Chapter 56. security
This chapter describes the commands under the security
command.
56.1. security group create
Create a new security group
Usage:
openstack security group create [-h] [-f {json,shell,table,value,yaml}] [-c COLUMN] [--max-width <integer>] [--fit-width] [--print-empty] [--noindent] [--prefix PREFIX] [--description <description>] [--project <project>] [--project-domain <project-domain>] <name>
Table 56.1. Table Formatter
Value | Summary |
---|---|
--print-empty | Print empty table if there is no data to show. |
--max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
--fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
Table 56.2. Positional Arguments
Value | Summary |
---|---|
<name> | New security group name |
Table 56.3. Output Formatters
Value | Summary |
---|---|
output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml} | The output format, defaults to table |
-c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
Table 56.4. JSON Formatter
Value | Summary |
---|---|
--noindent | Whether to disable indenting the json |
Table 56.5. Optional Arguments
Value | Summary |
---|---|
-h, --help | Show this help message and exit |
--description <description> | Security group description |
--project <project> | Owner’s project (name or id) |
--project-domain <project-domain> | Domain the project belongs to (name or id). this can be used in case collisions between project names exist. |
Table 56.6. Shell Formatter
Value | Summary |
---|---|
a format a UNIX shell can parse (variable="value")--prefix PREFIX | Add a prefix to all variable names |
56.2. security group delete
Delete security group(s)
Usage:
openstack security group delete [-h] <group> [<group> ...]
Table 56.7. Positional Arguments
Value | Summary |
---|---|
<group> | Security group(s) to delete (name or id) |
Table 56.8. Optional Arguments
Value | Summary |
---|---|
-h, --help | Show this help message and exit |
56.3. security group list
List security groups
Usage:
openstack security group list [-h] [-f {csv,json,table,value,yaml}] [-c COLUMN] [--max-width <integer>] [--fit-width] [--print-empty] [--noindent] [--quote {all,minimal,none,nonnumeric}] [--sort-column SORT_COLUMN] [--project <project>] [--project-domain <project-domain>]
Table 56.9. Table Formatter
Value | Summary |
---|---|
--print-empty | Print empty table if there is no data to show. |
--max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
--fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
Table 56.10. CSV Formatter
Value | Summary |
---|---|
--quote {all,minimal,none,nonnumeric} | When to include quotes, defaults to nonnumeric |
Table 56.11. Output Formatters
Value | Summary |
---|---|
output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml} | The output format, defaults to table |
-c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
--sort-column SORT_COLUMN | Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated |
Table 56.12. JSON Formatter
Value | Summary |
---|---|
--noindent | Whether to disable indenting the json |
Table 56.13. Optional Arguments
Value | Summary |
---|---|
-h, --help | Show this help message and exit |
--project <project> | List security groups according to the project (name or ID) |
--project-domain <project-domain> | Domain the project belongs to (name or id). this can be used in case collisions between project names exist. |
56.4. security group rule create
Create a new security group rule
Usage:
openstack security group rule create [-h] [-f {json,shell,table,value,yaml}] [-c COLUMN] [--max-width <integer>] [--fit-width] [--print-empty] [--noindent] [--prefix PREFIX] [--remote-ip <ip-address> | --remote-group <group>] [--description <description>] [--dst-port <port-range>] [--icmp-type <icmp-type>] [--icmp-code <icmp-code>] [--protocol <protocol>] [--ingress | --egress] [--ethertype <ethertype>] [--project <project>] [--project-domain <project-domain>] <group>
Table 56.14. Table Formatter
Value | Summary |
---|---|
--print-empty | Print empty table if there is no data to show. |
--max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
--fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
Table 56.15. Positional Arguments
Value | Summary |
---|---|
<group> | Create rule in this security group (name or id) |
Table 56.16. Output Formatters
Value | Summary |
---|---|
output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml} | The output format, defaults to table |
-c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
Table 56.17. JSON Formatter
Value | Summary |
---|---|
--noindent | Whether to disable indenting the json |
Table 56.18. Optional Arguments
Value | Summary |
---|---|
--remote-ip <ip-address> | Remote ip address block (may use cidr notation; default for IPv4 rule: 0.0.0.0/0) |
--remote-group <group> | Remote security group (name or id) |
--icmp-type <icmp-type> | Icmp type for icmp ip protocols |
--icmp-code <icmp-code> | Icmp code for icmp ip protocols |
--ethertype <ethertype> | Ethertype of network traffic (ipv4, ipv6; default: based on IP protocol) |
--ingress | Rule applies to incoming network traffic (default) |
--project-domain <project-domain> | Domain the project belongs to (name or id). this can be used in case collisions between project names exist. |
--protocol <protocol> | Ip protocol (ah, dccp, egp, esp, gre, icmp, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255] or any; default: tcp) |
--dst-port <port-range> | Destination port, may be a single port or a starting and ending port range: 137:139. Required for IP protocols TCP and UDP. Ignored for ICMP IP protocols. |
-h, --help | Show this help message and exit |
--description <description> | Set security group rule description |
--project <project> | Owner’s project (name or id) |
--egress | Rule applies to outgoing network traffic |
Table 56.19. Shell Formatter
Value | Summary |
---|---|
a format a UNIX shell can parse (variable="value")--prefix PREFIX | Add a prefix to all variable names |
56.5. security group rule delete
Delete security group rule(s)
Usage:
openstack security group rule delete [-h] <rule> [<rule> ...]
