I have my own security group (SG) with rule 10.0.0.0/8. allowing all traffic. When I set up my node template, I used my SG. For information, all EC2s and Rancher are under the 10.0.0.0/8 network. So when I try to add a new node, in my SG is added two rules, allowing port 22 and 2376 to 0.0.0.0. In my situation it is not necessary to allow traffic from anywhere because traffic is already allowed in the SG in my LAN.
If I try to remove the AuthorizeSecurityGroupIngress to avoid creating a new rule, I get an error:
Error creating machine: Error in driver during machine creation: UnauthorizedOperation: You are not authorized to perform this operation. Encrypted Authorization Failure Message: 99XmOxVPsxxpRn2RFxzGKyz4gu5m8TjMpk0mH57Sq94ntrcvLDhomhYA8WYb1H …
How can I configure my SG or Rancher to avoid 22 or 2376 for everyone?