A security group acts as a virtual firewall for servers and other resources on a network. It is a container for security group rules which specify the network access rules.
Compute v2, Network v2
Create a new security group
openstack security group create
[--description <description>]
[--project <project>]
[--stateful | --stateless]
[--project-domain <project-domain>]
[--tag <tag> | --no-tag]
<name>
--description
<description>
¶Security group description
--project
<project>
¶Owner’s project (name or ID)
Network version 2 only
--stateful
¶Security group is stateful (Default)
--stateless
¶Security group is stateless
--project-domain
<project-domain>
¶Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
Network version 2 only
--tag
<tag>
¶Tag to be added to the security group (repeat option to set multiple tags)
Network version 2 only
--no-tag
¶No tags associated with the security group
Network version 2 only
name
¶New security group name
This command is provided by the python-openstackclient plugin.
Delete security group(s)
openstack security group delete <group> [<group> ...]
group
¶Security group(s) to delete (name or ID)
This command is provided by the python-openstackclient plugin.
List security groups
openstack security group list
[--format-config-file FORMAT_CONFIG]
[--sort-column SORT_COLUMN]
[--project <project>]
[--project-domain <project-domain>]
[--tags <tag>[,<tag>,...]]
[--any-tags <tag>[,<tag>,...]]
[--not-tags <tag>[,<tag>,...]]
[--not-any-tags <tag>[,<tag>,...]]
[--all-projects]
--format-config-file
<FORMAT_CONFIG>
¶Config file for the dict-to-csv formatter
--sort-column
SORT_COLUMN
¶specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
--project
<project>
¶List security groups according to the project (name or ID)
Network version 2 only
--project-domain
<project-domain>
¶Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
Network version 2 only
List security group which have all given tag(s) (Comma-separated list of tags)
Network version 2 only
List security group which have any given tag(s) (Comma-separated list of tags)
Network version 2 only
Exclude security group which have all given tag(s) (Comma-separated list of tags)
Network version 2 only
Exclude security group which have any given tag(s) (Comma-separated list of tags)
Network version 2 only
--all-projects
¶Display information from all projects (admin only)
Compute version 2 only
This command is provided by the python-openstackclient plugin.
Set security group properties
openstack security group set
[--name <new-name>]
[--description <description>]
[--stateful | --stateless]
[--tag <tag>]
[--no-tag]
<group>
--name
<new-name>
¶New security group name
--description
<description>
¶New security group description
--stateful
¶Security group is stateful (Default)
--stateless
¶Security group is stateless
--tag
<tag>
¶Tag to be added to the security group (repeat option to set multiple tags)
Network version 2 only
--no-tag
¶Clear tags associated with the security group. Specify both –tag and –no-tag to overwrite current tags
Network version 2 only
group
¶Security group to modify (name or ID)
This command is provided by the python-openstackclient plugin.
Display security group details
openstack security group show <group>
group
¶Security group to display (name or ID)
This command is provided by the python-openstackclient plugin.
Unset security group properties
openstack security group unset [--tag <tag> | --all-tag] <group>
--tag
<tag>
¶Tag to be removed from the security group (repeat option to remove multiple tags)
--all-tag
¶Clear all tags associated with the security group
group
¶Security group to modify (name or ID)
This command is provided by the python-openstackclient plugin.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.