Help Center

Relational Database Service (MySQL)

Updates &Notices
Introduction
Billing Instructions
Quick Start
User Guide
Best Practices
FAQ
Security White Paper
Performance White Paper
API Reference
Related Agreements
Troubleshooting

Step II: Configuring Security Group Rules

2025-06-05 01:55:16

This section describes how to configure the security group rules in MySQL. For the introduction and use of security groups, see Overview of Security Group.

Application Scenarios

• A security group is a logical group that provides the same access policy for ECS and RDS for MySQL instances that have the same security protection requirements and are mutually trusted in a VPC.

• To ensure the security and stability of the database, you need to set the security group and enable the IP address and port to access the database before using the RDS for MySQL instance.

• When connecting to an RDS for MySQL instance through an EIP, you need to configure the corresponding inbound rules for the security group where the MySQL is located.


Precautions

² Note

The default security group rule allows all data packets in the outbound direction. The ECS and RDS for MySQL instances within the same security group can access each other. After a security group is created, you can define various access rules in the security group. When an RDS for MySQL instance is added to the security group, it is protected by these access rules.

By default, a tenant can create a maximum of 500 security group rules.

Configuring too many security group rules for a security group will increase the first packet latency. Therefore, you are advised to create a maximum of 50 security group rules for each security group.

To access an RDS for MySQL instance inside a security group from outside, you need to add an inbound rule for the security group.

The default IP address for the source address is 0.0.0.0/0, which allows all IP addresses to access RDS for MySQL instances in the security group.


Procedure

In the upper right corner of the homepage of eSurfing Cloud official website, select Console and log in to the Console interface.

Click Network > Virtual Private Cloud.

Select Access Control > Security Group on the left navigation tree.

If no security group is available, click Create Security Group, enter a name as prompted, and select the template, Virtual Private Cloud, and your Enterprise Project to create a security group.

On the Security Group interface, click the security group name to go to the Security Group Details interface.

On the Security Group Details interface, click Add Rule, and the Add Rule window appears.

Configure the security group rules based on interface prompts.

Click OK.


The previous article -  Step 1: Create an instance
The next article -  Step III: Binding the EIP
jmB7ShWMq6pl