1. Packages
  2. Openstack Provider
  3. API Docs
  4. networking
  5. SecGroupRule
OpenStack v5.0.3 published on Wednesday, Feb 12, 2025 by Pulumi

openstack.networking.SecGroupRule

Explore with Pulumi AI

Manages a V2 neutron security group rule resource within OpenStack. Unlike Nova security groups, neutron separates the group from the rules and also allows an admin to target a specific tenant_id.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const secgroup1 = new openstack.networking.SecGroup("secgroup_1", {
    name: "secgroup_1",
    description: "My neutron security group",
});
const secgroupRule1 = new openstack.networking.SecGroupRule("secgroup_rule_1", {
    direction: "ingress",
    ethertype: "IPv4",
    protocol: "tcp",
    portRangeMin: 22,
    portRangeMax: 22,
    remoteIpPrefix: "0.0.0.0/0",
    securityGroupId: secgroup1.id,
});
Copy
import pulumi
import pulumi_openstack as openstack

secgroup1 = openstack.networking.SecGroup("secgroup_1",
    name="secgroup_1",
    description="My neutron security group")
secgroup_rule1 = openstack.networking.SecGroupRule("secgroup_rule_1",
    direction="ingress",
    ethertype="IPv4",
    protocol="tcp",
    port_range_min=22,
    port_range_max=22,
    remote_ip_prefix="0.0.0.0/0",
    security_group_id=secgroup1.id)
Copy
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/networking"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		secgroup1, err := networking.NewSecGroup(ctx, "secgroup_1", &networking.SecGroupArgs{
			Name:        pulumi.String("secgroup_1"),
			Description: pulumi.String("My neutron security group"),
		})
		if err != nil {
			return err
		}
		_, err = networking.NewSecGroupRule(ctx, "secgroup_rule_1", &networking.SecGroupRuleArgs{
			Direction:       pulumi.String("ingress"),
			Ethertype:       pulumi.String("IPv4"),
			Protocol:        pulumi.String("tcp"),
			PortRangeMin:    pulumi.Int(22),
			PortRangeMax:    pulumi.Int(22),
			RemoteIpPrefix:  pulumi.String("0.0.0.0/0"),
			SecurityGroupId: secgroup1.ID(),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using OpenStack = Pulumi.OpenStack;

return await Deployment.RunAsync(() => 
{
    var secgroup1 = new OpenStack.Networking.SecGroup("secgroup_1", new()
    {
        Name = "secgroup_1",
        Description = "My neutron security group",
    });

    var secgroupRule1 = new OpenStack.Networking.SecGroupRule("secgroup_rule_1", new()
    {
        Direction = "ingress",
        Ethertype = "IPv4",
        Protocol = "tcp",
        PortRangeMin = 22,
        PortRangeMax = 22,
        RemoteIpPrefix = "0.0.0.0/0",
        SecurityGroupId = secgroup1.Id,
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.networking.SecGroup;
import com.pulumi.openstack.networking.SecGroupArgs;
import com.pulumi.openstack.networking.SecGroupRule;
import com.pulumi.openstack.networking.SecGroupRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var secgroup1 = new SecGroup("secgroup1", SecGroupArgs.builder()
            .name("secgroup_1")
            .description("My neutron security group")
            .build());

        var secgroupRule1 = new SecGroupRule("secgroupRule1", SecGroupRuleArgs.builder()
            .direction("ingress")
            .ethertype("IPv4")
            .protocol("tcp")
            .portRangeMin(22)
            .portRangeMax(22)
            .remoteIpPrefix("0.0.0.0/0")
            .securityGroupId(secgroup1.id())
            .build());

    }
}
Copy
resources:
  secgroup1:
    type: openstack:networking:SecGroup
    name: secgroup_1
    properties:
      name: secgroup_1
      description: My neutron security group
  secgroupRule1:
    type: openstack:networking:SecGroupRule
    name: secgroup_rule_1
    properties:
      direction: ingress
      ethertype: IPv4
      protocol: tcp
      portRangeMin: 22
      portRangeMax: 22
      remoteIpPrefix: 0.0.0.0/0
      securityGroupId: ${secgroup1.id}
Copy

Note: To expose the full port-range 1:65535, use 0 for port_range_min and port_range_max.

