vinfra service compute security-group rule create
Create a security group rule:
usage: vinfra service compute security-group rule create [--remote-group <remote-group>] [--remote-ip <ip-address>] [--ethertype <ethertype>] [--protocol <protocol>] [--port-range-max <port-range-max>] [--port-range-min <port-range-min>] (--ingress | --egress) <security-group>
--remote-group <remote-group>
- Remote security group name or ID
--remote-ip <ip-address>
- Remote IP address block in CIDR notation
--ethertype <ethertype>
- Ethertype of network traffic:
IPv4
orIPv6
--protocol <protocol>
- IP protocol:
tcp
,udp
,icmp
,vrrp
and others --port-range-max <port-range-max>
- The maximum port number in the port range that satisfies the security group rule
--port-range-min <port-range-min>
- The minimum port number in the port range that satisfies the security group rule
--ingress
- Rule for incoming network traffic
--egress
- Rule for outgoing network traffic
<security-group>
- Security group name or ID to create the rule in
Example:
# vinfra service compute security-group rule create mygroup \ --ethertype IPv4 --protocol tcp --port-range-max 22 \ --port-range-min 22 --ingress +-------------------+--------------------------------------+ | Field | Value | +-------------------+--------------------------------------+ | description | | | direction | ingress | | ethertype | IPv4 | | id | 0f395e2f-a8ab-47f4-b670-64399461393c | | port_range_max | 22 | | port_range_min | 22 | | project_id | e215189c0472482f93e71d10e1245253 | | protocol | tcp | | remote_group_id | | | remote_ip_prefix | | | security_group_id | 12e6b260-0b61-4551-8168-3e59602a2433 | +-------------------+--------------------------------------+
This command creates a rule in the security group mygroup
to allow incoming IPv4 network traffic on TCP port 22.