openstack.networking.SecGroupRule
Explore with Pulumi AI
Manages a V2 neutron security group rule resource within OpenStack. Unlike Nova security groups, neutron separates the group from the rules and also allows an admin to target a specific tenant_id.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";
const secgroup1 = new openstack.networking.SecGroup("secgroup_1", {
name: "secgroup_1",
description: "My neutron security group",
});
const secgroupRule1 = new openstack.networking.SecGroupRule("secgroup_rule_1", {
direction: "ingress",
ethertype: "IPv4",
protocol: "tcp",
portRangeMin: 22,
portRangeMax: 22,
remoteIpPrefix: "0.0.0.0/0",
securityGroupId: secgroup1.id,
});
import pulumi
import pulumi_openstack as openstack
secgroup1 = openstack.networking.SecGroup("secgroup_1",
name="secgroup_1",
description="My neutron security group")
secgroup_rule1 = openstack.networking.SecGroupRule("secgroup_rule_1",
direction="ingress",
ethertype="IPv4",
protocol="tcp",
port_range_min=22,
port_range_max=22,
remote_ip_prefix="0.0.0.0/0",
security_group_id=secgroup1.id)
package main
import (
"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/networking"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
secgroup1, err := networking.NewSecGroup(ctx, "secgroup_1", &networking.SecGroupArgs{
Name: pulumi.String("secgroup_1"),
Description: pulumi.String("My neutron security group"),
})
if err != nil {
return err
}
_, err = networking.NewSecGroupRule(ctx, "secgroup_rule_1", &networking.SecGroupRuleArgs{
Direction: pulumi.String("ingress"),
Ethertype: pulumi.String("IPv4"),
Protocol: pulumi.String("tcp"),
PortRangeMin: pulumi.Int(22),
PortRangeMax: pulumi.Int(22),
RemoteIpPrefix: pulumi.String("0.0.0.0/0"),
SecurityGroupId: secgroup1.ID(),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using OpenStack = Pulumi.OpenStack;
return await Deployment.RunAsync(() =>
{
var secgroup1 = new OpenStack.Networking.SecGroup("secgroup_1", new()
{
Name = "secgroup_1",
Description = "My neutron security group",
});
var secgroupRule1 = new OpenStack.Networking.SecGroupRule("secgroup_rule_1", new()
{
Direction = "ingress",
Ethertype = "IPv4",
Protocol = "tcp",
PortRangeMin = 22,
PortRangeMax = 22,
RemoteIpPrefix = "0.0.0.0/0",
SecurityGroupId = secgroup1.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.networking.SecGroup;
import com.pulumi.openstack.networking.SecGroupArgs;
import com.pulumi.openstack.networking.SecGroupRule;
import com.pulumi.openstack.networking.SecGroupRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var secgroup1 = new SecGroup("secgroup1", SecGroupArgs.builder()
.name("secgroup_1")
.description("My neutron security group")
.build());
var secgroupRule1 = new SecGroupRule("secgroupRule1", SecGroupRuleArgs.builder()
.direction("ingress")
.ethertype("IPv4")
.protocol("tcp")
.portRangeMin(22)
.portRangeMax(22)
.remoteIpPrefix("0.0.0.0/0")
.securityGroupId(secgroup1.id())
.build());
}
}
resources:
secgroup1:
type: openstack:networking:SecGroup
name: secgroup_1
properties:
name: secgroup_1
description: My neutron security group
secgroupRule1:
type: openstack:networking:SecGroupRule
name: secgroup_rule_1
properties:
direction: ingress
ethertype: IPv4
protocol: tcp
portRangeMin: 22
portRangeMax: 22
remoteIpPrefix: 0.0.0.0/0
securityGroupId: ${secgroup1.id}
Note: To expose the full port-range 1:65535, use
0
forport_range_min
andport_range_max
.
