My customer accountContact commercialWebmailOVHcloud Blog

Welcome to OVHcloud.

Log in to order, manage your products and services, and track your orders

Log in

Configuring security groups

Protect access to your cluster with access filters

Last updated 03rd January 2020

Objective

Enterprise Cloud Database solutions are compatible with any services that can be accessed via the public network (internet). This includes all OVHcloud cloud products, solutions from other third-party cloud providers, and even your own architecture.

To secure access, you need to authorise IPs to connect to your cluster.

This guide explains how to manage security groups and rules.

Requirements

  • an Enterprise Cloud Databases cluster
  • access to the OVHcloud Control Panel or API with sufficient rights (admin or technical)
  • an IPv4 or IPv4 range to authorise

Instructions

Step 1: Get an understanding of security mechanisms.

Your cluster is a service exposed on the public network, and it does not authorise any outside connections by default. For security reasons, OVHcloud requires you to create security groups and rules in order to connect to your cluster. These groups and filtering rules work alongside other mechanisms, such as secure traffic via TLS protocol, and data encryption.

Step 2: Create or delete a security group.

Security groups can contain multiple security rules. They are designed to help you organise and sort your security rules more easily. To create a group, go to the OVHcloud Control Panel, then click Settings. Next, click Security groups, then Create a group. You will be asked to provide a name for your group.

Once you have created your security group, it will appear on the same page, where you can edit the group name or delete it.

Step 3: Create or delete a security rule.

Once you have created a security group, click ..., then Add a rule. Enter the security rule you want, then confirm.

The IP addresses you enter must meet the following requirements:

  • they must be valid IPs
  • they must not start with 0.0.0.0
  • they must not be a private IP ("10.0.0.0/8", "172.16.0.0/12" or "192.168.0.0/16")

Please note: you need to keep an active security group containing at least one valid IP address in order to access your cluster.

Go further

Learn how to manage your PostgreSQL cluster by reading OVHcloud’s technical guides for further information on the technical aspects of how your managed solution works.


Did you find this guide useful?

Please feel free to give any suggestions in order to improve this documentation.

Whether your feedback is about images, content, or structure, please share it, so that we can improve it together.

Your support requests will not be processed via this form. To do this, please use the "Create a ticket" form.

Thank you. Your feedback has been received.


These guides might also interest you...

OVHcloud Community

Access your community space. Ask questions, search for information, post content, and interact with other OVHcloud Community members.

Discuss with the OVHcloud community

In accordance with the 2006/112/CE Directive, modified on 01/01/2015, prices incl. VAT may vary according to the customer's country of residence
(by default, the prices displayed are inclusive of the UK VAT in force).