Default Security Group?


I cannot figure out how to de-select SECURITY_GROUPS=0 (default) for my VMs. No matter what I do, ‘default security group’ is always added when VM starts. I triple-checked that VM template doesn’t have ‘default’ for either interface (via GUI and via Advanced template edit), template only lists my custom sec. groups (i.e. SECURITY_GROUPS=‘ID’ in NIC, not 0).

When VM starts, SECURITY_GROUPS=0 is always added in addition to my custom defined sec. groups (but ‘default’ is NOT on the list). I can see all SECURITY_GROUPS in SECURITY_GROUP_RULE section of running VM’s template.

My default sec group allows inbound/outbound, which is OK for most VMs (I have network firewall as well).

Few VMs need better in/out control, so I though defining custom sec. groups, and un-selecting default for those VMs should do it…

Is ‘default’ added no matter what? Do I have to remove in/out rules in ‘default’ and create custom sec. groups for all VM templates?
Thank you.

You need to remove it from the Virtual Network. The VMs will inherit
security groups form AR’s and VNET’s

1 Like

This is it! Thank you.