1. Packages
  2. Openstack Provider
  3. API Docs
  4. networking
  5. SecGroupRule
OpenStack v5.0.0 published on Friday, Sep 27, 2024 by Pulumi

openstack.networking.SecGroupRule

Explore with Pulumi AI

openstack logo
OpenStack v5.0.0 published on Friday, Sep 27, 2024 by Pulumi

    Manages a V2 neutron security group rule resource within OpenStack. Unlike Nova security groups, neutron separates the group from the rules and also allows an admin to target a specific tenant_id.

    Example Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as openstack from "@pulumi/openstack";
    
    const secgroup1 = new openstack.networking.SecGroup("secgroup_1", {
        name: "secgroup_1",
        description: "My neutron security group",
    });
    const secgroupRule1 = new openstack.networking.SecGroupRule("secgroup_rule_1", {
        direction: "ingress",
        ethertype: "IPv4",
        protocol: "tcp",
        portRangeMin: 22,
        portRangeMax: 22,
        remoteIpPrefix: "0.0.0.0/0",
        securityGroupId: secgroup1.id,
    });
    
    import pulumi
    import pulumi_openstack as openstack
    
    secgroup1 = openstack.networking.SecGroup("secgroup_1",
        name="secgroup_1",
        description="My neutron security group")
    secgroup_rule1 = openstack.networking.SecGroupRule("secgroup_rule_1",
        direction="ingress",
        ethertype="IPv4",
        protocol="tcp",
        port_range_min=22,
        port_range_max=22,
        remote_ip_prefix="0.0.0.0/0",
        security_group_id=secgroup1.id)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/networking"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		secgroup1, err := networking.NewSecGroup(ctx, "secgroup_1", &networking.SecGroupArgs{
    			Name:        pulumi.String("secgroup_1"),
    			Description: pulumi.String("My neutron security group"),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = networking.NewSecGroupRule(ctx, "secgroup_rule_1", &networking.SecGroupRuleArgs{
    			Direction:       pulumi.String("ingress"),
    			Ethertype:       pulumi.String("IPv4"),
    			Protocol:        pulumi.String("tcp"),
    			PortRangeMin:    pulumi.Int(22),
    			PortRangeMax:    pulumi.Int(22),
    			RemoteIpPrefix:  pulumi.String("0.0.0.0/0"),
    			SecurityGroupId: secgroup1.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using OpenStack = Pulumi.OpenStack;
    
    return await Deployment.RunAsync(() => 
    {
        var secgroup1 = new OpenStack.Networking.SecGroup("secgroup_1", new()
        {
            Name = "secgroup_1",
            Description = "My neutron security group",
        });
    
        var secgroupRule1 = new OpenStack.Networking.SecGroupRule("secgroup_rule_1", new()
        {
            Direction = "ingress",
            Ethertype = "IPv4",
            Protocol = "tcp",
            PortRangeMin = 22,
            PortRangeMax = 22,
            RemoteIpPrefix = "0.0.0.0/0",
            SecurityGroupId = secgroup1.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.openstack.networking.SecGroup;
    import com.pulumi.openstack.networking.SecGroupArgs;
    import com.pulumi.openstack.networking.SecGroupRule;
    import com.pulumi.openstack.networking.SecGroupRuleArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var secgroup1 = new SecGroup("secgroup1", SecGroupArgs.builder()
                .name("secgroup_1")
                .description("My neutron security group")
                .build());
    
            var secgroupRule1 = new SecGroupRule("secgroupRule1", SecGroupRuleArgs.builder()
                .direction("ingress")
                .ethertype("IPv4")
                .protocol("tcp")
                .portRangeMin(22)
                .portRangeMax(22)
                .remoteIpPrefix("0.0.0.0/0")
                .securityGroupId(secgroup1.id())
                .build());
    
        }
    }
    
    resources:
      secgroup1:
        type: openstack:networking:SecGroup
        name: secgroup_1
        properties:
          name: secgroup_1
          description: My neutron security group
      secgroupRule1:
        type: openstack:networking:SecGroupRule
        name: secgroup_rule_1
        properties:
          direction: ingress
          ethertype: IPv4
          protocol: tcp
          portRangeMin: 22
          portRangeMax: 22
          remoteIpPrefix: 0.0.0.0/0
          securityGroupId: ${secgroup1.id}
    

    Note: To expose the full port-range 1:65535, use 0 for port_range_min and port_range_max.

