Security Groups

Infrastructure > Network - Security Groups

Overview

A Security Group acts as a virtual firewall that controls the traffic for one or more Instances. When you launch an instance, you associate one or more Security Groups with the instance. You add rules to each Security Group that allow traffic to or from its associated Instances. You can modify the rules for a Security Group at any time; the new rules are automatically applied to all Instances that are associated with the Security Group.

Important

The local firewall setting must be enabled for Security Groups to be applied in the guest firewall (iptables). The local firewall setting can be enabled in Infrastructure > Clouds > Click the Cloud > Edit > Advanced Options > Local Firewall (On/Off)

Important

When then local firewall setting is enabled, Morpheus will automatically set an iptable rule to allow incoming connections on tcp port 22 from the Morpheus Appliance.

Important

If the local firewall setting is configured on a cloud that supports Security Groups natively (AWS for example), the local firewall setting is ignored and the guest firewall will not be modified. Security Groups will be attached to the instance as normal

Add Security Group

  1. Navigate to Infrastructure > Network - Security Groups

  2. Click the + Add Security Group button.

  3. From the Security Group Wizard input a name, and description.

  4. Save Changes

Add Security Group Rule

  1. Navigate to Infrastructure > Network - Security Groups

  2. Click the name of the Security Group you wish to add a rule to.

  3. From the Security Group page click the + Add Rule button.

  4. From the Rule Wizard select the rule type and input source and depending on the type selected protocol and input a port range.

  5. Save Changes

Edit Security Group rule

  1. Navigate to Infrastructure > Network - Security Groups

  2. Click the name of the Security Group you wish to edit a rule in.

  3. Click the edit icon on the row of the Security Group rule you wish to edit.

  4. Modify information as needed.

  5. Save Changes

Delete Security Group rule

  1. Navigate to Infrastructure > Network - Security Groups

  2. Click the name of the Security Group you wish to delete a rule from.

  3. Click the delete icon on the row of the Security Group rule you wish to delete.

Add Cloud Security Group

To add Cloud Security Group

  1. Navigate to Infrastructure > Clouds

  2. Click the name of the desired cloud to add a Security Group

  3. Click the Networks tab

  4. Within the “Security Groups” section, click on a Security Group to edit its rules

  5. Alternatively, click + ADD SECURITY GROUP to create a new one

Remove Cloud Security Group

  1. Navigate to Infrastructure > Clouds

  2. Click the name of the cloud to remove the Security Group from.

  3. Click the Security Groups tab.

  4. Click the Edit Security Groups button.

  5. Click the - (Minus) button of the Security Group from the Added Security Groups list to remove.

  6. Save Changes