Skip to content
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 8 additions & 7 deletions docs/website/docs/examples/containerregistry.md
Original file line number Diff line number Diff line change
Expand Up @@ -63,19 +63,20 @@ acloud network securitygroup list 69495ef64d0cdc87949b71ec
If you need to create a new security group and add the HTTPS rule:

```bash
# Create security group
acloud network securitygroup create \
# Create security group (vpc-id is the first positional argument)
acloud network securitygroup create 69495ef64d0cdc87949b71ec \
--name "registry-sg" \
--vpc-id "69495ef64d0cdc87949b71ec" \
--region "ITBG-Bergamo"

# Add inbound rule for HTTPS (port 443)
acloud network securityrule create 69495ef64d0cdc87949b71ec <securitygroup-id> \
--direction Inbound \
--name "allow-https" \
--region "ITBG-Bergamo" \
--direction Ingress \
--protocol TCP \
--port-range-min 443 \
--port-range-max 443 \
--remote-ip-prefix "0.0.0.0/0"
--port 443 \
--target-kind Ip \
--target-value "0.0.0.0/0"
```

Note the security group `ID`.
Expand Down
15 changes: 8 additions & 7 deletions docs/website/docs/examples/database.md
Original file line number Diff line number Diff line change
Expand Up @@ -63,19 +63,20 @@ acloud network securitygroup list 69495ef64d0cdc87949b71ec
If you need to create a new security group with a MySQL inbound rule:

```bash
# Create security group
acloud network securitygroup create \
# Create security group (vpc-id is the first positional argument)
acloud network securitygroup create 69495ef64d0cdc87949b71ec \
--name "db-security-group" \
--vpc-id "69495ef64d0cdc87949b71ec" \
--region "ITBG-Bergamo"

# Add inbound rule for MySQL (port 3306)
acloud network securityrule create 69495ef64d0cdc87949b71ec <securitygroup-id> \
--direction Inbound \
--name "allow-mysql" \
--region "ITBG-Bergamo" \
--direction Ingress \
--protocol TCP \
--port-range-min 3306 \
--port-range-max 3306 \
--remote-ip-prefix "0.0.0.0/0"
--port 3306 \
--target-kind Ip \
--target-value "0.0.0.0/0"
```

Note the security group `ID`.
Expand Down
14 changes: 8 additions & 6 deletions docs/website/docs/it/examples/containerregistry.md
Original file line number Diff line number Diff line change
Expand Up @@ -51,17 +51,19 @@ acloud network securitygroup list <vpc-id>
Se devi creare un nuovo security group:

```bash
acloud network securitygroup create \
# Il vpc-id è il primo argomento posizionale
acloud network securitygroup create <vpc-id> \
--name "registry-sg" \
--vpc-id "<vpc-id>" \
--region "ITBG-Bergamo"

acloud network securityrule create <vpc-id> <securitygroup-id> \
--direction Inbound \
--name "allow-https" \
--region "ITBG-Bergamo" \
--direction Ingress \
--protocol TCP \
--port-range-min 443 \
--port-range-max 443 \
--remote-ip-prefix "0.0.0.0/0"
--port 443 \
--target-kind Ip \
--target-value "0.0.0.0/0"
```

Annota l'`ID` del security group.
Expand Down
14 changes: 8 additions & 6 deletions docs/website/docs/it/examples/database.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,17 +57,19 @@ acloud network securitygroup list 69495ef64d0cdc87949b71ec
Se devi creare un nuovo security group con una regola MySQL inbound:

```bash
acloud network securitygroup create \
# Il vpc-id è il primo argomento posizionale
acloud network securitygroup create 69495ef64d0cdc87949b71ec \
--name "db-security-group" \
--vpc-id "69495ef64d0cdc87949b71ec" \
--region "ITBG-Bergamo"

acloud network securityrule create 69495ef64d0cdc87949b71ec <securitygroup-id> \
--direction Inbound \
--name "allow-mysql" \
--region "ITBG-Bergamo" \
--direction Ingress \
--protocol TCP \
--port-range-min 3306 \
--port-range-max 3306 \
--remote-ip-prefix "0.0.0.0/0"
--port 3306 \
--target-kind Ip \
--target-value "0.0.0.0/0"
```

Annota l'`ID` del security group.
Expand Down
12 changes: 7 additions & 5 deletions docs/website/docs/resources/network/securityrule.md
Original file line number Diff line number Diff line change
Expand Up @@ -392,20 +392,22 @@ VPC_ID="689307f4745108d3c6343b5a"
SG_ID="1234567890abcdef"
RULE_ID="1234567890abcdef123456"

# Update port range
# Update security rule name
acloud network securityrule update $VPC_ID $SG_ID $RULE_ID \
--port "8080-8090"
--name "allow-http-restricted"

# Update target to restrict access
# Update tags
acloud network securityrule update $VPC_ID $SG_ID $RULE_ID \
--target-value "192.168.1.0/24"
--tags "web,http,restricted"

# Update name and tags
# Update name and tags together
acloud network securityrule update $VPC_ID $SG_ID $RULE_ID \
--name "allow-http-restricted" \
--tags "web,http,restricted"
```

**Note:** Only `--name` and `--tags` can be updated. Properties such as direction, protocol, port, and target cannot be modified after creation. To change these, delete and recreate the rule.

## Best Practices

1. **Principle of Least Privilege**
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,19 +63,20 @@ acloud network securitygroup list 69495ef64d0cdc87949b71ec
Se devi creare un nuovo security group e aggiungere la regola HTTPS:

```bash
# Crea security group
acloud network securitygroup create \
# Crea security group (il vpc-id è il primo argomento posizionale)
acloud network securitygroup create 69495ef64d0cdc87949b71ec \
--name "registry-sg" \
--vpc-id "69495ef64d0cdc87949b71ec" \
--region "ITBG-Bergamo"

# Aggiungi regola inbound per HTTPS (porta 443)
acloud network securityrule create 69495ef64d0cdc87949b71ec <securitygroup-id> \
--direction Inbound \
--name "allow-https" \
--region "ITBG-Bergamo" \
--direction Ingress \
--protocol TCP \
--port-range-min 443 \
--port-range-max 443 \
--remote-ip-prefix "0.0.0.0/0"
--port 443 \
--target-kind Ip \
--target-value "0.0.0.0/0"
```

Annota l'`ID` del security group.
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -63,19 +63,20 @@ acloud network securitygroup list 69495ef64d0cdc87949b71ec
Se devi creare un nuovo security group con una regola MySQL inbound:

```bash
# Crea security group
acloud network securitygroup create \
# Crea security group (il vpc-id è il primo argomento posizionale)
acloud network securitygroup create 69495ef64d0cdc87949b71ec \
--name "db-security-group" \
--vpc-id "69495ef64d0cdc87949b71ec" \
--region "ITBG-Bergamo"

# Aggiungi regola inbound per MySQL (porta 3306)
acloud network securityrule create 69495ef64d0cdc87949b71ec <securitygroup-id> \
--direction Inbound \
--name "allow-mysql" \
--region "ITBG-Bergamo" \
--direction Ingress \
--protocol TCP \
--port-range-min 3306 \
--port-range-max 3306 \
--remote-ip-prefix "0.0.0.0/0"
--port 3306 \
--target-kind Ip \
--target-value "0.0.0.0/0"
```

Annota l'`ID` del security group.
Expand Down
Loading