CLI Client: Security Groups
Note
Red Cloud 2 is currently in beta testing and not available to all users. If you are not a Red Cloud 2 beta tester, use the production Red Cloud instead. This Red Cloud 2 documentation is still under development.
Beta testers: Report all problems to CAC Help. Please specify Red Cloud 2 when reporting problems. Thank you!
List Security Groups
openstack security group list
Create a Security Group
--description <group-description>: can be added for additional descriptions.
openstack security group create <group-name>
Delete a Security Group
openstack security group delete <group-name-or-id>
Manage Your Security Group
Show Details about Your Security Group
openstack security group show <group-name-or-id>
Edit Details about Your Security Group
You may change the name, description, or other attributes with set.
openstack security group set --name <new-name> <group-name-or-id>
openstack security group set --description <new-description> <group-name-or-id>
List current rules for your group
openstack security group rule list <group-name-or-id>
Show details about a specific rule
You may get <rule-id> from rule list.
openstack security group rule show <rule-id>
Add a Security Group Rule
To make a proper security group rule, consider the following options:
- --remote-ip <ip-address> or --remote-group <group-name-or-id>
- --remote-ip is required for this rule to apply to a certain IP range (CIDR notation).
- --remote-group is required for this rule to apply to another security group.
- --description <description>
- Description of the rule.
- --protocol <protocol>
- Rule protocol such as TCP, UDP, ICMP, etc.
- --ingress or --egress
- For TCP, UDP, ICMP, and unspecified protocol, choose if rule applies to incoming or outgoing network traffic.
- --dst-port <port-range>
- For TCP and UDP, choose the port ranges for this rule.
openstack security group rule create <group-name-or-id>
Delete a Security Group Rule
openstack security group rule delete <rule-id>