security group¶
A security group acts as a virtual firewall for servers and other resources on a network. It is a container for security group rules which specify the network access rules.
Compute v2, Network v2
security group create¶
Create a new security group
openstack security group create
[--extra-property type=<property_type>,name=<property_name>,value=<property_value>]
[--description <description>]
[--project <project>]
[--stateful | --stateless]
[--project-domain <project-domain>]
[--tag <tag> | --no-tag]
<name>
- --extra-property type=<property_type>,name=<property_name>,value=<property_value>¶
Additional parameters can be passed using this property. Default type of the extra property is string (‘str’), but other types can be used as well. Available types are: ‘dict’, ‘list’, ‘str’, ‘bool’, ‘int’. In case of ‘list’ type, ‘value’ can be semicolon-separated list of values. For ‘dict’ value is semicolon-separated list of the key:value pairs.
- --description <description>¶
Security group description
- --project <project>¶
Owner’s project (name or ID)
Network version 2 only
- --stateful¶
Security group is stateful (default)
- --stateless¶
Security group is stateless
- --project-domain <project-domain>¶
Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
Network version 2 only
- --tag <tag>¶
Tag to be added to the security group (repeat option to set multiple tags)
Network version 2 only
- --no-tag¶
No tags associated with the security group
Network version 2 only
- name¶
New security group name
security group delete¶
Delete security group(s)
openstack security group delete <group> [<group> ...]
- group¶
Security group(s) to delete (name or ID)
security group list¶
List security groups
openstack security group list
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--project <project>]
[--project-domain <project-domain>]
[--share | --no-share]
[--tags <tag>[,<tag>,...]]
[--any-tags <tag>[,<tag>,...]]
[--not-tags <tag>[,<tag>,...]]
[--not-any-tags <tag>[,<tag>,...]]
[--all-projects]
- --sort-column SORT_COLUMN¶
specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
- --sort-ascending¶
sort the column(s) in ascending order
- --sort-descending¶
sort the column(s) in descending order
- --project <project>¶
List security groups according to the project (name or ID)
Network version 2 only
- --project-domain <project-domain>¶
Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
Network version 2 only
List security groups shared between projects
List security groups not shared between projects
- --tags <tag>[,<tag>,...]¶
List security group which have all given tag(s) (Comma-separated list of tags)
Network version 2 only
- --any-tags <tag>[,<tag>,...]¶
List security group which have any given tag(s) (Comma-separated list of tags)
Network version 2 only
- --not-tags <tag>[,<tag>,...]¶
Exclude security group which have all given tag(s) (Comma-separated list of tags)
Network version 2 only
- --not-any-tags <tag>[,<tag>,...]¶
Exclude security group which have any given tag(s) (Comma-separated list of tags)
Network version 2 only
- --all-projects¶
Display information from all projects (admin only)
Compute version 2 only
security group set¶
Set security group properties
openstack security group set
[--extra-property type=<property_type>,name=<property_name>,value=<property_value>]
[--name <new-name>]
[--description <description>]
[--stateful | --stateless]
[--tag <tag>]
[--no-tag]
<group>
- --extra-property type=<property_type>,name=<property_name>,value=<property_value>¶
Additional parameters can be passed using this property. Default type of the extra property is string (‘str’), but other types can be used as well. Available types are: ‘dict’, ‘list’, ‘str’, ‘bool’, ‘int’. In case of ‘list’ type, ‘value’ can be semicolon-separated list of values. For ‘dict’ value is semicolon-separated list of the key:value pairs.
- --name <new-name>¶
New security group name
- --description <description>¶
New security group description
- --stateful¶
Security group is stateful (default)
- --stateless¶
Security group is stateless
- --tag <tag>¶
Tag to be added to the security group (repeat option to set multiple tags)
Network version 2 only
- --no-tag¶
Clear tags associated with the security group. Specify both –tag and –no-tag to overwrite current tags
Network version 2 only
- group¶
Security group to modify (name or ID)
security group show¶
Display security group details
openstack security group show <group>
- group¶
Security group to display (name or ID)
security group unset¶
Unset security group properties
openstack security group unset [--tag <tag> | --all-tag] <group>
- --tag <tag>¶
Tag to be removed from the security group (repeat option to remove multiple tags)
- --all-tag¶
Clear all tags associated with the security group
- group¶
Security group to modify (name or ID)