Create SecGroupRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SecGroupRule(name: string, args: SecGroupRuleArgs, opts?: CustomResourceOptions);
@overload
def SecGroupRule(resource_name: str,
args: SecGroupRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SecGroupRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
direction: Optional[str] = None,
ethertype: Optional[str] = None,
security_group_id: Optional[str] = None,
description: Optional[str] = None,
port_range_max: Optional[int] = None,
port_range_min: Optional[int] = None,
protocol: Optional[str] = None,
region: Optional[str] = None,
remote_group_id: Optional[str] = None,
remote_ip_prefix: Optional[str] = None,
tenant_id: Optional[str] = None)
func NewSecGroupRule(ctx *Context, name string, args SecGroupRuleArgs, opts ...ResourceOption) (*SecGroupRule, error)
public SecGroupRule(string name, SecGroupRuleArgs args, CustomResourceOptions? opts = null)
public SecGroupRule(String name, SecGroupRuleArgs args)
public SecGroupRule(String name, SecGroupRuleArgs args, CustomResourceOptions options)
type: openstack:networking:SecGroupRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecGroupRuleArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name
This property is required. str - The unique name of the resource.
- args
This property is required. SecGroupRuleArgs - The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecGroupRuleArgs - The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name
This property is required. string - The unique name of the resource.
- args
This property is required. SecGroupRuleArgs - The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name
This property is required. String - The unique name of the resource.
- args
This property is required. SecGroupRuleArgs - The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var secGroupRuleResource = new OpenStack.Networking.SecGroupRule("secGroupRuleResource", new()
{
Direction = "string",
Ethertype = "string",
SecurityGroupId = "string",
Description = "string",
PortRangeMax = 0,
PortRangeMin = 0,
Protocol = "string",
Region = "string",
RemoteGroupId = "string",
RemoteIpPrefix = "string",
TenantId = "string",
});
example, err := networking.NewSecGroupRule(ctx, "secGroupRuleResource", &networking.SecGroupRuleArgs{
Direction: pulumi.String("string"),
Ethertype: pulumi.String("string"),
SecurityGroupId: pulumi.String("string"),
Description: pulumi.String("string"),
PortRangeMax: pulumi.Int(0),
PortRangeMin: pulumi.Int(0),
Protocol: pulumi.String("string"),
Region: pulumi.String("string"),
RemoteGroupId: pulumi.String("string"),
RemoteIpPrefix: pulumi.String("string"),
TenantId: pulumi.String("string"),
})
var secGroupRuleResource = new SecGroupRule("secGroupRuleResource", SecGroupRuleArgs.builder()
.direction("string")
.ethertype("string")
.securityGroupId("string")
.description("string")
.portRangeMax(0)
.portRangeMin(0)
.protocol("string")
.region("string")
.remoteGroupId("string")
.remoteIpPrefix("string")
.tenantId("string")
.build());
sec_group_rule_resource = openstack.networking.SecGroupRule("secGroupRuleResource",
direction="string",
ethertype="string",
security_group_id="string",
description="string",
port_range_max=0,
port_range_min=0,
protocol="string",
region="string",
remote_group_id="string",
remote_ip_prefix="string",
tenant_id="string")
const secGroupRuleResource = new openstack.networking.SecGroupRule("secGroupRuleResource", {
direction: "string",
ethertype: "string",
securityGroupId: "string",
description: "string",
portRangeMax: 0,
portRangeMin: 0,
protocol: "string",
region: "string",
remoteGroupId: "string",
remoteIpPrefix: "string",
tenantId: "string",
});
type: openstack:networking:SecGroupRule
properties:
description: string
direction: string
ethertype: string
portRangeMax: 0
portRangeMin: 0
protocol: string
region: string
remoteGroupId: string
remoteIpPrefix: string
securityGroupId: string
tenantId: string
SecGroupRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The SecGroupRule resource accepts the following input properties:
- Direction
This property is required. Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- Ethertype
This property is required. Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- Security
Group Id This property is required. Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- Description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- Port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- Port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- Protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- Region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - Remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- Remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- Tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- Direction
This property is required. Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- Ethertype
This property is required. Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- Security
Group Id This property is required. Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- Description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- Port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- Port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- Protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- Region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - Remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- Remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- Tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- direction
This property is required. Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype
This property is required. Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- security
Group Id This property is required. Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- direction
This property is required. Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype
This property is required. Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- security
Group Id This property is required. Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- direction
This property is required. Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype
This property is required. Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- security_
group_ id This property is required. Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- port_
range_ max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- port_
