How to Select and Configure a Security Group?
Intra-VPC Access to DCS Instances
An ECS can communicate with a DCS instance if they belong to the same VPC and security group rules are configured correctly.
- It is recommended that the ECS and DCS instance belong to the same security group. After a security group is created, the security group rules, by default, include a rule allowing members in the security group to access each other without any restrictions.
- If the ECS and DCS instance belong to different security groups, add security group rules to ensure that the ECS and DCS instance can access each other.
- Suppose that the ECS on which the client runs belongs to security group sg-ECS, and the DCS instance that the client will access belongs to security group sg-DCS.
- Suppose that the port number of the DCS instance is 6379.
- The remote end is a security group or an IP address.
Security group rules allowing the ECS to access the DCS instance:
Security group rules making the DCS instance accessible to the ECS:
Public Access to DCS Instances
A client can access a DCS instance only after rules are correctly configured for the security group of the instance.
For example, for security group sg-DCS, you need to configure the following rules in the inbound direction:
Protocol: TCP; source IP address: 0.0.0.0/0 or a specified client address. When SSL is enabled, set the port number to 36379. When SSL is disabled, set the port number to 6379.