Security groups are sets of IP filter rules that are applied to all project instances, and which define networking access to the instance. Group rules are project specific; project members can edit the default rules for their group and add new rule sets. All projects have a default security group that is applied to any instance that has no other defined security group. Unless you change the default, this security group denies all incoming traffic and allows only outgoing traffic to your instance. For information about updating global controls on the command line, see .

Log in to the OpenStack dashboard as a project member. On the Project tab, select the appropriate project from the CURRENT PROJECT drop-down list, and click the Access & Security category. On the Security Groups tab, click Create Security Group. Provide a name and appropriate description for the group, and click Create Security Group. By default, the new rule provides outgoing access rules for the group.

Log in to the OpenStack dashboard as a project member. On the Project tab, select the appropriate project from the CURRENT PROJECT drop-down list, and click the Access & Security category. On the Security Groups tab, click Edit rules for the appropriate security group. To add a rule, click Add Rule. Set the attributes for the rule, and click Add: IP Protocol The IP protocol to which the rule applies: TCP.Typically used to exchange data between systems, and for end-user communication. UDP. Typically used to exchange data between systems, particularly at the application level. ICMP. Typically used by network devices, such as routers, to send error or monitoring messages. Open For TCP or UDP rules, the Port or Port Range to open for the rule. Choose to open a single port or range of ports. For a range of ports, enter port values in the From Port and To Port fields. For a single port, enter the port value in the Port field. Source The source of the traffic for this rule: CIDR (Classless Inter-Domain Routing). IP address block, which limits access to IPs within the block. Enter the CIDR in the Source field. Security Group. Source group that enables any instance in the group to access any other group instance.

Log in to the OpenStack dashboard as a project member. On the Project tab, select the appropriate project from the CURRENT PROJECT drop-down list, and click the Access & Security category. On the Security Groups tab, click Edit rules for the appropriate security group. To delete a rule, select the rule and click Delete Rule.

Log in to the OpenStack dashboard as a project member. On the Project tab, select the appropriate project from the CURRENT PROJECT drop-down list, and click the Access & Security category. On the Security Groups tab, select the appropriate group, and click Delete Security Group.