[Yandex Cloud documentation](../../index.md) > [Yandex Virtual Private Cloud](../index.md) > [Step-by-step guides](index.md) > Security groups > Deleting a security group

# Deleting a security group

{% note warning %}

You cannot delete a security group created by default in the network.

{% endnote %}

To delete a [security group](../concepts/security-groups.md): 

{% list tabs group=instructions %}

- Management console {#console}

  1. In the [management console](https://console.yandex.cloud), select the folder where you need to delete a security group.
  1. Navigate to **Virtual Private Cloud**.
  1. In the left-hand panel, select ![image](../../_assets/console-icons/shield.svg) **Security groups**. 
  1. Click ![image](../../_assets/console-icons/ellipsis.svg) in the row of the group you need to delete.
  1. In the menu that opens, click **Delete**.
  1. In the window that opens, click **Delete**.

- CLI {#cli}

  If you do not have the Yandex Cloud CLI yet, [install and initialize it](../../cli/quickstart.md#install).

  The folder used by default is the one specified when [creating](../../cli/operations/profile/profile-create.md) the CLI profile. To change the default folder, use the `yc config set folder-id <folder_ID>` command. You can also specify a different folder for any command using `--folder-name` or `--folder-id`. If you access a resource by its name, the search will be limited to the default folder. If you access a resource by its ID, the search will be global, i.e., through all folders based on access permissions.

  1. View the description of the CLI command for deleting security groups:

      ```
      yc vpc security-group delete --help
      ```

  1. Get a list of all security groups in the default folder:

      ```
      yc vpc security-group list
      ```
	    
      Result:
      ```
      +----------------------+-------------+-------------+----------------------+
      |          ID          |    NAME     | DESCRIPTION |      NETWORK-ID      |
      +----------------------+-------------+-------------+----------------------+
      | enpkf7dbjonf******** | test-sg-cli |             | enpgkbe17td8******** |
      +----------------------+-------------+-------------+----------------------+
      ```

  1. Select the `ID` or `NAME` of the appropriate network.
  1. Delete the network:

      ```
      yc vpc security-group delete test-sg-cli
      ```

- Terraform {#tf}

  With [Terraform](https://www.terraform.io/), you can quickly create a cloud infrastructure in Yandex Cloud and manage it using configuration files. These files store the infrastructure description written in HashiCorp Configuration Language (HCL). If you change the configuration files, Terraform automatically detects which part of your configuration is already deployed, and what should be added or removed.
  
  Terraform is distributed under the [Business Source License](https://github.com/hashicorp/terraform/blob/main/LICENSE). The [Yandex Cloud provider for Terraform](https://github.com/yandex-cloud/terraform-provider-yandex) is distributed under the [MPL-2.0](https://www.mozilla.org/en-US/MPL/2.0/) license.
  
  For more information about the provider resources, see the relevant documentation on the [Terraform](https://www.terraform.io/docs/providers/yandex/index.html) website or [its mirror](../../terraform/index.md).

  If you do not have Terraform yet, [install it and configure the Yandex Cloud provider](../../tutorials/infrastructure-management/terraform-quickstart.md#install-terraform).
  
  
  To manage infrastructure using Terraform under a service account or user accounts (a Yandex account, a federated account, or a local user), [authenticate](../../terraform/authentication.md) using the appropriate method.

  To delete a security group created with Terraform:

  1. Open the Terraform configuration file and delete the fragment with the security group description.
     
     {% cut "Example of a security group description in the Terraform configuration" %}

     ```hcl
     ...
     resource "yandex_vpc_security_group" "test-sg" {
       name        = "Test security group"
       description = "Description for security group"
       network_id  = "${yandex_vpc_network.lab-net.id}"

       ingress {
         protocol       = "TCP"
         description    = "Rule description 1"
         v4_cidr_blocks = ["10.0.1.0/24", "10.0.2.0/24"]
         port           = 8080
       }

       egress {
         protocol       = "ANY"
         description    = "Rule description 2"
         v4_cidr_blocks = ["10.0.1.0/24", "10.0.2.0/24"]
         from_port      = 8090
         to_port        = 8099
       }
     }
     ...
     ```

     {% endcut %}

  1. In the command line, navigate to the directory with the Terraform configuration file.

  1. Check the configuration using this command:

     ```
     terraform validate
     ```
     
     If the configuration is valid, you will get this message:
     
     ```
     Success! The configuration is valid.
     ```

  1. Run this command:

     ```
     terraform plan
     ```
  
     You will see a list of resources and their properties. No changes will be made at this step. Terraform will show any errors in the configuration.

  1. Apply the configuration changes:

     ```
     terraform apply
     ```

  1. Type `yes` and press **Enter** to confirm changes.

     You can check the updates using the [management console](https://console.yandex.cloud) or this [CLI](../../cli/quickstart.md) command:

     ```
     yc vpc security-group list
     ```

- API {#api}

  Use the [delete](../api-ref/SecurityGroup/delete.md) REST API method for the [SecurityGroup](../api-ref/SecurityGroup/index.md) resource or the [SecurityGroupService/Delete](../api-ref/grpc/SecurityGroup/delete.md) gRPC API call and provide the ID of the security group being deleted in the `securityGroupId` request parameter.

  To get the security group ID, use the [list](../api-ref/SecurityGroup/list.md) REST API method for the [SecurityGroup](../api-ref/SecurityGroup/index.md) resource or the [SecurityGroupService/List](../api-ref/grpc/SecurityGroup/list.md) gRPC API call and provide the folder ID in the `folderId` request parameter.

  To learn how to find out the folder ID, see [Getting the folder ID](../../resource-manager/operations/folder/get-id.md).

{% endlist %}