Create SecGroupRule Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SecGroupRule(name: string, args: SecGroupRuleArgs, opts?: CustomResourceOptions);
@overload
def SecGroupRule(resource_name: str,
                 args: SecGroupRuleArgs,
                 opts: Optional[ResourceOptions] = None)

@overload
def SecGroupRule(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 direction: Optional[str] = None,
                 ethertype: Optional[str] = None,
                 security_group_id: Optional[str] = None,
                 description: Optional[str] = None,
                 port_range_max: Optional[int] = None,
                 port_range_min: Optional[int] = None,
                 protocol: Optional[str] = None,
                 region: Optional[str] = None,
                 remote_group_id: Optional[str] = None,
                 remote_ip_prefix: Optional[str] = None,
                 tenant_id: Optional[str] = None)
func NewSecGroupRule(ctx *Context, name string, args SecGroupRuleArgs, opts ...ResourceOption) (*SecGroupRule, error)
public SecGroupRule(string name, SecGroupRuleArgs args, CustomResourceOptions? opts = null)
public SecGroupRule(String name, SecGroupRuleArgs args)
public SecGroupRule(String name, SecGroupRuleArgs args, CustomResourceOptions options)
type: openstack:networking:SecGroupRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. SecGroupRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. SecGroupRuleArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. SecGroupRuleArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. SecGroupRuleArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. SecGroupRuleArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var secGroupRuleResource = new OpenStack.Networking.SecGroupRule("secGroupRuleResource", new()
{
    Direction = "string",
    Ethertype = "string",
    SecurityGroupId = "string",
    Description = "string",
    PortRangeMax = 0,
    PortRangeMin = 0,
    Protocol = "string",
    Region = "string",
    RemoteGroupId = "string",
    RemoteIpPrefix = "string",
    TenantId = "string",
});
Copy
example, err := networking.NewSecGroupRule(ctx, "secGroupRuleResource", &networking.SecGroupRuleArgs{
	Direction:       pulumi.String("string"),
	Ethertype:       pulumi.String("string"),
	SecurityGroupId: pulumi.String("string"),
	Description:     pulumi.String("string"),
	PortRangeMax:    pulumi.Int(0),
	PortRangeMin:    pulumi.Int(0),
	Protocol:        pulumi.String("string"),
	Region:          pulumi.String("string"),
	RemoteGroupId:   pulumi.String("string"),
	RemoteIpPrefix:  pulumi.String("string"),
	TenantId:        pulumi.String("string"),
})
Copy
var secGroupRuleResource = new SecGroupRule("secGroupRuleResource", SecGroupRuleArgs.builder()
    .direction("string")
    .ethertype("string")
    .securityGroupId("string")
    .description("string")
    .portRangeMax(0)
    .portRangeMin(0)
    .protocol("string")
    .region("string")
    .remoteGroupId("string")
    .remoteIpPrefix("string")
    .tenantId("string")
    .build());
Copy
sec_group_rule_resource = openstack.networking.SecGroupRule("secGroupRuleResource",
    direction="string",
    ethertype="string",
    security_group_id="string",
    description="string",
    port_range_max=0,
    port_range_min=0,
    protocol="string",
    region="string",
    remote_group_id="string",
    remote_ip_prefix="string",
    tenant_id="string")
Copy
const secGroupRuleResource = new openstack.networking.SecGroupRule("secGroupRuleResource", {
    direction: "string",
    ethertype: "string",
    securityGroupId: "string",
    description: "string",
    portRangeMax: 0,
    portRangeMin: 0,
    protocol: "string",
    region: "string",
    remoteGroupId: "string",
    remoteIpPrefix: "string",
    tenantId: "string",
});
Copy
type: openstack:networking:SecGroupRule
properties:
    description: string
    direction: string
    ethertype: string
    portRangeMax: 0
    portRangeMin: 0
    protocol: string
    region: string
    remoteGroupId: string
    remoteIpPrefix: string
    securityGroupId: string
    tenantId: string
Copy

SecGroupRule Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SecGroupRule resource accepts the following input properties:

