Skip to main content

Security Groups

Security Groups function as virtual firewalls, regulating the flow of inbound and outbound traffic to your resources. They help you define and manage network access to your resources, ensuring that only the right traffic reaches your workloads.

With Security Groups, you can create flexible inbound and outbound rules that specify which ports, protocols, and sources are allowed. This gives you fine-grained control over connectivity while keeping your infrastructure secure.

Default Security Group

Every new project in TIR automatically comes with a default Security Group. This default setup makes it easier to get started quickly without having to manually configure network access.

  • The default Security Group has port 22 (SSH) enabled by default.
  • This allows you to connect to your nodes securely using SSH.
  • You can use this default Security Group directly when enabling SSH access for any node.

If you need more customized network access, you can create additional Security Groups as needed.

Accessing Security Groups

To access and manage your Security Groups:

  1. Open the TIR Dashboard.

  2. Go to the Network section in the sidebar.


  1. Click on Security Group to open the Security Group management page.

Here, you’ll see a list of all Security Groups associated with your project, along with their details.

Creating a New Security Group

You can easily create your own Security Group with custom rules.

  1. On the Security Group page, click Create Security Group in the top-right corner.

  2. Provide the following details:

    • Name – A unique name for your security group.
    • Description – (Optional) A short description to help you identify its purpose.
    • Add Inbound Rule - Define the incoming traffic rules by specifying the protocol, ports, etc.
    • Add Outbound Rule - Define the outgoing traffic rules by specifying the protocol, ports, etc

  3. Then click Create to finalize.


Your new Security Group will now appear in the Security Group listing and can be attached to your instance or inference or training cluster.

Managing Security Groups

Each Security Group provides a few essential management options to help you stay in control.

1. Edit Security Group

You can update the name or description of any Security Group at any time. This is useful when you want to rename or reorganize your configurations without affecting existing rules.

2. Manage Rules

Security Groups include two types of rules:

  • Inbound rules – Control incoming traffic to your instances.
  • Outbound rules – Control outgoing traffic from your instances.

When managing rules, you can:

  • Add new rules
  • Edit existing rules
info
  • If you select Source: My Account VPC, IAM users must have the appropriate permission to access My Account VPC.
  • Without this permission, the VPC option will not be available.

Adding an Inbound Rule

To add a new inbound rule:

  1. Go to the Inbound Rules tab.
  2. Click Add Rule.
  3. Define the protocol, port range, and source for your new rule.

Newly added rules are automatically marked as New. If you make a mistake, you can click Remove before applying the changes. Once you click Apply All Changes, your rules are saved successfully.

Removing Rules

You can remove any rule by clicking the Remove button next to it.
Removed rules are highlighted until you confirm the changes by applying them.

3. Delete Security Group

If you no longer need a Security Group, you can delete it.

warning
  • A security group cannot be deleted while it is attached to one or more resources.

Viewing Security Group Details

Each Security Group page includes three main tabs that give you a clear overview of your configuration:

  1. Overview – Displays general details such as name, ID, and description.
  2. Inbound Rules – Lists all the inbound traffic rules currently applied.
  3. Outbound Rules – Lists all the outbound traffic rules currently applied.

These sections make it easy to understand how your resources are protected and what traffic is allowed or restricted.

Summary

Security Groups are an essential part of keeping your cloud environment secure and organized. They let you define precise network access for your nodes and inference endpoints, ensuring that only approved traffic reaches your workloads.

By using Security Groups, you can:

  • Maintain secure SSH access with default configurations.
  • Easily create and manage custom rules.
  • Gain complete control over inbound and outbound connectivity.

Security Groups make managing your project’s network access both simple and secure.