security group¶

A security group acts as a virtual firewall for servers and other resources on a network. It is a container for security group rules which specify the network access rules.

Compute v2, Network v2

security group create¶

Create a new security group

openstack security group create
    [--extra-property type=<property_type>,name=<property_name>,value=<property_value>]
    [--description <description>]
    [--project <project>]
    [--stateful | --stateless]
    [--project-domain <project-domain>]
    [--tag <tag> | --no-tag]
    <name>

--extra-property type=<property_type>,name=<property_name>,value=<property_value>¶: Additional parameters can be passed using this property. Default type of the extra property is string (‘str’), but other types can be used as well. Available types are: ‘dict’, ‘list’, ‘str’, ‘bool’, ‘int’. In case of ‘list’ type, ‘value’ can be semicolon-separated list of values. For ‘dict’ value is semicolon-separated list of the key:value pairs.

--description <description>¶: Security group description

--project <project>¶: Owner’s project (name or ID)

--stateful¶: Security group is stateful (default)

--stateless¶: Security group is stateless

--project-domain <project-domain>¶: Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

--tag <tag>¶: Tag to be added to the security group (repeat option to set multiple tags)

--no-tag¶: No tags associated with the security group

name¶: New security group name

security group delete¶

Delete security group(s)

openstack security group delete <group> [<group> ...]

group¶: Security group(s) to delete (name or ID)

security group list¶

List security groups

openstack security group list
    [--sort-column SORT_COLUMN]
    [--sort-ascending | --sort-descending]
    [--project <project>]
    [--project-domain <project-domain>]
    [--share | --no-share]
    [--tags <tag>[,<tag>,...]]
    [--any-tags <tag>[,<tag>,...]]
    [--not-tags <tag>[,<tag>,...]]
    [--not-any-tags <tag>[,<tag>,...]]
    [--limit <limit>]
    [--marker <marker>]
    [--max-items <max-items>]

--sort-column SORT_COLUMN¶: specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

--sort-ascending¶: sort the column(s) in ascending order

--sort-descending¶: sort the column(s) in descending order

--project <project>¶: List only security groups with the specified project (name or ID)

--project-domain <project-domain>¶: Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

--share¶: List only security groups shared between projects

--no-share¶: List only security groups not shared between projects

--tags <tag>[,<tag>,...]¶: List security group which have all given tag(s) (Comma-separated list of tags)

--any-tags <tag>[,<tag>,...]¶: List security group which have any given tag(s) (Comma-separated list of tags)

--not-tags <tag>[,<tag>,...]¶: Exclude security group which have all given tag(s) (Comma-separated list of tags)

--not-any-tags <tag>[,<tag>,...]¶: Exclude security group which have any given tag(s) (Comma-separated list of tags)

--limit <limit>¶: The maximum number of entries to return per page. If the value exceeds the server-defined maximum, then the server-defined value will be used. Note that this controls the page size, not the total number of entries returned. Use –max-items to limit the total number of entries returned.

--marker <marker>¶: The first position in the collection to return results from. This should be a value that was returned in a previous request.

--max-items <max-items>¶: The maximum number of entries to return in total, paging through multiple requests if needed. Use –limit to control the page size.

security group set¶

Set security group properties

openstack security group set
    [--extra-property type=<property_type>,name=<property_name>,value=<property_value>]
    [--name <new-name>]
    [--description <description>]
    [--stateful | --stateless]
    [--tag <tag>]
    [--no-tag]
    <group>

--extra-property type=<property_type>,name=<property_name>,value=<property_value>¶: Additional parameters can be passed using this property. Default type of the extra property is string (‘str’), but other types can be used as well. Available types are: ‘dict’, ‘list’, ‘str’, ‘bool’, ‘int’. In case of ‘list’ type, ‘value’ can be semicolon-separated list of values. For ‘dict’ value is semicolon-separated list of the key:value pairs.

--name <new-name>¶: New security group name

--description <description>¶: New security group description

--stateful¶: Security group is stateful (default)

--stateless¶: Security group is stateless

--tag <tag>¶: Tag to be added to the security group (repeat option to set multiple tags)

--no-tag¶: Clear tags associated with the security group. Specify both –tag and –no-tag to overwrite current tags

group¶: Security group to modify (name or ID)

security group show¶

Display security group details

openstack security group show <group>

group¶: Security group to display (name or ID)

security group unset¶

Unset security group properties

openstack security group unset [--tag <tag> | --all-tag] <group>

--tag <tag>¶: Tag to be removed from the security group (repeat option to remove multiple tags)

--all-tag¶: Clear all tags associated with the security group

group¶: Security group to modify (name or ID)

security group