Create the security group

You must create a security group for the following ports used by the API Security Enforcer (ASE):

Port 80: Accessible by API Clients/ELB
Port 443: Accessible by API Clients/ELB
Port 8010: Accessible by operations to execute command-line interface (CLI) commands and REST application programming interface (API) calls
Port 8020: Only accessible by peer ASE nodes in the same security group

Create a security group based on the following table.

Type Protocol Port Source

Type	Protocol	Port	Source
Custom TCP	TCP	`80`	API clients/ELB
Custom TCP	TCP	`443`	Same security group
Custom TCP	TCP	`8010`	Same security group
Custom TCP	TCP	`8020`	Same security group

Custom TCP

TCP

80

API clients/ELB

Custom TCP

TCP

443

Same security group

Custom TCP

TCP

8010

Same security group

Custom TCP

TCP

8020

Same security group