Table 56.20. Positional Arguments
Value | Summary |
---|---|
<rule> | Security group rule(s) to delete (id only) |
Table 56.21. Optional Arguments
Value | Summary |
---|---|
-h, --help | Show this help message and exit |
56.6. security group rule list
List security group rules
Usage:
openstack security group rule list [-h] [-f {csv,json,table,value,yaml}] [-c COLUMN] [--max-width <integer>] [--fit-width] [--print-empty] [--noindent] [--quote {all,minimal,none,nonnumeric}] [--sort-column SORT_COLUMN] [--protocol <protocol>] [--ingress | --egress] [--long] [<group>]
Table 56.22. Table Formatter
Value | Summary |
---|---|
--print-empty | Print empty table if there is no data to show. |
--max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
--fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
Table 56.23. Positional Arguments
Value | Summary |
---|---|
<group> | List all rules in this security group (name or id) |
Table 56.24. CSV Formatter
Value | Summary |
---|---|
--quote {all,minimal,none,nonnumeric} | When to include quotes, defaults to nonnumeric |
Table 56.25. Output Formatters
Value | Summary |
---|---|
output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml} | The output format, defaults to table |
-c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
--sort-column SORT_COLUMN | Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated |
Table 56.26. JSON Formatter
Value | Summary |
---|---|
--noindent | Whether to disable indenting the json |
Table 56.27. Optional Arguments
Value | Summary |
---|---|
--protocol <protocol> | List rules by the ip protocol (ah, dhcp, egp, esp, gre, icmp, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255]). |
-h, --help | Show this help message and exit |
--long | List additional fields in output |
--ingress | List rules applied to incoming network traffic |
--egress | List rules applied to outgoing network traffic |
56.7. security group rule show
Display security group rule details
Usage:
openstack security group rule show [-h] [-f {json,shell,table,value,yaml}] [-c COLUMN] [--max-width <integer>] [--fit-width] [--print-empty] [--noindent] [--prefix PREFIX] <rule>
Table 56.28. Table Formatter
Value | Summary |
---|---|
--print-empty | Print empty table if there is no data to show. |
--max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
--fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
Table 56.29. Positional Arguments
Value | Summary |
---|---|
<rule> | Security group rule to display (id only) |
Table 56.30. Output Formatters
Value | Summary |
---|---|
output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml} | The output format, defaults to table |
-c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
Table 56.31. JSON Formatter
Value | Summary |
---|---|
--noindent | Whether to disable indenting the json |
Table 56.32. Optional Arguments
Value | Summary |
---|---|
-h, --help | Show this help message and exit |
Table 56.33. Shell Formatter
Value | Summary |
---|---|
a format a UNIX shell can parse (variable="value")--prefix PREFIX | Add a prefix to all variable names |
56.8. security group set
Set security group properties
Usage:
openstack security group set [-h] [--name <new-name>] [--description <description>] <group>
Table 56.34. Positional Arguments
Value | Summary |
---|---|
<group> | Security group to modify (name or id) |
Table 56.35. Optional Arguments
Value | Summary |
---|---|
-h, --help | Show this help message and exit |
--description <description> | New security group description |
--name <new-name> | New security group name |
56.9. security group show
Display security group details
Usage:
openstack security group show [-h] [-f {json,shell,table,value,yaml}] [-c COLUMN] [--max-width <integer>] [--fit-width] [--print-empty] [--noindent] [--prefix PREFIX] <group>
Table 56.36. Table Formatter
Value | Summary |
---|---|
--print-empty | Print empty table if there is no data to show. |
--max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
--fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
Table 56.37. Positional Arguments
Value | Summary |
---|---|
<group> | Security group to display (name or id) |
Table 56.38. Output Formatters
Value | Summary |
---|---|
output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml} | The output format, defaults to table |
-c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
Table 56.39. JSON Formatter
Value | Summary |
---|---|
--noindent | Whether to disable indenting the json |
Table 56.40. Optional Arguments
Value | Summary |
---|---|
-h, --help | Show this help message and exit |
Table 56.41. Shell Formatter
Value | Summary |
---|---|
a format a UNIX shell can parse (variable="value")--prefix PREFIX | Add a prefix to all variable names |