The page has been translated by Gen AI.

How-to guides

Users can create the service by entering the required information for the Security Group service and selecting detailed options through the Samsung Cloud Platform Console.

Create Security Group

You can create and use the Security Group service in the Samsung Cloud Platform Console.

To create a Security Group, follow these steps.

  1. Click the All Services > Networking > Security Group menu. Navigate to the Service Home page of the Security Group.
  2. Click the Create Security Group button on the Service Home page. You will be taken to the Create Security Group page.
    • Enter the required information in the Service Information Input area.
      Category
      Required status
      		Detailed description
      Security Group nameRequiredSecurity Group name to create
      • English letters, numbers, and special characters (-) can be used, and up to 255 characters can be entered
      • Duplicate Security Group names are allowed within the project
      Whether to save logsSelectSelect whether to store Security Group logs
      • Enabled: Store logs
      • Disabled: Do not store logs
      • Click Security Group Logging List Shortcut to go to the Security Group Logging list page
      Table. Security Group service information input items
Reference

To store Security Group logs, first create a bucket in Object Storage for the logs, and configure that bucket as the log repository in Security Group Logging.

  • The log storage settings can be verified in Security Group Logging, and for more details, refer to Security Group Logging.
  • If you configure a log repository, Object Storage charges for log storage will be applied.
* In the **Additional Information Input** area, enter or select the required information.







  




Category

Required

Detailed description






tag
Select
Add Tag
  • Up to 50 can be added per resource
  • After clicking the Add Tag button, enter or select Key and Value values





Explanation
Select
User additional description
  • Up to 255 characters allowed








  Table. Security Group additional information input fields
  1. Check the input information and click the Create button.
    • When creation is complete, check the created resources on the Security Group List page.

Check Security Group detailed information

On the Security Group menu’s Security Group List page, you can view and edit the full resource list and detailed information.

To view detailed information about a Security Group, follow these steps.

  1. Click the All Services > Networking > Security Group menu. Navigate to the Service Home page of the Security Group.
  2. On the Service Home page, click the Security Group menu. You will be taken to the Security Group list page.
  3. On the Security Group List page, click the resource for which you want to view detailed information. You will be taken to the Security Group Details page.
    • Security Group Details page displays status information and additional feature information, and consists of Details, Rules, Tags, Activity History tabs.
CategoryDetailed description
Service statusSecurity Group status
  • Creating: Creating
  • Active: Normal operation
  • Editing: Changing settings
  • Deploying: Deployment completed
  • Deleting: Terminating
  • Error: Error occurred
Service terminationCancel service button
Table. Security Group status information and additional features

Detailed Information

Security Group List lets you view detailed information of the selected resource and edit the information when needed.

CategoryDetailed description
serviceService name
Resource TypeResource Type
SRNUnique resource ID in Samsung Cloud Platform
Resource NameResource Name
Resource IDUnique resource ID in the service
ConstructorUser who created the service
Creation Date/TimeService creation date and time
EditorUser who edited the service information
Modification dateDate and time the service information was modified
Security Group nameResource Name
Security Group IDUnique resource ID in the service
Number of Security Group rulesThe rule quota and the number of rules currently in use for this Security Group
Security Group rule count/AccountSecurity Group rule quota for the account and the total number of rules in use across all Security Groups in the account
descriptionAdditional description written by the user
  • Click the Edit icon to edit
Whether to save logsSecurity Group log storage option
  • Enabled: Store logs
  • Disabled: Do not store logs
  • Click the Edit icon to modify the settings
Applicable ServiceThe service type, service name, and status of the service to which this Security Group is applied
Table. Security Group detailed information tab items

Rule

Security Group list page lets you view the rule list of the selected resource and add or delete rules.

CategoryDetailed description
Excel downloadBulk rule entry Excel file download button
MoreAdditional Function Button
  • Bulk Rule Input: Upload Excel file for bulk rule input
  • Delete: Delete selected rules
Advanced SearchRule Detail Search Button
Add ruleAdd Rule button
directionTraffic direction for servers with Security Group applied
  • Inbound: External → Server
  • Outbound: Server → External
Rule IDUnique ID value for the rule
Target addressTarget address for communicating with a server that has a Security Group applied
Remote Security Group nameThe Security Group resource name displayed when the target is set to a Security Group
Remote Security Group IDSecurity Group ID displayed when the target is set to a Security Group
ServiceProtocol and Port
ExplanationAdditional description written by the user
DeleteDelete rule
Table. Security Group rule tab items

tag

Security Group List page lets you view, add, modify, or delete tag information for the selected resource.

CategoryDetailed description
Tag listTag list
  • You can view the Key, Value information of the tag
  • Up to 50 tags can be added per resource
  • When entering a tag, you can search and select from the list of previously created Keys and Values
Table. Security Group Tag Tab items

Job History

You can view the operation history of the selected resource on the Security Group List page.

CategoryDetailed description
Task History ListResource Change History
  • Check operation date/time, resource name, operation details, operation result, and operator information
Table. Work History Tab Items

Managing Security Group Resources

You can manage resources such as log storage settings and rule additions for a Security Group.

Using Log Storage

Reference

To store Security Group logs, first create a bucket in Object Storage for the logs, and then configure that bucket in the log repository of Security Group Logging.

  • The log storage settings can be verified in Security Group Logging, and for more details, refer to Security Group Logging.
  • If you configure a log repository, Object Storage charges will be applied for log storage.

To save Security Group logs, follow the steps below.