range_ min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - remote_
group_ id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- remote_
ip_ prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- tenant_
id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- direction
This property is required. Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype
This property is required. Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- security
Group Id This property is required. Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
Outputs
All input properties are implicitly available as output properties. Additionally, the SecGroupRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing SecGroupRule Resource
Get an existing SecGroupRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SecGroupRuleState, opts?: CustomResourceOptions): SecGroupRule
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
direction: Optional[str] = None,
ethertype: Optional[str] = None,
port_range_max: Optional[int] = None,
port_range_min: Optional[int] = None,
protocol: Optional[str] = None,
region: Optional[str] = None,
remote_group_id: Optional[str] = None,
remote_ip_prefix: Optional[str] = None,
security_group_id: Optional[str] = None,
tenant_id: Optional[str] = None) -> SecGroupRule
func GetSecGroupRule(ctx *Context, name string, id IDInput, state *SecGroupRuleState, opts ...ResourceOption) (*SecGroupRule, error)
public static SecGroupRule Get(string name, Input<string> id, SecGroupRuleState? state, CustomResourceOptions? opts = null)
public static SecGroupRule get(String name, Output<String> id, SecGroupRuleState state, CustomResourceOptions options)
resources: _: type: openstack:networking:SecGroupRule get: id: ${id}
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
This property is required. - The unique name of the resulting resource.
- id
This property is required. - The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- Direction
Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- Ethertype
Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- Port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- Port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- Protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- Region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - Remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- Remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- Security
Group Id Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- Tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- Description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- Direction
Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- Ethertype
Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- Port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- Port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- Protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- Region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - Remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- Remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- Security
Group Id Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- Tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- direction
Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype
Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- security
Group Id Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- direction
Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype
Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- security
Group Id Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- direction
Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype
Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- port_
range_ max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- port_
range_ min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - remote_
group_ id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- remote_
ip_ prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- security_
group_ id Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- tenant_
id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
- description
Changes to this property will trigger replacement.
- A description of the rule. Changing this creates a new security group rule.
- direction
Changes to this property will trigger replacement.
- The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
- ethertype
Changes to this property will trigger replacement.
- The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
- port
Range Max Changes to this property will trigger replacement.
- The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- port
Range Min Changes to this property will trigger replacement.
- The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
- protocol
Changes to this property will trigger replacement.
- The layer 4 protocol type, valid values are
following. Changing this creates a new security group rule. This is required
if you want to specify a port range.
- empty string or omitted (any protocol)
- integer value between 0 and 255 (valid IP protocol number)
- tcp
- udp
- icmp
- ah
- dccp
- egp
- esp
- gre
- igmp
- ipv6-encap
- ipv6-frag
- ipv6-icmp
- ipv6-nonxt
- ipv6-opts
- ipv6-route
- ospf
- pgm
- rsvp
- sctp
- udplite
- vrrp
- ipip
- region
Changes to this property will trigger replacement.
- The region in which to obtain the V2 networking client.
A networking client is needed to create a port. If omitted, the
region
argument of the provider is used. Changing this creates a new security group rule. - remote
Group Id Changes to this property will trigger replacement.
- The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- remote
Ip Prefix Changes to this property will trigger replacement.
- The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
- security
Group Id Changes to this property will trigger replacement.
- The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
- tenant
Id Changes to this property will trigger replacement.
- The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
Import
Security Group Rules can be imported using the id
, e.g.
$ pulumi import openstack:networking/secGroupRule:SecGroupRule secgroup_rule_1 aeb68ee3-6e9d-4256-955c-9584a6212745
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- OpenStack pulumi/pulumi-openstack
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
openstack
Terraform Provider.