Create a Security Group

Eucalyptus enables you to control access to your cloud using security groups. A security group contains a group of rules that control inbound and outbound traffic to instances in the group for the specified protocols and ports.

Security Group section

  1. Enter a name for your security group in the Name text box.
  2. Enter a description for your security group in the Description text box.
  3. Select a Virtual Private Cloud (VPC) network from the drop-down menu.

Rules section

You can optionally create one or more rules for the security group. A rule grants a specified range of IP addresses access (inbound to or outbound from) your instances for a protocol or custom port range. Rules for many of the most popular protocols are pre-defined and available for selection in the drop-down list box, or you can define your own rule.

  1. Select Inbound to set the rules for inbound access or select Outbound to set the rules for outbound access.
    Note: The Outbound option is not available if No VPC was selected for VPC network.
    Important: You should specify at least one rule for your security group.
  2. Select a protocol for the rule from the Protocol drop-down list box, or select a custom protocol. If a custom protocol is selected:
    1. for TCP or UDP, enter a port range for the rule in the Port range text box.
    2. for ICMP, associate an ICMP type by selecting it from the drop-down list box.
    3. Identify the type of traffic to allow by selecting one of the following options:
      • To grant access to an IP address or range of IP addresses, select the IP Address radio button and enter a CIDR range in the text box.
      Note: For more information on CIDR notation, see the CIDR notation Wikipedia article.
      • To grant access to all IP addresses, click Open to all addresses. This sets the value to
      • To grant access to only your computer, click Use my IP address.
      • To grant access to a security group, select the Security group radio button and select a group from the drop-down list box or enter the name of the security group in the text box.
      Note: To specify a security group in another account, use the format accountid/groupname.
    4. Click the Add Rule button when done.
      The newly added rule displays above the rule form.
  3. Repeat as needed to add more rules.
    A list of added rules display above the rule form to indicate they have been successfully added.


To help you manage your cloud's instances, images, and other Eucalyptus resources, you can optionally assign your own metadata to resources in the form of tags. You can use tags to create user-friendly names, make resource searching easier, and improve coordination between multiple users. You can optionally add tags by performing the following steps:

Add tags

To add new tags:
  1. Type the key name for your tag into the name... text box.
    Note: Tags cannot start with "euca:" or "aws:".
  2. Type the value for your tag into the value... text box.
  3. Click the Add Tag button.
  4. If you wish to add additional tags, repeat the preceding steps.
  5. To delete one or more tags, move your mouse over the tag you wish to delete, and click the X button.

Save Your Work

Click the Create Security Group button to save your work, or click the Cancel button to cancel the operation.