Creating and deleting security groups
Limitations
- You cannot delete the default security group.
- You cannot delete a security group if it is assigned to a VM.
To create a security group
Admin panel
- On the Compute > Network > Security groups tab, click Add security group.
-
In the Add security group window, specify a name and description for the group, and then click Add.
A description should not contain any personally identifiable information or sensitive business data.
By default, the new security group will deny all incoming traffic and allow only outgoing traffic to assigned virtual machines.
Command-line interface
Use the following command:
vinfra service compute security-group create [--description <description>]
<name>
--description <description>-
Security group description
A description should not contain any personally identifiable information or sensitive business data.
<name>- Security group name
For example, to create a security group mygroup, run:
# vinfra service compute security-group create mygroup +----------------------+---------------------------------------------------+ | Field | Value | +----------------------+---------------------------------------------------+ | description | | | id | 12e6b260-0b61-4551-8168-3e59602a2433 | | name | mygroup | | project_id | e215189c0472482f93e71d10e1245253 | | security_group_rules | - description: null | | | direction: egress | | | ethertype: IPv4 | | | id: ce854e2b-537f-4618-bea9-e9ec3d8616ac | | | port_range_max: null | | | port_range_min: null | | | project_id: e215189c0472482f93e71d10e1245253 | | | protocol: null | | | remote_group_id: null | | | remote_ip_prefix: null | | | security_group_id: 12e6b260-0b61-4551-8168<...> | | | - description: null | | | direction: egress | | | ethertype: IPv6 | | | id: a7c65861-df3d-47f2-bec3-089747141936 | | | port_range_max: null | | | port_range_min: null | | | project_id: e215189c0472482f93e71d10e1245253 | | | protocol: null | | | remote_group_id: null | | | remote_ip_prefix: null | | | security_group_id: 12e6b260-0b61-4551-8168<...> | | tags | [] | +----------------------+---------------------------------------------------+
The created security group will appear in the vinfra service compute security-group list output:
# vinfra service compute security-group list -c id -c name +--------------------------------------+---------+ | id | name | +--------------------------------------+---------+ | 062f75cf-abc0-419d-bb1a-92989ad9383f | default | | 12e6b260-0b61-4551-8168-3e59602a2433 | mygroup | +--------------------------------------+---------+
To delete a security group
Admin panel
- On the Compute > Network > Security groups tab, click the required security group.
- On the group right pane, click Delete.
- Click Delete in the confirmation window.
Command-line interface
Use the following command:
vinfra service compute security-group delete <security-group>
<security-group>- Security group name or ID
For example, to delete the security group mygroup, run:
# vinfra service compute security-group delete mygroup
See also
What's next