Listing security group default rules

GET /v2.0/default-security-group-rules

List security group rules that are used for every newly created security group.

Source: https://docs.openstack.org/api-ref/network/v2/index.html#list-security-group-default-rules

Request

Parameters

Name	In	Type	Description
`id (Optional)`	query	string	Filter the list result by the ID of the resource.
`description` (Optional)	query	string	Filter the list result by the human-readable description of the resource.
`remote_group_id` (Optional)	query	string	Filter the security group rule list result by the ID of the remote group that associates with this security group rule.
`remote_address_group_id` (Optional)	query	string	Filter the security group rule list result by the ID of the remote address group that associates with this security group rule.
`direction` (Optional)	query	string	Filter the security group rule list result by the direction in which the security group rule is applied, which is `ingress` or `egress`.
`protocol` (Optional)	query	string	Filter the security group rule list result by the IP protocol.
`ethertype` (Optional)	query	string	Filter the security group rule list result by the Ethertype of network traffic. The value must be `IPv4` or `IPv6`.
`port_range_max` (Optional)	query	integer	Filter the security group rule list result by the maximum port number in the range that is matched by the security group rule.
`port_range_min` (Optional)	query	integer	Filter the security group rule list result by the minimum port number in the range that is matched by the security group rule.
`remote_ip_prefix` (Optional)	query	string	Filter the list result by the remote IP prefix that is matched by this security group rule.
`used_in_default_sg` (Optional)	query	boolean	Filter by security group rule templates which should be used in default security group created automatically for each new project.
`used_in_non_default_sg` (Optional)	query	boolean	Filter by security group rule templates which should be used in custom security groups created by project users.
`sort_dir` (Optional)	query	string	Sort direction. A valid value is `asc` (ascending) or `desc` (descending). You can specify multiple pairs of sort key and sort direction query parameters.
`sort_key` (Optional)	query	string	Sorts by a security group attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to: `direction` `ethertype` `id` `port_range_max` `port_range_min` `protocol` `remote_group_id` `remote_ip_prefix` `security_group_id` `tenant_id` `project_id`
`fields` (Optional)	query	string	The fields that you want the server to return. If no `fields` query parameter is specified, the networking API returns all attributes allowed by the policy settings. By using the `fields` parameter, the API returns only the requested set of attributes. The `fields` parameter can be specified multiple times. For example, if you specify `fields=id&fields=name` in the request URL, only the `id` and `name` attributes will be returned.

Example

# curl -ks -H 'Content-Type: application/json' -H 'X-Auth-Token: gAAAAA<...>' \
https://<node_IP_addr>:9696/v2.0/default-security-group-rules

Response

Parameters

Name	In	Type	Description
`default_security_group_rules`	body	array	A list of `default_security_group_rule` objects.
`id`	body	string	The ID of the security group rule.
`description`	body	string	A human-readable description for the resource.
`remote_group_id`	body	string	The remote group UUID to associate with this security group rule.
`remote_address_group_id`	body	string	The remote address group UUID that is associated with this security group rule.
`direction`	body	string	Ingress or egress, which is the direction in which the security group rule is applied.
`protocol`	body	string	The IP protocol represented by a string, an integer, or `null`. The string `any` (or integer `0`) means all IP protocols.
`ethertype`	body	string	Ethertype: IPv4 or IPv6.
`port_range_max`	body	integer	The maximum port number in the range that is matched by the security group rule.
`port_range_min`	body	integer	The minimum port number in the range that is matched by the security group rule.
`remote_ip_prefix`	body	string	The remote IP prefix that is matched by this security group rule.
`used_in_default_sg`	body	boolean	Indicates whether this security group rule template will be used in the default security group created automatically for each new project.
`used_in_non_default_sg`	body	boolean	Indicates whether this security group rule template will be used in custom security groups created by a project user.

Status codes

Success

Code	Reason
`200 - OK`	Request was successful.

Error

Code	Reason
`401 - Unauthorized`	User must authenticate before making a request.

Example

{
  "default_security_group_rules": [
    {
      "id": "016e6f70-c306-43d5-b386-8113e84b432f",
      "ethertype": "IPv4",
      "direction": "ingress",
      "protocol": null,
      "port_range_min": null,
      "port_range_max": null,
      "remote_ip_prefix": "0.0.0.0/0",
      "remote_address_group_id": null,
      "remote_group_id": null,
      "description": "Legacy default SG rule for ingress traffic",
      "used_in_default_sg": true,
      "used_in_non_default_sg": false
    },
    {
      "id": "a7e08175-2486-40b0-8a1d-a766087e6923",
      "ethertype": "IPv6",
      "direction": "ingress",
      "protocol": null,
      "port_range_min": null,
      "port_range_max": null,
      "remote_ip_prefix": "::/0",
      "remote_address_group_id": null,
      "remote_group_id": null,
      "description": "Legacy default SG rule for ingress traffic",
      "used_in_default_sg": true,
      "used_in_non_default_sg": false
    }
  ]
}