Listing security group default rules
GET /v2.0/default-security-group-rules
List security group rules that are used for every newly created security group.
Source: https://docs.openstack.org/api-ref/network/v2/index.html#list-security-group-default-rules
Request
Parameters
Name | In | Type | Description |
---|---|---|---|
id (Optional)
|
query | string | Filter the list result by the ID of the resource. |
description (Optional) |
query | string | Filter the list result by the human-readable description of the resource. |
remote_group_id (Optional) |
query | string | Filter the security group rule list result by the ID of the remote group that associates with this security group rule. |
remote_address_group_id (Optional) |
query | string | Filter the security group rule list result by the ID of the remote address group that associates with this security group rule. |
direction (Optional) |
query | string | Filter the security group rule list result by the direction in which the security group rule is applied, which is ingress or egress . |
protocol (Optional) |
query | string | Filter the security group rule list result by the IP protocol. |
ethertype (Optional) |
query | string | Filter the security group rule list result by the Ethertype of network traffic. The value must be IPv4 or IPv6 . |
port_range_max (Optional) |
query | integer | Filter the security group rule list result by the maximum port number in the range that is matched by the security group rule. |
port_range_min (Optional) |
query | integer | Filter the security group rule list result by the minimum port number in the range that is matched by the security group rule. |
remote_ip_prefix (Optional) |
query | string | Filter the list result by the remote IP prefix that is matched by this security group rule. |
used_in_default_sg (Optional) |
query | boolean | Filter by security group rule templates which should be used in default security group created automatically for each new project. |
used_in_non_default_sg (Optional) |
query | boolean | Filter by security group rule templates which should be used in custom security groups created by project users. |
sort_dir (Optional) |
query | string | Sort direction. A valid value is asc (ascending) or desc
(descending). You can specify multiple pairs of sort key and
sort direction query parameters. |
sort_key (Optional) |
query | string |
Sorts by a security group attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:
|
fields (Optional) |
query | string | The fields that you want the server to return. If no fields query parameter is specified, the networking API returns all attributes allowed by the policy settings. By using the fields parameter, the API returns only the requested set of attributes. The fields parameter can be specified multiple times. For example, if you specify fields=id&fields=name in the request URL, only the id and name attributes will be returned. |
Example
# curl -ks -H 'Content-Type: application/json' -H 'X-Auth-Token: gAAAAA<...>' \ https://<node_IP_addr>:9696/v2.0/default-security-group-rules
Response
Parameters
Name | In | Type | Description |
---|---|---|---|
default_security_group_rules
|
body | array | A list of default_security_group_rule objects. |
id
|
body | string | The ID of the security group rule. |
description
|
body | string | A human-readable description for the resource. |
remote_group_id
|
body | string | The remote group UUID to associate with this security group rule. |
remote_address_group_id
|
body | string | The remote address group UUID that is associated with this security group rule. |
direction
|
body | string | Ingress or egress, which is the direction in which the security group rule is applied. |
protocol
|
body | string | The IP protocol represented by a string, an integer, or null . The string any (or integer 0 ) means all IP protocols. |
ethertype
|
body | string | Ethertype: IPv4 or IPv6. |
port_range_max
|
body | integer | The maximum port number in the range that is matched by the security group rule. |
port_range_min
|
body | integer | The minimum port number in the range that is matched by the security group rule. |
remote_ip_prefix
|
body | string | The remote IP prefix that is matched by this security group rule. |
used_in_default_sg
|
body | boolean | Indicates whether this security group rule template will be used in the default security group created automatically for each new project. |
used_in_non_default_sg
|
body | boolean | Indicates whether this security group rule template will be used in custom security groups created by a project user. |
Status codes
Success
Code | Reason |
---|---|
200 - OK
|
Request was successful. |
Error
Code | Reason |
---|---|
401 - Unauthorized
|
User must authenticate before making a request. |
Example
{ "default_security_group_rules": [ { "id": "016e6f70-c306-43d5-b386-8113e84b432f", "ethertype": "IPv4", "direction": "ingress", "protocol": null, "port_range_min": null, "port_range_max": null, "remote_ip_prefix": "0.0.0.0/0", "remote_address_group_id": null, "remote_group_id": null, "description": "Legacy default SG rule for ingress traffic", "used_in_default_sg": true, "used_in_non_default_sg": false }, { "id": "a7e08175-2486-40b0-8a1d-a766087e6923", "ethertype": "IPv6", "direction": "ingress", "protocol": null, "port_range_min": null, "port_range_max": null, "remote_ip_prefix": "::/0", "remote_address_group_id": null, "remote_group_id": null, "description": "Legacy default SG rule for ingress traffic", "used_in_default_sg": true, "used_in_non_default_sg": false } ] }