Manage Security Group Rules
Edit a Security Group Rule
Use this procedure to edit an access control rule for an AWS VPC using CDO:
- Open the Devices & Services page.
- Select the AWS VPC whose access control policy you want to edit.
- In the Management pane on the right, select
Policy.
- To edit an existing security group rule, select the rule and click the edit icon
in the Actions pane. (Simple edits may also be performed inline without entering edit mode.) See AWS VPC Security Group Rules for rule limitations and exceptions.
- Click Save.
- Review and deploy now the changes you made, or wait and deploy multiple changes at once.
Caution: If the deployment fails, CDO attempts to return the state of the AWS VPC to what it was before you made the deployment attempt. This is done on a "best effort" basis. Because AWS doesn't maintain a state, this rollback attempt could fail. In that case, you will have to log in to the AWS management console and manually return the AWS VPC to its previous configuration and then poll for changes between the AWS VPC device configuration and the configuration in CDO.
Delete a Security Group Rule
- Open the Devices & Services page.
- Select the AWS VPC whose access control policy you want to edit.
- In the Management pane on the right, select
Policy.
- To delete a security group rule you no longer need, select the rule and click the remove icon
in the Actions pane.
- Review and deploy now the changes you made, or wait and deploy multiple changes at once.
Caution: If the deployment fails, CDO attempts to return the state of the AWS VPC to what it was before you made the deployment attempt. This is done on a "best effort" basis. Because AWS doesn't maintain a "state," this rollback attempt could fail. In that case, you will have to log in to the AWS management console and manually return the AWS VPC to its previous configuration and then poll for changes between the AWS VPC device configuration and the configuration in CDO.
Related Articles