security group¶

A security group acts as a virtual firewall for servers and other resources on a network. It is a container for security group rules which specify the network access rules.

Compute v2, Network v2

security group create¶

Create a new security group

openstack security group create
    [--extra-property type=<property_type>,name=<property_name>,value=<property_value>]
    [--description <description>]
    [--project <project>]
    [--stateful | --stateless]
    [--project-domain <project-domain>]
    [--tag <tag> | --no-tag]
    <name>
--extra-property type=<property_type>,name=<property_name>,value=<property_value>¶

Additional parameters can be passed using this property. Default type of the extra property is string (‘str’), but other types can be used as well. Available types are: ‘dict’, ‘list’, ‘str’, ‘bool’, ‘int’. In case of ‘list’ type, ‘value’ can be semicolon-separated list of values. For ‘dict’ value is semicolon-separated list of the key:value pairs.

--description <description>¶

Security group description

--project <project>¶

Owner’s project (name or ID)

Network version 2 only

--stateful¶

Security group is stateful (default)

--stateless¶

Security group is stateless

--project-domain <project-domain>¶

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

Network version 2 only

--tag <tag>¶

Tag to be added to the security group (repeat option to set multiple tags)

Network version 2 only

--no-tag¶

No tags associated with the security group

Network version 2 only

name¶

New security group name

security group delete¶

Delete security group(s)

openstack security group delete <group> [<group> ...]
group¶

Security group(s) to delete (name or ID)

security group list¶

List security groups

openstack security group list
    [--sort-column SORT_COLUMN]
    [--sort-ascending | --sort-descending]
    [--project <project>]
    [--project-domain <project-domain>]
    [--share | --no-share]
    [--tags <tag>[,<tag>,...]]
    [--any-tags <tag>[,<tag>,...]]
    [--not-tags <tag>[,<tag>,...]]
    [--not-any-tags <tag>[,<tag>,...]]
    [--all-projects]
--sort-column SORT_COLUMN¶

specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

--sort-ascending¶

sort the column(s) in ascending order

--sort-descending¶

sort the column(s) in descending order

--project <project>¶

List only security groups with the specified project (name or ID)

Network version 2 only

--project-domain <project-domain>¶

Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.

Network version 2 only

--share¶

List only security groups shared between projects

--no-share¶

List only security groups not shared between projects

--tags <tag>[,<tag>,...]¶

List security group which have all given tag(s) (Comma-separated list of tags)

Network version 2 only

--any-tags <tag>[,<tag>,...]¶

List security group which have any given tag(s) (Comma-separated list of tags)

Network version 2 only

--not-tags <tag>[,<tag>,...]¶

Exclude security group which have all given tag(s) (Comma-separated list of tags)

Network version 2 only

--not-any-tags <tag>[,<tag>,...]¶

Exclude security group which have any given tag(s) (Comma-separated list of tags)

Network version 2 only

--all-projects¶

Display information from all projects (admin only)

Compute version 2 only

security group set¶

Set security group properties

openstack security group set
    [--extra-property type=<property_type>,name=<property_name>,value=<property_value>]
    [--name <new-name>]
    [--description <description>]
    [--stateful | --stateless]
    [--tag <tag>]
    [--no-tag]
    <group>
--extra-property type=<property_type>,name=<property_name>,value=<property_value>¶

Additional parameters can be passed using this property. Default type of the extra property is string (‘str’), but other types can be used as well. Available types are: ‘dict’, ‘list’, ‘str’, ‘bool’, ‘int’. In case of ‘list’ type, ‘value’ can be semicolon-separated list of values. For ‘dict’ value is semicolon-separated list of the key:value pairs.

--name <new-name>¶

New security group name

--description <description>¶

New security group description

--stateful¶

Security group is stateful (default)

--stateless¶

Security group is stateless

--tag <tag>¶

Tag to be added to the security group (repeat option to set multiple tags)

Network version 2 only

--no-tag¶

Clear tags associated with the security group. Specify both –tag and –no-tag to overwrite current tags

Network version 2 only

group¶

Security group to modify (name or ID)

security group show¶

Display security group details

openstack security group show <group>
group¶

Security group to display (name or ID)

security group unset¶

Unset security group properties

openstack security group unset [--tag <tag> | --all-tag] <group>
--tag <tag>¶

Tag to be removed from the security group (repeat option to remove multiple tags)

--all-tag¶

Clear all tags associated with the security group

group¶

Security group to modify (name or ID)