• Native OpenStack API

noa
  1. Help Center
  2. Native OpenStack API
  3. API Reference
  4. Nova
  5. Security groups
  6. Querying Security Groups

Querying Security Groups

Function Description

This interface is used to query security groups.

URI

  • URI format

    GET /v2/{tenant_id}/os-security-groups

    GET /v2.1/{tenant_id}/os-security-groups

  • Parameter description

    Parameter

    Mandatory

    Description

    tenant_id

    Yes

    Specifies the tenant or project ID.

NOTE:

Pagination query is not supported.

Restrictions

This interface will become invalid from micro version 2.36. Since this version, the system will return error 404 when you call this interface.

You are advised to use the desired network interface. For details, see section "Security Group (Native OpenStack API) > Querying Security Groups" in Virtual Private Network API Reference.

Request

N/A

Response

Parameter

Type

Mandatory

Description

security_groups

List

Yes

Specifies security groups. For details, see Table 1.

Table 1 security_group objects

Parameter

Type

Mandatory

Description

description

String

Yes

Specifies information about a security group. It is a string of 0 to 255 characters.

id

String

Yes

Specifies the security group ID in UUID format.

name

String

Yes

Specifies the security group name. It is a string of 0 to 255 characters.

rules

List

Yes

Specifies security group rules. For details, see Table 2.

tenant_id

String

Yes

Specifies the tenant or project ID.

Table 2 security_group_rule objects

Parameter

Type

Mandatory

Description

parent_group_id

String

Yes

Specifies the associated security group ID in UUID format.

ip_protocol

String

Yes

Specifies the protocol type or the IP protocol number. The value can be icmp, tcp, udp, or the IP protocol number.

from_port

Int

Yes

Specifies the start port number. The value ranges from 1 to 65,535 and cannot be greater than to_port.

When ip_protocol is icmp, this parameter indicates the ICMP type field with a length from 0 to 255 characters.

NOTE:

The ICMP message type is determined by the type field and code field in the packet. For details, see Appendix > ICMP-Port Range Relationship Table in the Virtual Private Cloud API Reference. port_range_min indicates the ICMP type field, and port_range_max indicates the ICMP code field.

to_port

Int

Yes

Specifies the stop port number. The value ranges from 1 to 65,535 and cannot be less than from_port.

When ip_protocol is icmp, this parameter indicates the ICMP code field with a length from 0 to 255 characters.

NOTE:

The ICMP message type is determined by the type field and code field in the packet. For details, see Appendix > ICMP-Port Range Relationship Table in the Virtual Private Cloud API Reference. port_range_min indicates the ICMP type field, and port_range_max indicates the ICMP code field.

ip_range

Dict

Yes

Specifies the peer IP segment in CIDR format. For details, see Table 3.

Specify either ip_range or group.

group

Dict

Yes

Specifies the name of the peer security group and the ID of the tenant in the peer security group. For details, see Table 4.

Specify either ip_range or group.

id

String

Yes

Specifies the security group rule ID in UUID format.

Table 3 ip_range objects

Parameter

Type

Mandatory

Remarks

cidr

String(255)

Yes

Specifies the peer IP segment in CIDR format.

Table 4 group objects

Parameter

Type

Mandatory

Description

tenant_id

String

Yes

Specifies the ID of the tenant of the peer security group.

name

String

Yes

Specifies the name of the peer security group.

Request Example

GET /v2/bb1118612ba64af3a6ea63a1bdcaa5ae/os-security-groups
GET /v2.1/bb1118612ba64af3a6ea63a1bdcaa5ae/os-security-groups

Response Example

{
    "security_groups": [
        {
            "rules": [
                {
                    "from_port": null,
                    "group": {
                        "tenant_id": "bb1118612ba64af3a6ea63a1bdcaa5ae",
                        "name": "default"
                    },
                    "ip_protocol": null,
                    "to_port": null,
                    "parent_group_id": "bc4ac1d1-dc77-4b7d-a97d-af86eb0dc450",
                    "ip_range": {},
                    "id": "bb3cc988-e06a-49f6-b668-600e8bf193ee"
                },
                {
                    "from_port": null,
                    "group": {
                        "tenant_id": "bb1118612ba64af3a6ea63a1bdcaa5ae",
                        "name": "default"
                    },
                    "ip_protocol": null,
                    "to_port": null,
                    "parent_group_id": "bc4ac1d1-dc77-4b7d-a97d-af86eb0dc450",
                    "ip_range": {},
                    "id": "f9371051-d7e1-4be4-8748-77b1e0913730"
                }
            ],
            "tenant_id": "bb1118612ba64af3a6ea63a1bdcaa5ae",
            "description": "default",
            "id": "bc4ac1d1-dc77-4b7d-a97d-af86eb0dc450",
            "name": "default"
        },
        {
            "rules": [
                {
                    "from_port": 200,
                    "group": {},
                    "ip_protocol": "tcp",
                    "to_port": 400,
                    "parent_group_id": "b3e4b615-a40f-4e1c-92af-2e0d382141d5",
                    "ip_range": {
                        "cidr": "0.0.0.0/0"
                    },
                    "id": "3330120d-bbd1-4a73-bda9-0196a84d5670"
                },
                {
                    "from_port": 201,
                    "group": {},
                    "ip_protocol": "tcp",
                    "to_port": 400,
                    "parent_group_id": "b3e4b615-a40f-4e1c-92af-2e0d382141d5",
                    "ip_range": {
                        "cidr": "0.0.0.0/0"
                    },
                    "id": "b550c9a6-970a-462d-984e-265e88020818"
                }
            ],
            "tenant_id": "bb1118612ba64af3a6ea63a1bdcaa5ae",
            "description": "desc-sg",
            "id": "b3e4b615-a40f-4e1c-92af-2e0d382141d5",
            "name": "test-sg"
        }
    ]
}

Returned Values

See General Request Returned Values.