Allow HTTPS Access To Your Instance

To access specific network ports of an instance, you need to assign a security group that allows access to those ports. By default, your Nimbus instance blocks inbound traffic to all ports as a security measure. Security groups can be added and removed at any time without needing to shut down or restart the instance.

Assigning a security group is required in addition to starting a service (like a web server) to listen on that port.

Allow HTTP or HTTPS access to your instance

Create a security group and add rules to it

  1. Log in to your Nimbus dashboard here.
  2. Go to NetworkSecurity Groups or this link https://nimbus.pawsey.org.au/project/security_groups/
  3. Click + Create Security Group.
    • Give it a suitable name like Web.
    • Click Create Security Group.
    • The new security group will now be selected.
  4. Add a rule for HTTP traffic.
    • Click + Add Rule.
    • Select HTTP from the drop-down list under Rule.
    • Click Add.
    • This will allow traffic from anywhere to port 80, the standard http port.
  5. If you also require access to the standard https port 443, repeat step 4 but select HTTPS.

You have now created a new security group and added rules to it.

Add the security group to your instance

  1. Go to ComputeInstances or this link https://nimbus.pawsey.org.au/project/instances/
  2. From the drop-down menu to the right of your instance, click Edit Security Groups.
  3. Click on the [+] button next to the security group you just created.
    • This will move it to the Instance Security Groups column.
    • Click Save.


Your instance can now be accessed on the ports you have allowed.



Start a service to listen for traffic

You now need to start a service such as a web server to listen on the chosen ports. That is beyond the scope of this documentation. There are many options including nginx and apache, as well as web servers built into scientific software systems. Examples used by some of our researchers include:

We also recommend using https://letsencrypt.org/ combined with https://www.dynu.com/ to encrypt your traffic and use only HTTPS, but have no further documentation that yet.