Security group rules for different use cases

Security groups are a fundamental part of securing your resources on Nebula. It’s important to understand how to configure these rules properly to maintain a secure environment.

Each of the following use cases are practical examples of security group rule configurations and include clear rule definitions so you can apply them confidently to your environment.

Secure remote access via SSH

To connect to your NebCompute server using SSH, allow the following rules in its security group:

Inbound rule

This restricts access to only the specified IP, preventing unauthorized login attempts.

TypeProtocolPortSource
IPv4, IPv6TCP22Your public IPv4 address or IPv6 address if your server’s VPC supports IPv6. e.g X.X.X.X/32

Outbound rule

This allows your server to access the internet, which is useful for downloading updates, packages, or connecting to remote services.

TypeProtocolDestination
IPv4, IPv6All0.0.0.0/0 (IPv4), ::/0 (IPv6)

Public web hosting (HTTP/HTTPS)

For a server that should be accessible to users on the internet, allow the following rules in its security group:

Inbound rule

This allows your server to receive HTTP(80) and HTTPS(443) traffic.

TypeProtocolPortSource
IPv4, IPv6TCP800.0.0.0/0 (IPv4), ::/0 (IPv6)
IPv4, IPv6TCP4430.0.0.0/0 (IPv4), ::/0 (IPv6)

Outbound rule

This allows your server to access the internet, which is useful for downloading updates, packages, or connecting to remote services.

TypeProtocolDestination
IPv4, IPv6All0.0.0.0/0 (IPv4), ::/0 (IPv6)

Next steps


Need help?

If you have any technical questions or encounter any problems, get in touch with our Support team! We are here to help, and will provide support if you encounter any issues with NebCompute.