• Native OpenStack API

noa
  1. Help Center
  2. Native OpenStack API
  3. API Reference
  4. Neutron
  5. Security Group
  6. Security Group API Overview

Security Group API Overview

Object Introduction

This interface is used to manage and perform operations on security groups and security group rules, including querying security groups and security group rules, creating a security group and security group rule, querying a security group and security group rule, deleting a security group and security group rule, and updating security groups.

Object Model

Table 1 Security Group object

Attribute

Mandatory

Type

CRUD

Default Value

Constraint

Description

id

Yes

Uuid-str

R

None

N/A

Specifies the security group ID.

This parameter is not mandatory when you query security groups.

tenant_id

No

String (255)

R

None

N/A

Specifies the project ID.

name

No

String (255)

CRU

None

The value of this parameter cannot be default when you create or update a security group.

Specifies the security group name.

description

No

String (255)

CRU

None

N/A

Provides supplementary information about the security group.

security_group_rules

No

List(security_group_rule)

R

None

N/A

Specifies the security group rule list. For details, see Table 2.

project_id

No

String (64)

R

N/A

N/A

Specifies the project ID of a resource.

created_at

No

String (64)

R

Automatically generated

N/A

Specifies the time when the resource was created.

updated_at

No

String (64)

R

Automatically generated

N/A

Specifies the time when the resource was updated.

Table 2 Security Group Rule object

Attribute

Mandatory

Type

CRUD

Default Value

Constraint

Description

id

Yes

Uuid-str

R

None

N/A

Specifies the security group rule ID.

This parameter is not mandatory when you query security group rules.

description

No

String (255)

CRU

None

N/A

Provides supplementary information about the security group rule.

security_group_id

No

Uuid-str

CR

None

N/A

Specifies the ID of the belonged security group.

remote_group_id

No

Uuid-str

CR

None

Either remote_group_id or remote_ip_prefix is used.

Specifies the peer ID of the belonged security group.

direction

No

String

CR

None

ingress/egress

Specifies the direction of the traffic for which the security group rule takes effect.

remote_ip_prefix

No

String (255)

CR

None

The value must be in CIDR format. Either remote_group_id or remote_ip_prefix is used.

Specifies the peer IP address segment.

protocol

No

String

CR

None

The value must be tcpudpicmp, or an IP protocol number.

Specifies the protocol type or the IP protocol number.

port_range_max

No

Int

CR

None

The value ranges from 1 to 65535. (The value ranges from 0 to 255 when it indicates the code.)

Specifies the maximum port number. When ICMP is used, the value is the ICMP code.

port_range_min

No

Int

CR

None

The value ranges from 1 to 65535. (The value ranges from 0 to 255 when it indicates the type.)

Specifies the minimum port number. If the ICMP protocol is used, this parameter indicates the ICMP type.

When the TCP or UDP protocol is used, both port_range_max and port_range_min must be specified, and the port_range_max value must be greater than the port_range_min value.

When the ICMP protocol is used, if you specify the ICMP code (port_range_max), you must also specify the ICMP type (port_range_min).

ethertype

No

String

CR

IPv4

IPv4/IPv6

Specifies the network type.

tenant_id

No

String (255)

R

None

N/A

Specifies the project ID.

project_id

No

String (64)

R

N/A

N/A

Specifies the project ID of a resource.

created_at

No

String (64)

R

Automatically generated

N/A

Specifies the time when the resource was created.

updated_at

No

String (64)

R

Automatically generated

N/A

Specifies the time when the resource was updated.