Direction
This property is required.
Changes to this property will trigger replacement.
string
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
Ethertype
This property is required.
Changes to this property will trigger replacement.
string
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
SecurityGroupId
This property is required.
Changes to this property will trigger replacement.
string
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
Description Changes to this property will trigger replacement. string
A description of the rule. Changing this creates a new security group rule.
PortRangeMax Changes to this property will trigger replacement. int
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
PortRangeMin Changes to this property will trigger replacement. int
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
Protocol Changes to this property will trigger replacement. string
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
Region Changes to this property will trigger replacement. string
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
RemoteGroupId Changes to this property will trigger replacement. string
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
RemoteIpPrefix Changes to this property will trigger replacement. string
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
TenantId Changes to this property will trigger replacement. string
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
Direction
This property is required.
Changes to this property will trigger replacement.
string
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
Ethertype
This property is required.
Changes to this property will trigger replacement.
string
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
SecurityGroupId
This property is required.
Changes to this property will trigger replacement.
string
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
Description Changes to this property will trigger replacement. string
A description of the rule. Changing this creates a new security group rule.
PortRangeMax Changes to this property will trigger replacement. int
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
PortRangeMin Changes to this property will trigger replacement. int
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
Protocol Changes to this property will trigger replacement. string
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
Region Changes to this property will trigger replacement. string
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
RemoteGroupId Changes to this property will trigger replacement. string
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
RemoteIpPrefix Changes to this property will trigger replacement. string
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
TenantId Changes to this property will trigger replacement. string
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
direction
This property is required.
Changes to this property will trigger replacement.
String
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
ethertype
This property is required.
Changes to this property will trigger replacement.
String
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
securityGroupId
This property is required.
Changes to this property will trigger replacement.
String
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
description Changes to this property will trigger replacement. String
A description of the rule. Changing this creates a new security group rule.
portRangeMax Changes to this property will trigger replacement. Integer
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
portRangeMin Changes to this property will trigger replacement. Integer
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
protocol Changes to this property will trigger replacement. String
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
region Changes to this property will trigger replacement. String
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
remoteGroupId Changes to this property will trigger replacement. String
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
remoteIpPrefix Changes to this property will trigger replacement. String
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
tenantId Changes to this property will trigger replacement. String
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
direction
This property is required.
Changes to this property will trigger replacement.
string
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
ethertype
This property is required.
Changes to this property will trigger replacement.
string
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
securityGroupId
This property is required.
Changes to this property will trigger replacement.
string
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
description Changes to this property will trigger replacement. string
A description of the rule. Changing this creates a new security group rule.
portRangeMax Changes to this property will trigger replacement. number
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
portRangeMin Changes to this property will trigger replacement. number
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
protocol Changes to this property will trigger replacement. string
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
region Changes to this property will trigger replacement. string
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
remoteGroupId Changes to this property will trigger replacement. string
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
remoteIpPrefix Changes to this property will trigger replacement. string
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
tenantId Changes to this property will trigger replacement. string
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
direction
This property is required.
Changes to this property will trigger replacement.
str
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
ethertype
This property is required.
Changes to this property will trigger replacement.
str
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
security_group_id
This property is required.
Changes to this property will trigger replacement.
str
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
description Changes to this property will trigger replacement. str
A description of the rule. Changing this creates a new security group rule.
port_range_max Changes to this property will trigger replacement. int
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
port_range_min Changes to this property will trigger replacement. int
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
protocol Changes to this property will trigger replacement. str
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
region Changes to this property will trigger replacement. str
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
remote_group_id Changes to this property will trigger replacement. str
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
remote_ip_prefix Changes to this property will trigger replacement. str
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
tenant_id Changes to this property will trigger replacement. str
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
direction
This property is required.
Changes to this property will trigger replacement.
String
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
ethertype
This property is required.
Changes to this property will trigger replacement.
String
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
securityGroupId
This property is required.
Changes to this property will trigger replacement.
String
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
description Changes to this property will trigger replacement. String
A description of the rule. Changing this creates a new security group rule.
portRangeMax Changes to this property will trigger replacement. Number
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
portRangeMin Changes to this property will trigger replacement. Number
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
protocol Changes to this property will trigger replacement. String
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
region Changes to this property will trigger replacement. String
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
remoteGroupId Changes to this property will trigger replacement. String
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
remoteIpPrefix Changes to this property will trigger replacement. String
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
tenantId Changes to this property will trigger replacement. String
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.

Outputs

All input properties are implicitly available as output properties. Additionally, the SecGroupRule resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
Id string
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.
id string
The provider-assigned unique ID for this managed resource.
id str
The provider-assigned unique ID for this managed resource.
id String
The provider-assigned unique ID for this managed resource.

