Listing security group rules

GET /v2.0/security-group-rules

List security group rules that the project has access.

Source: https://docs.openstack.org/api-ref/network/v2/index.html#list-security-group-rules

Request

Parameters

Name	In	Type	Description
`id (Optional)`	query	string	Filter the list result by the ID of the resource.
`tenant_id` (Optional)	query	string	Filter the list result by the ID of the project that owns the resource.
`project_id` (Optional)	query	string	Filter the list result by the ID of the project that owns the resource.
`revision_number` (Optional)	query	integer	Filter the list result by the revision number of the resource.
`description` (Optional)	query	string	Filter the list result by the human-readable description of the resource.
`remote_group_id` (Optional)	query	string	Filter the security group rule list result by the ID of the remote group that associates with this security group rule.
`remote_address_group_id` (Optional)	query	string	Filter the security group rule list result by the ID of the remote address group that associates with this security group rule.
`direction` (Optional)	query	string	Filter the security group rule list result by the direction in which the security group rule is applied, which is `ingress` or `egress`.
`protocol` (Optional)	query	string	Filter the security group rule list result by the IP protocol.
`ethertype` (Optional)	query	string	Filter the security group rule list result by the Ethertype of network traffic. The value must be `IPv4` or `IPv6`.
`port_range_max` (Optional)	query	integer	Filter the security group rule list result by the maximum port number in the range that is matched by the security group rule.
`security_group_id` (Optional)	query	string	Filter the security group rule list result by the ID of the security group that associates with this security group rule.
`port_range_min` (Optional)	query	integer	Filter the security group rule list result by the minimum port number in the range that is matched by the security group rule.
`remote_ip_prefix` (Optional)	query	string	Filter the list result by the remote IP prefix that is matched by this security group rule.
`sort_dir` (Optional)	query	string	Sort direction. A valid value is `asc` (ascending) or `desc` (descending). You can specify multiple pairs of sort key and sort direction query parameters.
`sort_key` (Optional)	query	string	Sorts by a security group attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to: `direction` `ethertype` `id` `port_range_max` `port_range_min` `protocol` `remote_group_id` `remote_ip_prefix` `security_group_id` `tenant_id` `project_id`
`fields` (Optional)	query	string	The fields that you want the server to return. If no `fields` query parameter is specified, the networking API returns all attributes allowed by the policy settings. By using the `fields` parameter, the API returns only the requested set of attributes. The `fields` parameter can be specified multiple times. For example, if you specify `fields=id&fields=name` in the request URL, only the `id` and `name` attributes will be returned.

Example

# curl -ks -H 'Content-Type: application/json' -H 'X-Auth-Token: gAAAAA<...>' \
https://<node_IP_addr>:9696/v2.0/security-group-rules

Response

Parameters

Name	In	Type	Description
`security_group_rules`	body	array	A list of `security_group_rule` objects.
`id`	body	string	The ID of the security group rule.
`tenant_id`	body	string	The ID of the project.
`project_id`	body	string	The ID of the project.
`created_at`	body	string	Time at which the resource has been created. The date and time stamp format is ISO 8601: CCYY-MM-DDThh:mm:ss±hh:mm For example, `2015-08-27T09:49:58-05:00`. The `±hh:mm` value, if included, is the time zone as an offset from UTC. In this example, the offset value is `-05:00`.
`updated_at`	body	string	Time at which the resource has been updated. If the resource has not been updated, this field will be `null`. The date and time stamp format is ISO 8601: CCYY-MM-DDThh:mm:ss±hh:mm For example, `2015-08-27T09:49:58-05:00`. The `±hh:mm` value, if included, is the time zone as an offset from UTC. In this example, the offset value is `-05:00`.
`revision_number`	body	integer	The revision number of the resource.
`description`	body	string	A human-readable description for the resource.
`remote_group_id`	body	string	The remote group UUID to associate with this security group rule.
`remote_address_group_id`	body	string	The remote address group UUID that is associated with this security group rule.
`direction`	body	string	Ingress or egress, which is the direction in which the security group rule is applied.
`protocol`	body	string	The IP protocol represented by a string, an integer, or `null`. The string `any` (or integer `0`) means all IP protocols.
`ethertype`	body	string	Ethertype: IPv4 or IPv6.
`port_range_max`	body	integer	The maximum port number in the range that is matched by the security group rule.
`security_group_id`	body	string	The security group ID that is associated with this security group rule.
`port_range_min`	body	integer	The minimum port number in the range that is matched by the security group rule.
`remote_ip_prefix`	body	string	The remote IP prefix that is matched by this security group rule.
`belongs_to_default_sg`	body	boolean	Indicates if the security group rule belongs to the default security group of the project or not.

Status codes

Success

Code	Reason
`200 - OK`	Request was successful.

Error

Code	Reason
`401 - Unauthorized`	User must authenticate before making a request.

Example

{
  "security_group_rules": [
    {
      "id": "0538209c-c68b-4b4f-96ee-a6ebadfc70b5",
      "tenant_id": "2a8efbce4ae540a2bb949b25719ccfbf",
      "security_group_id": "b51bba28-4097-45c9-b7b6-2c6547fdab9c",
      "ethertype": "IPv6",
      "direction": "ingress",
      "protocol": null,
      "port_range_min": null,
      "port_range_max": null,
      "remote_ip_prefix": "::/0",
      "remote_address_group_id": null,
      "normalized_cidr": "::/0",
      "remote_group_id": null,
      "description": null,
      "created_at": "2025-03-21T12:10:42Z",
      "updated_at": "2025-03-21T12:10:42Z",
      "revision_number": 0,
      "project_id": "2a8efbce4ae540a2bb949b25719ccfbf"
    },
    {
      "id": "484c08ff-4395-4de4-88a3-c2bec949edb0",
      "tenant_id": "2a8efbce4ae540a2bb949b25719ccfbf",
      "security_group_id": "b51bba28-4097-45c9-b7b6-2c6547fdab9c",
      "ethertype": "IPv4",
      "direction": "ingress",
      "protocol": null,
      "port_range_min": null,
      "port_range_max": null,
      "remote_ip_prefix": "0.0.0.0/0",
      "remote_address_group_id": null,
      "normalized_cidr": "0.0.0.0/0",
      "remote_group_id": null,
      "description": null,
      "created_at": "2025-03-21T12:10:42Z",
      "updated_at": "2025-03-21T12:10:42Z",
      "revision_number": 0,
      "project_id": "2a8efbce4ae540a2bb949b25719ccfbf"
    }
  ]
}