Check whether activation editing is enabled in the Connected Resources tab.

Member Deletion

To delete unused members, follow the steps below.

1. All Services > Networking > Load Balancer menu. Navigate to the Load Balancer’s Service Home page.
2. Click LB Server Group on the Service Home page. You will be taken to the LB Server Group List page.
3. Click the resource to edit detailed information on the LB Server Group List page. You will be taken to the LB Server Group Details page.
4. Click the Connected Resources tab on the LB Server Group Details page. Connected Resources tab page will be displayed.
5. Connected Resources tab page, click the member to delete. You will be taken to the Member Details page.
6. Click the Delete Member button on the Member Details page.
7. In the Connected Resources tab, verify if the member has been deleted.

Cancel LB server group

You can cancel an unused LB server group. However, since it may affect the application service, please request cancellation after sufficient prior review.

To cancel the LB server group, follow the steps below.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of Load Balancer.
2. Click LB Server Group on the Service Home page. You will be taken to the LB Server Group List page.
3. Click the resource to be terminated in the LB server group list. You will be taken to the LB server group details page.
4. Click the Delete LB Server Group button on the LB Server Group Details page.
5. When the termination is completed, check the resource termination status in the LB server group list.

3.2.2 - LB Health Check

Users can create LB health checks through the Samsung Cloud Platform Console and use them for LB server groups.

LB Create health check

LB health check를 생성하려면 다음 절차를 따르세요.

1. All Services > Networking > Load Balancer Click the menu. Navigate to the Service Home page of the Load Balancer.
2. Click LB Health Check on the Service Home page. You will be taken to the LB Health Check List page.
3. LB Health Check List on the page, click the LB Health Check Create button. Navigate to the LB Health Check Create page.
4. LB Health Check Creation page, enter the information required to create the service and select detailed options.
   • Service Information Input area, enter or select the required information.

     Category	Required	Detailed description
     LB health check name	Required	LB health check resource name Enter using English letters (uppercase and lowercase), numbers, and special characters (-_) with 3 to 63 characters LB health check name cannot be duplicated within an Account
     VPC	Required	Select VPC to create LB health check Select the VPC where the LB server group that will use the LB health check is created
     Service Subnet	Required	Select VPC Subnet to create LB health check Select Subnet where the LB server group that will use the LB health check is created
     Health Check Method > Protocol	Required	Health Check Protocol Select TCP or HTTP as the protocol to use for member health checks
     Health Check Method > Health Check Port	Required	Health Check Port Enter a value between 1 and 65,534 to be used as the port for member health checks
     Health check method > Interval	Required	Health check interval Default 5 seconds, input possible within 1~180 seconds
     Health Check Method > Wait Time	Required	Health Check Response Wait Time Default 5 seconds, input possible within 1~180 seconds Cannot set a value larger than the interval
     Health Check Method > Detection Count	Required	Number of times to determine health check status Default is 3 times, input possible within 1~10
     Health check method > HTTP method	Required	HTTP request method setting (HTTP protocol used when setting) Select GET, POST
     Health Check Method > URL Monitor	Required	Enter health check URL path (HTTP protocol setting when used) Enter using English letters, numbers, special characters (/.-_?&=) within 50 characters
     Health Check Method > Response Code	Required	Enter the HTTP response code to be received from the server (HTTP protocol used when setting) Enter response codes in the 200~500 range
     Health check method > Request string	Required	Enter health check request string (set when using HTTP protocol POST method) Enter the content to be included in the Request Body using English letters, numbers, special characters (/.-_?&=) within 255 bytes

     Table. LB Health Check Service Information Input Items
   • Enter additional information Please input or select the required information in the area.

     Category	Required	Detailed description
     Description	Select	Enter resource description
     Tag	Select	Add Tag Up to 50 tags can be added per resource

     Table. LB server group additional information input items
5. Summary Check the service information and estimated billing amount generated in the panel, and click the Complete button.
   • When creation is complete, check the created resources on the LB Health Check List page.