Hello,
I'm looking for any way to change default security group rules. For example, if I'll create new project, it will have specified rules in default security group.
I've found nova commands like secgroup-add-default-rule, secgroup-delete-default-rule, secgroup-list-default-rules but its all deprecated.
I would be grateful for any help.
if you login to the project and open the projects default security group, you can edit that and each machine deploy on that project will use that default if no other is specified.
The commands are as follows:
openstack security group list
openstack security group create --project <project> --project-domain <project-domain> <name>
openstack security group rule create --protocol <tcp/udp> --dst-port <start:end> \
--src-address <CIDR> <security group name/ID>
openstack security group rule delete <rule ID>
openstack security group delete <group name/ID>
There are other commands that are also useful and can be found by entering the openstack command environment and issuing the help command.
bcollins, thanks for the answer, but I need to set rules for all future projects before creating them. In Your method, I need to set it separately for each project.
i have the same need. is there a way to define a default set of security groups which are automatic added to future tenants?
Asked: 2017-03-03 06:41:28 -0500
Seen: 2,007 times
Last updated: Mar 03 '17
