How to create security group rules on Nebula

Security groups are essential to maintaining the safety of your services on Nebula. They manage both incoming and outgoing traffic for your resources by serving as virtual firewalls. Each security group is made up of rules that specify what kinds of network traffic are allowed or denied.

This guide takes you through how to create and manage security group rules on Nebula to ensure that your resources are secured from unauthorized access.

What you’ll need

• A Nebula account. If you don’t have one yet, join the waitlist to get started.

Setting up security group rules

When creating a new security group on the console, Nebula uses a set of default inbound and outbound rules as a measure of security. By default, all incoming traffic is blocked, and all outgoing traffic is allowed.

To control the flow of network traffic, you need to manually add inbound or outbound rules that allow necessary connections and restrict unwanted access.

To specify your security group’s inbound or outbound rules:

1. Remove the default rules

   If you haven’t already, delete the default rules to configure your own rules.

   
   
2. Select Add rule

   Specify the following details to define the allowed or denied incoming traffic.

   • Protocol: Choose TCP, UDP, or ICMP based on your needs. If you want to include all protocols, select All.

   • Port range: Enter a specific port (e.g., 22 for SSH) or a range (e.g., 80-443 for HTTP/HTTPS traffic).

   • Source: Define where traffic is allowed or denied from (e.g., a specific IP address, CIDR block, or another security group).

   
   
3. Apply your changes

   Click Save to apply the changes.

   
   

Frequently asked questions

1. How do I access my server?

To access your server, you need to configure inbound rules to allow the necessary traffic:

• SSH access: Open port 22 to allow remote login.
• HTTP access: Open port 80 to allow web traffic.
• HTTPS access: Open port 443 for secure web traffic.

2. How do I allow my services to communicate with external services or access the internet?

To enable your instances to connect to external services or access the internet, open all ports in the outbound rules. By default, Nebula allows all outbound traffic, but if restricted, configure your outbound rules to allow all traffic.

Need help?

If you have any technical questions or encounter any problems, get in touch with our Support team! We're here to help, and will provide support if you encounter any issues with NebCompute.