Look up Existing SecGroupRule Resource

Get an existing SecGroupRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SecGroupRuleState, opts?: CustomResourceOptions): SecGroupRule
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        direction: Optional[str] = None,
        ethertype: Optional[str] = None,
        port_range_max: Optional[int] = None,
        port_range_min: Optional[int] = None,
        protocol: Optional[str] = None,
        region: Optional[str] = None,
        remote_group_id: Optional[str] = None,
        remote_ip_prefix: Optional[str] = None,
        security_group_id: Optional[str] = None,
        tenant_id: Optional[str] = None) -> SecGroupRule
func GetSecGroupRule(ctx *Context, name string, id IDInput, state *SecGroupRuleState, opts ...ResourceOption) (*SecGroupRule, error)
public static SecGroupRule Get(string name, Input<string> id, SecGroupRuleState? state, CustomResourceOptions? opts = null)
public static SecGroupRule get(String name, Output<String> id, SecGroupRuleState state, CustomResourceOptions options)
resources:  _:    type: openstack:networking:SecGroupRule    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Description Changes to this property will trigger replacement. string
A description of the rule. Changing this creates a new security group rule.
Direction Changes to this property will trigger replacement. string
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
Ethertype Changes to this property will trigger replacement. string
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
PortRangeMax Changes to this property will trigger replacement. int
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
PortRangeMin Changes to this property will trigger replacement. int
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
Protocol Changes to this property will trigger replacement. string
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
Region Changes to this property will trigger replacement. string
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
RemoteGroupId Changes to this property will trigger replacement. string
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
RemoteIpPrefix Changes to this property will trigger replacement. string
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
SecurityGroupId Changes to this property will trigger replacement. string
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
TenantId Changes to this property will trigger replacement. string
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
Description Changes to this property will trigger replacement. string
A description of the rule. Changing this creates a new security group rule.
Direction Changes to this property will trigger replacement. string
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
Ethertype Changes to this property will trigger replacement. string
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
PortRangeMax Changes to this property will trigger replacement. int
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
PortRangeMin Changes to this property will trigger replacement. int
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
Protocol Changes to this property will trigger replacement. string
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
Region Changes to this property will trigger replacement. string
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
RemoteGroupId Changes to this property will trigger replacement. string
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
RemoteIpPrefix Changes to this property will trigger replacement. string
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
SecurityGroupId Changes to this property will trigger replacement. string
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
TenantId Changes to this property will trigger replacement. string
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
description Changes to this property will trigger replacement. String
A description of the rule. Changing this creates a new security group rule.
direction Changes to this property will trigger replacement. String
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
ethertype Changes to this property will trigger replacement. String
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
portRangeMax Changes to this property will trigger replacement. Integer
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
portRangeMin Changes to this property will trigger replacement. Integer
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
protocol Changes to this property will trigger replacement. String
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
region Changes to this property will trigger replacement. String
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
remoteGroupId Changes to this property will trigger replacement. String
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
remoteIpPrefix Changes to this property will trigger replacement. String
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
securityGroupId Changes to this property will trigger replacement. String
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
tenantId Changes to this property will trigger replacement. String
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
description Changes to this property will trigger replacement. string
A description of the rule. Changing this creates a new security group rule.
direction Changes to this property will trigger replacement. string
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
ethertype Changes to this property will trigger replacement. string
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
portRangeMax Changes to this property will trigger replacement. number
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
portRangeMin Changes to this property will trigger replacement. number
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
protocol Changes to this property will trigger replacement. string
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
region Changes to this property will trigger replacement. string
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
remoteGroupId Changes to this property will trigger replacement. string
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
remoteIpPrefix Changes to this property will trigger replacement. string
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
securityGroupId Changes to this property will trigger replacement. string
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
tenantId Changes to this property will trigger replacement. string
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
description Changes to this property will trigger replacement. str
A description of the rule. Changing this creates a new security group rule.
direction Changes to this property will trigger replacement. str
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
ethertype Changes to this property will trigger replacement. str
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
port_range_max Changes to this property will trigger replacement. int
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
port_range_min Changes to this property will trigger replacement. int
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
protocol Changes to this property will trigger replacement. str
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
region Changes to this property will trigger replacement. str
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
remote_group_id Changes to this property will trigger replacement. str
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
remote_ip_prefix Changes to this property will trigger replacement. str
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
security_group_id Changes to this property will trigger replacement. str
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
tenant_id Changes to this property will trigger replacement. str
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
description Changes to this property will trigger replacement. String
A description of the rule. Changing this creates a new security group rule.
direction Changes to this property will trigger replacement. String
The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
ethertype Changes to this property will trigger replacement. String
The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
portRangeMax Changes to this property will trigger replacement. Number
The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
portRangeMin Changes to this property will trigger replacement. Number
The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
protocol Changes to this property will trigger replacement. String
The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

  • empty string or omitted (any protocol)
  • integer value between 0 and 255 (valid IP protocol number)
  • tcp
  • udp
  • icmp
  • ah
  • dccp
  • egp
  • esp
  • gre
  • igmp
  • ipv6-encap
  • ipv6-frag
  • ipv6-icmp
  • ipv6-nonxt
  • ipv6-opts
  • ipv6-route
  • ospf
  • pgm
  • rsvp
  • sctp
  • udplite
  • vrrp
  • ipip
region Changes to this property will trigger replacement. String
The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
remoteGroupId Changes to this property will trigger replacement. String
The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
remoteIpPrefix Changes to this property will trigger replacement. String
The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
securityGroupId Changes to this property will trigger replacement. String
The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
tenantId Changes to this property will trigger replacement. String
The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.

Import

Security Group Rules can be imported using the id, e.g.

$ pulumi import openstack:networking/secGroupRule:SecGroupRule secgroup_rule_1 aeb68ee3-6e9d-4256-955c-9584a6212745
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
OpenStack pulumi/pulumi-openstack
License
Apache-2.0
Notes
This Pulumi package is based on the openstack Terraform Provider.