• Native OpenStack API

noa
  1. Help Center
  2. Native OpenStack API
  3. API Reference
  4. Neutron
  5. Security groups and rules
  6. Introduction

Introduction

Object

Manage and perform operations on security groups and security group rules, including querying security groups and security group rules, creating a security group and security group rule, querying a security group and security group rule, deleting a security group and security group rule, and updating security groups.

Object Model

Table 1 Security group object

Attribute

Type

CRUD

Default Value

Restriction

Description

id

Uuid-str

R

N/A

N/A

Specifies the security group ID.

tenant_id

String(255)

CR

N/A

N/A

Specifies the tenant ID. Only the administrator can specify tenant_id of other tenants.

name

String(255)

CRU

N/A

The value of this parameter cannot be default when you create or update a security group.

Specifies the security group name.

description

String(255)

CRU

N/A

N/A

Specifies information about a security group.

security_group_rules

List(security_group_rule)

R

N/A

N/A

Specifies the security group rule list. For details, see Table 2.

Table 2 Security group rule object

Attribute

Type

CRUD

Default Value

Restriction

Description

id

Uuid-str

R

N/A

N/A

Specifies the security group rule ID.

description

String(255)

CRU

N/A

N/A

Provides supplementary information about the security group rule.

security_group_id

Uuid-str

CR

N/A

N/A

Specifies the ID of the belonged security group.

remote_group_id

Uuid-str

CR

N/A

This parameter is alternative to remote_ip_prefix.

Specifies the peer ID of the belonged security group.

direction

String

CR

N/A

ingress/egress

Specifies the direction of the traffic for which the security group rule takes effect.

remote_ip_prefix

String(255)

CR

N/A

This parameter is alternative to remote_group_id, and its value is in CIDR format.

Specifies the peer IP address segment.

protocol

String

CR

N/A

The value must be tcp, udp, icmp, or an IP protocol number.

Specifies the protocol type or the IP protocol number.

port_range_max

Int

CR

N/A

The value ranges from 1 to 65535. (The value ranges from 0 to 255 when it indicates the code.)

Specifies the maximum port number. When ICMP is used, the value is the ICMP code.

port_range_min

Int

CR

N/A

The value ranges from 1 to 65535. (The value ranges from 0 to 255 when it indicates the type.)

Specifies the minimum port number. If the ICMP protocol is used, this parameter indicates the ICMP type.

When the TCP or UDP protocol is used, both port_range_max and port_range_min must be specified, and the port_range_max value must be greater than the port_range_min value.

When the ICMP protocol is used, if you specify the ICMP code (port_range_max), you must also specify the ICMP type (port_range_min).

ethertype

String

CR

IPv4

IPv4/IPv6

Specifies the network type.

Only IPv4 is supported.

tenant_id

String(255)

CR

N/A

N/A

Specifies the tenant ID. Only the administrator can specify tenant_id of other tenants.