Use CADT to replace the security groups of an ECS or ENI instance

Replacement rules

Replacement method

To replace a security group of an ECS or ENI instance by using CADT, you must first create a new security group or import an existing security group for the ECS or ENI instance. Then, delete the original security group.

Procedure

1. Log on to the CADT console. In the top navigation bar, choose Application > My Applications.

2. On the page that appears, find the application for which you want to replace the security group, move the pointer over the application, and then click View Architecture.

3. Turn on Edit, and drag a new security group to the canvas to cover the corresponding instance resource. The following figure shows the sequence of operations. In this example, a new basic security group is created.

4. Double-click the new security group. In the panel that appears, configure the parameters based on your business requirements.

5. Confirm that the new security group contains the corresponding service instances.

   

6. After you complete the preceding configurations, click Save and then click Deploy Application.

7. After the application is deployed, turn on Edit, right-click the original security group, and then click Delete.

8. Save the application again and deploy it.

9. After the application is deployed, view the resource information. The original security group is deleted and the new security group runs as expected.

10. Double-click the security group on the canvas and click Go to Console to verify that the new security group contains the corresponding service instances.

    • ECS instance:

    • ENI instance: