CLI Client: Security Groups

Note

Red Cloud 2 is currently in beta testing and not available to all users. If you are not a Red Cloud 2 beta tester, use the production Red Cloud instead. This Red Cloud 2 documentation is still under development.

Beta testers: Report all problems to CAC Help. Please specify Red Cloud 2 when reporting problems. Thank you!

List Security Groups

openstack security group list

Create a Security Group

  • --description <group-description>: additional security group descriptions
openstack security group create <new-group-name>

Delete a Security Group

openstack security group delete <group-name-or-id>

Manage Your Security Group

Show Details about Your Security Group

openstack security group show <group-name-or-id>

Edit Details about Your Security Group

set can be used to change other attributes.

openstack security group set --name <new-name> <group-name-or-id>
openstack security group set --description <new-description> <group-name-or-id>

List current rules for your group

openstack security group rule list <group-name-or-id>

Show details about a specific rule

openstack security group rule show <rule-id>

Add a Security Group Rule

To make a proper security group rule, consider the following options:

  • --remote-ip <ip-address> or --remote-group <group-name-or-id>
    • --remote-ip: Apply to a certain IP range (CIDR notation).
    • --remote-group: Apply to another security group.
  • --description <rule-descriptions>: additional rule descriptions
  • --protocol <protocol>: TCP, UDP, ICMP, etc
  • --ingress or --egress
    • For TCP, UDP, ICMP, and unspecified protocol, choose if rule applies to incoming or outgoing network traffic.
  • --dst-port <port-range>
    • For TCP and UDP, choose the port ranges for this rule.
openstack security group rule create <group-name-or-id>

Delete a Security Group Rule

openstack security group rule delete <rule-id>