Listing security group rules

GET /v2.0/security-group-rules

List security group rules that the project has access.

Source: https://docs.openstack.org/api-ref/network/v2/index.html#list-security-group-rules

Request

Parameters

Name In Type Description
id (Optional) query string Filter the list result by the ID of the resource.
tenant_id (Optional) query string Filter the list result by the ID of the project that owns the resource.
project_id (Optional) query string Filter the list result by the ID of the project that owns the resource.
revision_number (Optional) query integer Filter the list result by the revision number of the resource.
description (Optional) query string Filter the list result by the human-readable description of the resource.
remote_group_id (Optional) query string Filter the security group rule list result by the ID of the remote group that associates with this security group rule.
remote_address_group_id (Optional) query string Filter the security group rule list result by the ID of the remote address group that associates with this security group rule.
direction (Optional) query string Filter the security group rule list result by the direction in which the security group rule is applied, which is ingress or egress.
protocol (Optional) query string Filter the security group rule list result by the IP protocol.
ethertype (Optional) query string Filter the security group rule list result by the Ethertype of network traffic. The value must be IPv4 or IPv6.
port_range_max (Optional) query integer Filter the security group rule list result by the maximum port number in the range that is matched by the security group rule.
security_group_id (Optional) query string Filter the security group rule list result by the ID of the security group that associates with this security group rule.
port_range_min (Optional) query integer Filter the security group rule list result by the minimum port number in the range that is matched by the security group rule.
remote_ip_prefix (Optional) query string Filter the list result by the remote IP prefix that is matched by this security group rule.
sort_dir (Optional) query string Sort direction. A valid value is asc (ascending) or desc (descending). You can specify multiple pairs of sort key and sort direction query parameters.
sort_key (Optional) query string

Sorts by a security group attribute. You can specify multiple pairs of sort key and sort direction query parameters. The sort keys are limited to:

  • direction
  • ethertype
  • id
  • port_range_max
  • port_range_min
  • protocol
  • remote_group_id
  • remote_ip_prefix
  • security_group_id
  • tenant_id
  • project_id
fields (Optional) query string The fields that you want the server to return. If no fields query parameter is specified, the networking API returns all attributes allowed by the policy settings. By using the fields parameter, the API returns only the requested set of attributes. The fields parameter can be specified multiple times. For example, if you specify fields=id&fields=name in the request URL, only the id and name attributes will be returned.

Example

# curl -ks -H 'Content-Type: application/json' -H 'X-Auth-Token: gAAAAA<...>' \
https://<node_IP_addr>:9696/v2.0/security-group-rules

Response

Parameters

Name In Type Description
security_group_rules body array A list of security_group_rule objects.
id body string The ID of the security group rule.
tenant_id body string The ID of the project.
project_id body string The ID of the project.
created_at body string

Time at which the resource has been created.

The date and time stamp format is ISO 8601:

CCYY-MM-DDThh:mm:ss±hh:mm

For example, 2015-08-27T09:49:58-05:00.

The ±hh:mm value, if included, is the time zone as an offset from UTC. In this example, the offset value is -05:00.

updated_at body string

Time at which the resource has been updated. If the resource has not been updated, this field will be null.

The date and time stamp format is ISO 8601:

CCYY-MM-DDThh:mm:ss±hh:mm

For example, 2015-08-27T09:49:58-05:00.

The ±hh:mm value, if included, is the time zone as an offset from UTC. In this example, the offset value is -05:00.

revision_number body integer The revision number of the resource.
description body string A human-readable description for the resource.
remote_group_id body string The remote group UUID to associate with this security group rule.
remote_address_group_id body string The remote address group UUID that is associated with this security group rule.
direction body string Ingress or egress, which is the direction in which the security group rule is applied.
protocol body string The IP protocol represented by a string, an integer, or null. The string any (or integer 0) means all IP protocols.
ethertype body string Ethertype: IPv4 or IPv6.
port_range_max body integer The maximum port number in the range that is matched by the security group rule.
security_group_id body string The security group ID that is associated with this security group rule.
port_range_min body integer The minimum port number in the range that is matched by the security group rule.
remote_ip_prefix body string The remote IP prefix that is matched by this security group rule.
belongs_to_default_sg body boolean Indicates if the security group rule belongs to the default security group of the project or not.

Status codes

Success

Code Reason
200 - OK Request was successful.

Error

Code Reason
401 - Unauthorized

User must authenticate before making a request.

Example

{
  "security_group_rules": [
    {
      "id": "0538209c-c68b-4b4f-96ee-a6ebadfc70b5",
      "tenant_id": "2a8efbce4ae540a2bb949b25719ccfbf",
      "security_group_id": "b51bba28-4097-45c9-b7b6-2c6547fdab9c",
      "ethertype": "IPv6",
      "direction": "ingress",
      "protocol": null,
      "port_range_min": null,
      "port_range_max": null,
      "remote_ip_prefix": "::/0",
      "remote_address_group_id": null,
      "normalized_cidr": "::/0",
      "remote_group_id": null,
      "description": null,
      "created_at": "2025-03-21T12:10:42Z",
      "updated_at": "2025-03-21T12:10:42Z",
      "revision_number": 0,
      "project_id": "2a8efbce4ae540a2bb949b25719ccfbf"
    },
    {
      "id": "484c08ff-4395-4de4-88a3-c2bec949edb0",
      "tenant_id": "2a8efbce4ae540a2bb949b25719ccfbf",
      "security_group_id": "b51bba28-4097-45c9-b7b6-2c6547fdab9c",
      "ethertype": "IPv4",
      "direction": "ingress",
      "protocol": null,
      "port_range_min": null,
      "port_range_max": null,
      "remote_ip_prefix": "0.0.0.0/0",
      "remote_address_group_id": null,
      "normalized_cidr": "0.0.0.0/0",
      "remote_group_id": null,
      "description": null,
      "created_at": "2025-03-21T12:10:42Z",
      "updated_at": "2025-03-21T12:10:42Z",
      "revision_number": 0,
      "project_id": "2a8efbce4ae540a2bb949b25719ccfbf"
    }
  ]
}