A security group is a virtual firewall that is used to control the inbound and outbound traffic of specific Elastic Compute Service (ECS) instances. After a security group is added to an ApsaraDB for MongoDB instance, the ECS instances in the security group can access the ApsaraDB for MongoDB instance. This topic describes how to add a security group.
Background information
After an ApsaraDB for MongoDB instance is created, you must add a whitelist or security group to the instance to allow external devices to access the instance. For more information about security groups, see Overview.
You can configure both whitelists and security groups for your ApsaraDB for MongoDB instances. In this case, IP addresses in the whitelists and the ECS instances in the security groups are allowed to access the ApsaraDB for MongoDB instances.
Usage notes
Only security groups of the same network type as that of the ApsaraDB for MongoDB instance can be added to the instance. For example, if the network type of the instance is VPC, you can add only security groups whose network type is VPC to the instance.
After you change the network type of your RDS instance, the configured security groups become invalid. In this case, you must reconfigure the security groups with the new network type.
You can add up to 10 security groups to a single ApsaraDB for MongoDB instance.
Procedure
Go to the Replica Set Instances or Sharded Cluster Instances page. In the top navigation bar, select the region in which the instance resides. Then, find the instance and click the ID of the instance.
In the left-side navigation pane of the instance details page, choose .
Click Add Security Group.
In the Add Security Group panel, select the security groups to be added.
NoteIf no security group meets your requirements, create a security group and add it to the instance. For more information about how to create a security group, see Create a security group.
Security groups whose names are followed by a VPC tag contain ECS instances that reside in VPCs.
Click OK.