A security group acts as a virtual firewall for servers and other resources on a network. It is a container for security group rules which specify the network access rules.
Compute v2, Network v2
Create a new security group
openstack security group create
[--description <description>]
[--project <project>]
[--stateful | --stateless]
[--project-domain <project-domain>]
[--tag <tag> | --no-tag]
<name>
--description
<description>
¶Security group description
--project
<project>
¶Owner’s project (name or ID)
Network version 2 only
--stateful
¶Security group is stateful (Default)
--stateless
¶Security group is stateless
--project-domain
<project-domain>
¶Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
Network version 2 only
--tag
<tag>
¶Tag to be added to the security group (repeat option to set multiple tags)
Network version 2 only
--no-tag
¶No tags associated with the security group
Network version 2 only
name
¶New security group name
Delete security group(s)
openstack security group delete <group> [<group> ...]
group
¶Security group(s) to delete (name or ID)
List security groups
openstack security group list
[--sort-column SORT_COLUMN]
[--sort-ascending | --sort-descending]
[--project <project>]
[--project-domain <project-domain>]
[--tags <tag>[,<tag>,...]]
[--any-tags <tag>[,<tag>,...]]
[--not-tags <tag>[,<tag>,...]]
[--not-any-tags <tag>[,<tag>,...]]
[--all-projects]
--sort-column
SORT_COLUMN
¶specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated
--sort-ascending
¶sort the column(s) in ascending order
--sort-descending
¶sort the column(s) in descending order
--project
<project>
¶List security groups according to the project (name or ID)
Network version 2 only
--project-domain
<project-domain>
¶Domain the project belongs to (name or ID). This can be used in case collisions between project names exist.
Network version 2 only
List security group which have all given tag(s) (Comma-separated list of tags)
Network version 2 only
List security group which have any given tag(s) (Comma-separated list of tags)
Network version 2 only
Exclude security group which have all given tag(s) (Comma-separated list of tags)
Network version 2 only
Exclude security group which have any given tag(s) (Comma-separated list of tags)
Network version 2 only
--all-projects
¶Display information from all projects (admin only)
Compute version 2 only
Set security group properties
openstack security group set
[--name <new-name>]
[--description <description>]
[--stateful | --stateless]
[--tag <tag>]
[--no-tag]
<group>
--name
<new-name>
¶New security group name
--description
<description>
¶New security group description
--stateful
¶Security group is stateful (Default)
--stateless
¶Security group is stateless
--tag
<tag>
¶Tag to be added to the security group (repeat option to set multiple tags)
Network version 2 only
--no-tag
¶Clear tags associated with the security group. Specify both –tag and –no-tag to overwrite current tags
Network version 2 only
group
¶Security group to modify (name or ID)
Display security group details
openstack security group show <group>
group
¶Security group to display (name or ID)
Unset security group properties
openstack security group unset [--tag <tag> | --all-tag] <group>
--tag
<tag>
¶Tag to be removed from the security group (repeat option to remove multiple tags)
--all-tag
¶Clear all tags associated with the security group
group
¶Security group to modify (name or ID)
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.