Understand security groups¶
Security groups are a component of network security in Rumble Cloud, providing a flexible and effective way to control access to instances. Security groups act as virtual firewalls that control the inbound and outbound traffic to instances, providing a key layer of network security. By carefully managing security groups and rules, you can enhance the security posture of your cloud environment, protecting your applications and data from potential threats. Understanding the concept of security groups is helpful for ensuring the protection and integrity of your cloud resources.
What are security groups?¶
Security groups are sets of IP filter rules that define which traffic is allowed to enter or leave the network interfaces (ports) associated with instances. Each security group rule specifies the allowed protocol (e.g., TCP, UDP, ICMP), port range, and source or destination IP address range.
Key features¶
-
Default security group: Every instance is automatically assigned to the default security group, which allows inbound traffic from instances within the same security group and outbound traffic to all destinations.
-
Custom security groups: You can create custom security groups with specific rules tailored to the needs of your applications and services.
-
Stateful filtering: Security group rules are stateful, meaning that responses to allowed inbound traffic are automatically allowed to flow out, regardless of outbound rules.
-
Rule prioritization: Rules within a security group are evaluated in order, with the first matching rule determining the action (allow or deny).
Managing security groups¶
-
Creating security groups: You can create new security groups and define rules that specify the allowed traffic. For example, to allow HTTP traffic, you would create a rule that permits TCP traffic on port 80.
-
Assigning security groups: When launching instances, you can assign one or more security groups to them. An instance's network traffic is filtered based on the rules of the assigned security groups.
-
Modifying rules: Security group rules can be added, modified, or deleted at any time. Changes are applied immediately to all instances associated with the security group.
Tips for using security groups¶
-
Least privilege: Apply the principle of least privilege by allowing only the necessary traffic for your instances and blocking all other traffic.
-
Group segmentation: Organize instances into security groups based on their roles (for example, web servers, database servers) and apply appropriate rules to each group.
-
Regular audits: Periodically review and audit your security group rules to ensure they are up-to-date and aligned with your security policies.
-
Logging and monitoring: Enable logging and monitoring of security group rules to detect and respond to any unauthorized or suspicious traffic.