Security

After you add a cloud account in vRealize Automation Cloud Assembly, data collection discovers the cloud account ’s network and security information and makes that information available for use in network profiles and other options.

Security groups and firewall rules support network isolation. Security groups are data-collected. Firewall rules are not data-collected.

You can view the available security groups and add or remove tags for selected security groups. A cloud template author can assign one or more security groups to a machine NIC to control security for the deployment

Existing security groups are displayed and classified in the Origin column as Discovered. On-demand security groups that you create in vRealize Automation Cloud Assembly, either in a cloud template or in a network profile, are displayed and classified in the b>Origin column as Managed by Cloud Assembly. On-demand security groups that you create as part of a network profile are internally classified as an isolation security group with pre-configured firewall rules and are not added to a cloud template design as a security group resource. On-demand security groups that you create in a cloud template design, and that can contain express firewall rules, are added as part of a security group resource that is classified as new.

Several filtering options are available.