A security group controls and limits the network access to your VPC or resource. SSH (port 22) allows remote connection to your instance. Therefore, it is not recommended to allow access from the internet to this port, and limit it using a security group with permission to specific addresses. By default, AliCloud enables SSH access in order to let you connect to your resource. We have found that the instance {AliCloudEcsInstance} enables unlimited remote connection access through the internet.