Create Security Groups IP address based (CIDR)

CIDR stands for Classless Inter-domain Routing and is the system we use on the Internet to address resources with IP-addresses. This is used in routing but also when creating firewall rules, in this case Security Group Rules, to notate which IP-addresses that the specific rule applies to.

1. First create a group, and give it a descriptive name. Security groups are per project, so you may name them as you like, they will not be visible to other projects.
2. Once the security group is created you can add rules to it.
   Some of the common protocols have pregenerated defaults, and specifically SSH is at the bottom of the list, so it might require scrolling for it to be visible. If the program or protocol you want to open up isn't in that list, you will have to start by specifying TCP/UDP/ICMP manually and set which port(s) it uses. If you want to have it reachable from any IP, leave the CIDR field blank, even though the "?" help popup might suggest that "-1" indicates any. Otherwise, if you want to make the rule dependent on a certain source network or even a single IP, just add it with an appropriate netmask in the CIDR field.
   
3. As soon as you apply the security group to an instance, it will take effect, no restart or rebuild will be necessary. Do note that the Default ruleset usually prevents all traffic, and that new security groups you place on instances should add permissions for only those protocols you want to allow.