    Create SecGroupRule Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new SecGroupRule(name: string, args: SecGroupRuleArgs, opts?: CustomResourceOptions);
    @overload
    def SecGroupRule(resource_name: str,
                     args: SecGroupRuleArgs,
                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def SecGroupRule(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     direction: Optional[str] = None,
                     ethertype: Optional[str] = None,
                     security_group_id: Optional[str] = None,
                     description: Optional[str] = None,
                     port_range_max: Optional[int] = None,
                     port_range_min: Optional[int] = None,
                     protocol: Optional[str] = None,
                     region: Optional[str] = None,
                     remote_group_id: Optional[str] = None,
                     remote_ip_prefix: Optional[str] = None,
                     tenant_id: Optional[str] = None)
    func NewSecGroupRule(ctx *Context, name string, args SecGroupRuleArgs, opts ...ResourceOption) (*SecGroupRule, error)
    public SecGroupRule(string name, SecGroupRuleArgs args, CustomResourceOptions? opts = null)
    public SecGroupRule(String name, SecGroupRuleArgs args)
    public SecGroupRule(String name, SecGroupRuleArgs args, CustomResourceOptions options)
    
    type: openstack:networking:SecGroupRule
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args SecGroupRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SecGroupRuleArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SecGroupRuleArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SecGroupRuleArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SecGroupRuleArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var secGroupRuleResource = new OpenStack.Networking.SecGroupRule("secGroupRuleResource", new()
    {
        Direction = "string",
        Ethertype = "string",
        SecurityGroupId = "string",
        Description = "string",
        PortRangeMax = 0,
        PortRangeMin = 0,
        Protocol = "string",
        Region = "string",
        RemoteGroupId = "string",
        RemoteIpPrefix = "string",
        TenantId = "string",
    });
    
    example, err := networking.NewSecGroupRule(ctx, "secGroupRuleResource", &networking.SecGroupRuleArgs{
    	Direction:       pulumi.String("string"),
    	Ethertype:       pulumi.String("string"),
    	SecurityGroupId: pulumi.String("string"),
    	Description:     pulumi.String("string"),
    	PortRangeMax:    pulumi.Int(0),
    	PortRangeMin:    pulumi.Int(0),
    	Protocol:        pulumi.String("string"),
    	Region:          pulumi.String("string"),
    	RemoteGroupId:   pulumi.String("string"),
    	RemoteIpPrefix:  pulumi.String("string"),
    	TenantId:        pulumi.String("string"),
    })
    
    var secGroupRuleResource = new SecGroupRule("secGroupRuleResource", SecGroupRuleArgs.builder()
        .direction("string")
        .ethertype("string")
        .securityGroupId("string")
        .description("string")
        .portRangeMax(0)
        .portRangeMin(0)
        .protocol("string")
        .region("string")
        .remoteGroupId("string")
        .remoteIpPrefix("string")
        .tenantId("string")
        .build());
    
    sec_group_rule_resource = openstack.networking.SecGroupRule("secGroupRuleResource",
        direction="string",
        ethertype="string",
        security_group_id="string",
        description="string",
        port_range_max=0,
        port_range_min=0,
        protocol="string",
        region="string",
        remote_group_id="string",
        remote_ip_prefix="string",
        tenant_id="string")
    
    const secGroupRuleResource = new openstack.networking.SecGroupRule("secGroupRuleResource", {
        direction: "string",
        ethertype: "string",
        securityGroupId: "string",
        description: "string",
        portRangeMax: 0,
        portRangeMin: 0,
        protocol: "string",
        region: "string",
        remoteGroupId: "string",
        remoteIpPrefix: "string",
        tenantId: "string",
    });
    
    type: openstack:networking:SecGroupRule
    properties:
        description: string
        direction: string
        ethertype: string
        portRangeMax: 0
        portRangeMin: 0
        protocol: string
        region: string
        remoteGroupId: string
        remoteIpPrefix: string
        securityGroupId: string
        tenantId: string
    

    SecGroupRule Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The SecGroupRule resource accepts the following input properties:

    Direction string
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    Ethertype string
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    SecurityGroupId string
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    Description string
    A description of the rule. Changing this creates a new security group rule.
    PortRangeMax int
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    PortRangeMin int
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    Protocol string
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    Region string
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    RemoteGroupId string
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    RemoteIpPrefix string
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    TenantId string
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    Direction string
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    Ethertype string
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    SecurityGroupId string
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    Description string
    A description of the rule. Changing this creates a new security group rule.
    PortRangeMax int
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    PortRangeMin int
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    Protocol string
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    Region string
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    RemoteGroupId string
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    RemoteIpPrefix string
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    TenantId string
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    direction String
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    ethertype String
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    securityGroupId String
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    description String
    A description of the rule. Changing this creates a new security group rule.
    portRangeMax Integer
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    portRangeMin Integer
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    protocol String
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    region String
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    remoteGroupId String
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    remoteIpPrefix String
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    tenantId String
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    direction string
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    ethertype string
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    securityGroupId string
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    description string
    A description of the rule. Changing this creates a new security group rule.
    portRangeMax number
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    portRangeMin number
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    protocol string
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    region string
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    remoteGroupId string
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    remoteIpPrefix string
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    tenantId string
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    direction str
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    ethertype str
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    security_group_id str
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    description str
    A description of the rule. Changing this creates a new security group rule.
    port_range_max int
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    port_range_min int
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    protocol str
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    region str
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    remote_group_id str
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    remote_ip_prefix str
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    tenant_id str
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    direction String
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    ethertype String
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    securityGroupId String
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    description String
    A description of the rule. Changing this creates a new security group rule.
    portRangeMax Number
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    portRangeMin Number
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    protocol String
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    region String
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    remoteGroupId String
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    remoteIpPrefix String
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    tenantId String
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SecGroupRule resource produces the following output properties:

    Id string
    The provider-assigned unique ID for this managed resource.
    Id string
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.
    id string
    The provider-assigned unique ID for this managed resource.
    id str
    The provider-assigned unique ID for this managed resource.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing SecGroupRule Resource

    Get an existing SecGroupRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SecGroupRuleState, opts?: CustomResourceOptions): SecGroupRule
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            description: Optional[str] = None,
            direction: Optional[str] = None,
            ethertype: Optional[str] = None,
            port_range_max: Optional[int] = None,
            port_range_min: Optional[int] = None,
            protocol: Optional[str] = None,
            region: Optional[str] = None,
            remote_group_id: Optional[str] = None,
            remote_ip_prefix: Optional[str] = None,
            security_group_id: Optional[str] = None,
            tenant_id: Optional[str] = None) -> SecGroupRule
    func GetSecGroupRule(ctx *Context, name string, id IDInput, state *SecGroupRuleState, opts ...ResourceOption) (*SecGroupRule, error)
    public static SecGroupRule Get(string name, Input<string> id, SecGroupRuleState? state, CustomResourceOptions? opts = null)
    public static SecGroupRule get(String name, Output<String> id, SecGroupRuleState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Description string
    A description of the rule. Changing this creates a new security group rule.
    Direction string
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    Ethertype string
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    PortRangeMax int
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    PortRangeMin int
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    Protocol string
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    Region string
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    RemoteGroupId string
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    RemoteIpPrefix string
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    SecurityGroupId string
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    TenantId string
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    Description string
    A description of the rule. Changing this creates a new security group rule.
    Direction string
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    Ethertype string
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    PortRangeMax int
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    PortRangeMin int
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    Protocol string
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    Region string
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    RemoteGroupId string
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    RemoteIpPrefix string
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    SecurityGroupId string
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    TenantId string
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    description String
    A description of the rule. Changing this creates a new security group rule.
    direction String
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    ethertype String
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    portRangeMax Integer
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    portRangeMin Integer
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    protocol String
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    region String
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    remoteGroupId String
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    remoteIpPrefix String
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    securityGroupId String
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    tenantId String
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    description string
    A description of the rule. Changing this creates a new security group rule.
    direction string
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    ethertype string
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    portRangeMax number
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    portRangeMin number
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    protocol string
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    region string
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    remoteGroupId string
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    remoteIpPrefix string
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    securityGroupId string
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    tenantId string
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    description str
    A description of the rule. Changing this creates a new security group rule.
    direction str
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    ethertype str
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    port_range_max int
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    port_range_min int
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    protocol str
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    region str
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    remote_group_id str
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    remote_ip_prefix str
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    security_group_id str
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    tenant_id str
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.
    description String
    A description of the rule. Changing this creates a new security group rule.
    direction String
    The direction of the rule, valid values are ingress or egress. Changing this creates a new security group rule.
    ethertype String
    The layer 3 protocol type, valid values are IPv4 or IPv6. Changing this creates a new security group rule.
    portRangeMax Number
    The higher part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    portRangeMin Number
    The lower part of the allowed port range, valid integer value needs to be between 1 and 65535. Changing this creates a new security group rule.
    protocol String
    The layer 4 protocol type, valid values are following. Changing this creates a new security group rule. This is required if you want to specify a port range.

    • empty string or omitted (any protocol)
    • integer value between 0 and 255 (valid IP protocol number)
    • tcp
    • udp
    • icmp
    • ah
    • dccp
    • egp
    • esp
    • gre
    • igmp
    • ipv6-encap
    • ipv6-frag
    • ipv6-icmp
    • ipv6-nonxt
    • ipv6-opts
    • ipv6-route
    • ospf
    • pgm
    • rsvp
    • sctp
    • udplite
    • vrrp
    • ipip
    region String
    The region in which to obtain the V2 networking client. A networking client is needed to create a port. If omitted, the region argument of the provider is used. Changing this creates a new security group rule.
    remoteGroupId String
    The remote group id, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    remoteIpPrefix String
    The remote CIDR, the value needs to be a valid CIDR (i.e. 192.168.0.0/16). Changing this creates a new security group rule.
    securityGroupId String
    The security group id the rule should belong to, the value needs to be an Openstack ID of a security group in the same tenant. Changing this creates a new security group rule.
    tenantId String
    The owner of the security group. Required if admin wants to create a port for another tenant. Changing this creates a new security group rule.

    Import

    Security Group Rules can be imported using the id, e.g.

    $ pulumi import openstack:networking/secGroupRule:SecGroupRule secgroup_rule_1 aeb68ee3-6e9d-4256-955c-9584a6212745
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    OpenStack pulumi/pulumi-openstack
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the openstack Terraform Provider.
    openstack logo
    OpenStack v5.0.0 published on Friday, Sep 27, 2024 by Pulumi