Security Groups
Overview
In Qumulus, Security Groups act as virtual firewalls for instances (virtual machines), controlling both inbound and outbound traffic at the network interface level. They are a key part of Qumulus network security model.
Security Groups provide a way to define a set of IP filter rules that determine what type of traffic is allowed to or from an instance. These rules are stateful, meaning that if you allow an incoming connection, the corresponding outgoing response is automatically allowed.
Key Concepts
Security Group
A container for firewall rules. It can be associated with one or more instances
Rule
A single access control entry that defines traffic type such as protocol, port, source allowed in or out of instances.
Default Group
All projects come with a default security group which denies all ingress and allows all egress unless modified
Creating Security Group
In Security Groups section, click create Security Group and give it a friendly name. It may be a good idea to give some description which can give some insights on what this security group does and for what purpose it was created.
Security Group Rule
Select the Security Group in which you want to create the rule. You can create Inbound rule from within Inbound Rules tab and an outbound rule from Outbound Rules tab.
Remote Type
Custom IP: If you want to add a custom IP Range
Security Group: If you want to define network traffic to/from an existing Security Group
MY IP: If you want to use your current Public IP Address
Anywhere: If you want to allow traffic for the entire internet. Be careful while selecting Anywhere for Inbound Rule
Deleting Security Group
Click three-dot (⋮) under the Action column and click delete.
Last updated