  1. Click the All Services > Networking > Security Group menu. Navigate to the Service Home page of the Security Group.
  2. On the Service Home page, click the Security Group menu. You will be taken to the Security Group list page.
  3. On the Security Group List page, click the resource (Security Group name) for which you want to store logs. You will be taken to the Security Group Details page.
  4. Click the Edit icon of Log Save Status. You will be taken to the Log Save Status Edit popup window.
  5. Modify Log Saving Option In the popup window, select Use for the log repository, and click the Confirm button.
Caution
If a log storage is not configured in Security Group Logging, you cannot set the log storage use setting.

Disable log storage

To stop storing Security Group logs, follow these steps.

  1. Click the All Services > Networking > Security Group menu. Navigate to the Service Home page of the Security Group.
  2. On the Service Home page, click the Security Group menu. You will be taken to the Security Group list page.
  3. On the Security Group List page, click the resource (Security Group name) that you do not want to log. You will be taken to the Security Group Details page.
  4. Click the Edit icon of Log Save Option. It navigates to the Log Save Option Edit popup.
  5. Modify Log Saving Option In the popup window, deselect Use for the log repository, and click the Confirm button.
  6. Notification Check the message in the popup window and click the OK button.
Caution
If you disable log storage, log storage for the service will be stopped, and tracking and management through log analysis will not be possible in the event of a security incident.

Add rule

To add a Security Group rule, follow the steps below.

  1. Click the All Services > Networking > Security Group menu. Navigate to the Service Home page of the Security Group.

  2. On the Service Home page, click the Security Group menu. You will be taken to the Security Group list page.

  3. Security Group List page, click the resource (Security Group name) to which you want to add a rule. Navigate to the Security Group Details page.

  4. On the Security Group Details page, click the Rules tab. You will be taken to the Rules tab page.

  5. on the Rules tab, click the Add Rule button. You will be taken to the Add Rule popup.

    Category
    Required
    		Detailed description
    Target input methodRequiredConfigure rule remote type
    • CIDR: Set target address by directly entering IP
    • Security Group: Set to target the created Security Group
    Remote > Target addressRequiredIf CIDR is selected, you must enter the target IP address
    • Enter in CIDR (IP address/subnet mask) format
      • using , and -, you can input multiple addresses at once, up to 100.
      • Enter ‘0.0.0.0/0’ to use the entire IP range (ANY).
    Remote > Security GroupRequiredWhen Security Group is selected, a Security Group selection is required.
    typeRequiredSelect protocol type to apply the rule
    • Select destination port/Type: Select protocol type
    • Internet Protocol: Enter protocol numbers, up to 100 can be entered
    • All: Select the entire range for destination port/Type and protocol, meaning all ports for all protocols
    Type > ProtocolRequiredSelect detailed protocol for the type
    • Select the desired protocol among TCP, UDP, and ICMP; input fields vary depending on the selected protocol
    • When ICMP is selected in the protocol, you can set the ICMP Type
      • Select a commonly used Type, such as Echo, from the values defined for ICMP Type
      • Click the Add button to add an input value
    • When TCP/UDP is selected in the protocol, you can choose allowed ports such as SSH, HTTP, etc.
      • When entering manually, you can input values from 1 to 65,535, and you can enter up to 100 entries at once using commas (,) or ranges (-)
      • Click the Add button to add an input value
    • When Internet Protocol is selected in the type 1 ~ 254 Enter a protocol number within 1 to 254
    directionRequiredTarget application criteria, traffic direction configuration
    • Inbound rule: External → Server
    • Outbound rule: Server → External
    ExplanationSelectAdditional description provided by the user
    Table. Detailed items for adding Security Group rules

  6. After reviewing the rules to be added, click the Confirm button.

Batch Create Rules

To add multiple Security Group rules at once, follow these steps.

  1. Click the All Services > Networking > Security Group menu. Navigate to the Service Home page of the Security Group.
  2. From the Service Home page, click the Security Group menu. You will be taken to the Security Group list page.
  3. Security Group List page, click the resource (Security Group name) to which you want to add a rule. Security Group Details page will be displayed.
  4. On the Security Group Details page, click the Rules tab. You will be taken to the Rules tab page.
  5. Click the Excel Download button on the Rules tab. The bulk rule entry Excel file will be downloaded.
  6. Enter the rule information into the batch rule entry Excel file, then save it.
  7. More > Bulk Rule Input Click the button. Bulk Rule Input popup window opens.
  8. Batch Rule Input In the popup window, click Attach File, attach the Excel file you prepared, and click Upload File.
    • You cannot upload the attached Excel file if its format differs from the registration form or if the file is encrypted.
    • You can upload up to 100 batch registration rules at a time. If you exceed the maximum number of registration rules, the upload will not be allowed.
    • If you exceed the maximum number of rules that can be registered in the Account, you cannot upload the file.
  9. Rule Confirmation Check the details in the popup window and click the Confirm button.

Delete rule

To delete a Security Group rule, follow these steps.

  1. Click the All Services > Networking > Security Group menu. Navigate to the Service Home page of the Security Group.
  2. On the Service Home page, click the Security Group menu. You will be taken to the Security Group list page.
  3. Security Group List page, click the resource (Security Group name) for which you want to add a rule. Security Group Details page will be displayed.
  4. On the Security Group Details page, click the Rules tab. You will be taken to the Rules tab page.
  5. In the Rules tab, click the Delete button for the rule you want to delete.

Terminate Security Group

You can delete unused Security Groups.

Caution
If there are resources attached to the Security Group, you cannot terminate the Security Group service. Delete all attached resources and then terminate the service.

To delete a Security Group, follow these steps.

  1. Click the All Services > Networking > Security Group menu. Navigate to the Service Home page of the Security Group.
  2. Click the Security Group menu on the Service Home page. You will be taken to the Security Group List page.
  3. On the Security Group List page, select the resource (Security Group name) to terminate, and click the Terminate Service button.
  4. After termination is complete, check on the Security Group list page whether the resource has been deleted.
Overview
Security Group Logging