Creating an NSG
Create a network security group (NSG) in a Virtual Cloud Network (VCN).
Each VCN comes with a default security list that has default security rules in it to enable basic connectivity. However, a VCN has no default NSG.
When you create an NSG, it's initially empty, without any security rules or VNICs. If you're using the Console, you can add security rules to the NSG during creation. Become familiar with the parts of security rules.
You can optionally assign a friendly name to the NSG during creation. The name doesn't have to be unique, and you can change it later. Oracle automatically assigns the NSG a unique identifier called an Oracle Cloud ID (OCID) . For more information, see Resource Identifiers.
For the purposes of access control, you must specify the compartment where you want the NSG to reside. If you're not sure which compartment to use, consult an administrator in your organization. For more information, see Access Control.
The NSG is created and then displayed on the Network Security Group page in the compartment that you chose. You can now specify this NSG when creating or managing instances or other types of parent resources.
When you view all the security rules in an NSG, you can filter the list by ingress or egress.
Use the network nsg create command and required parameters to create an NSG in a VCN:
oci network nsg create --compartment-id nsg-compartment-ocid --vcn-id vcn-ocid ... [OPTIONS]
For a complete list of flags and variable options for CLI commands, see the CLI Command Reference.
Run the CreateNetworkSecurityGroup operation to create an NSG.