Red Hat SummitDieser Inhalt ist in der von Ihnen ausgewählten Sprache nicht verfügbar.
Chapter 56. security
This chapter describes the commands under the security command.
56.1. security group create
Create a new security group
Usage:
| Value | Summary |
|---|---|
| --print-empty | Print empty table if there is no data to show. |
| --max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
| --fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
| Value | Summary |
|---|---|
| <name> | New security group name |
| Value | Summary |
|---|---|
| output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml} | The output format, defaults to table |
| -c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
| Value | Summary |
|---|---|
| --noindent | Whether to disable indenting the json |
| Value | Summary |
|---|---|
| -h, --help | Show this help message and exit |
| --description <description> | Security group description |
| --project <project> | Owner’s project (name or id) |
| --project-domain <project-domain> | Domain the project belongs to (name or id). this can be used in case collisions between project names exist. |
| Value | Summary |
|---|---|
| a format a UNIX shell can parse (variable="value")--prefix PREFIX | Add a prefix to all variable names |
56.2. security group delete
Delete security group(s)
Usage:
openstack security group delete [-h] <group> [<group> ...]
openstack security group delete [-h] <group> [<group> ...]| Value | Summary |
|---|---|
| <group> | Security group(s) to delete (name or id) |
| Value | Summary |
|---|---|
| -h, --help | Show this help message and exit |
56.3. security group list
List security groups
Usage:
| Value | Summary |
|---|---|
| --print-empty | Print empty table if there is no data to show. |
| --max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
| --fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
| Value | Summary |
|---|---|
| --quote {all,minimal,none,nonnumeric} | When to include quotes, defaults to nonnumeric |
| Value | Summary |
|---|---|
| output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml} | The output format, defaults to table |
| -c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
| --sort-column SORT_COLUMN | Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated |
| Value | Summary |
|---|---|
| --noindent | Whether to disable indenting the json |
| Value | Summary |
|---|---|
| -h, --help | Show this help message and exit |
| --project <project> | List security groups according to the project (name or ID) |
| --project-domain <project-domain> | Domain the project belongs to (name or id). this can be used in case collisions between project names exist. |
56.4. security group rule create
Create a new security group rule
Usage:
| Value | Summary |
|---|---|
| --print-empty | Print empty table if there is no data to show. |
| --max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
| --fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
| Value | Summary |
|---|---|
| <group> | Create rule in this security group (name or id) |
| Value | Summary |
|---|---|
| output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml} | The output format, defaults to table |
| -c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
| Value | Summary |
|---|---|
| --noindent | Whether to disable indenting the json |
| Value | Summary |
|---|---|
| --remote-ip <ip-address> | Remote ip address block (may use cidr notation; default for IPv4 rule: 0.0.0.0/0) |
| --remote-group <group> | Remote security group (name or id) |
| --icmp-type <icmp-type> | Icmp type for icmp ip protocols |
| --icmp-code <icmp-code> | Icmp code for icmp ip protocols |
| --ethertype <ethertype> | Ethertype of network traffic (ipv4, ipv6; default: based on IP protocol) |
| --ingress | Rule applies to incoming network traffic (default) |
| --project-domain <project-domain> | Domain the project belongs to (name or id). this can be used in case collisions between project names exist. |
| --protocol <protocol> | Ip protocol (ah, dccp, egp, esp, gre, icmp, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255] or any; default: tcp) |
| --dst-port <port-range> | Destination port, may be a single port or a starting and ending port range: 137:139. Required for IP protocols TCP and UDP. Ignored for ICMP IP protocols. |
| -h, --help | Show this help message and exit |
| --description <description> | Set security group rule description |
| --project <project> | Owner’s project (name or id) |
| --egress | Rule applies to outgoing network traffic |
| Value | Summary |
|---|---|
| a format a UNIX shell can parse (variable="value")--prefix PREFIX | Add a prefix to all variable names |
56.5. security group rule delete
Delete security group rule(s)
Usage:
openstack security group rule delete [-h] <rule> [<rule> ...]
openstack security group rule delete [-h] <rule> [<rule> ...]| Value | Summary |
|---|---|
| <rule> | Security group rule(s) to delete (id only) |
| Value | Summary |
|---|---|
| -h, --help | Show this help message and exit |
56.6. security group rule list
List security group rules
Usage:
| Value | Summary |
|---|---|
| --print-empty | Print empty table if there is no data to show. |
| --max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
| --fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
| Value | Summary |
|---|---|
| <group> | List all rules in this security group (name or id) |
| Value | Summary |
|---|---|
| --quote {all,minimal,none,nonnumeric} | When to include quotes, defaults to nonnumeric |
| Value | Summary |
|---|---|
| output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml} | The output format, defaults to table |
| -c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
| --sort-column SORT_COLUMN | Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated |
| Value | Summary |
|---|---|
| --noindent | Whether to disable indenting the json |
| Value | Summary |
|---|---|
| --protocol <protocol> | List rules by the ip protocol (ah, dhcp, egp, esp, gre, icmp, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255]). |
| -h, --help | Show this help message and exit |
| --long | List additional fields in output |
| --ingress | List rules applied to incoming network traffic |
| --egress | List rules applied to outgoing network traffic |
56.7. security group rule show
Display security group rule details
Usage:
| Value | Summary |
|---|---|
| --print-empty | Print empty table if there is no data to show. |
| --max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
| --fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
| Value | Summary |
|---|---|
| <rule> | Security group rule to display (id only) |
| Value | Summary |
|---|---|
| output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml} | The output format, defaults to table |
| -c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
| Value | Summary |
|---|---|
| --noindent | Whether to disable indenting the json |
| Value | Summary |
|---|---|
| -h, --help | Show this help message and exit |
| Value | Summary |
|---|---|
| a format a UNIX shell can parse (variable="value")--prefix PREFIX | Add a prefix to all variable names |
56.8. security group set
Set security group properties
Usage:
openstack security group set [-h] [--name <new-name>]
[--description <description>]
<group>
openstack security group set [-h] [--name <new-name>]
[--description <description>]
<group>| Value | Summary |
|---|---|
| <group> | Security group to modify (name or id) |
| Value | Summary |
|---|---|
| -h, --help | Show this help message and exit |
| --description <description> | New security group description |
| --name <new-name> | New security group name |
56.9. security group show
Display security group details
Usage:
openstack security group show [-h] [-f {json,shell,table,value,yaml}]
[-c COLUMN] [--max-width <integer>]
[--fit-width] [--print-empty]
[--noindent] [--prefix PREFIX]
<group>
openstack security group show [-h] [-f {json,shell,table,value,yaml}]
[-c COLUMN] [--max-width <integer>]
[--fit-width] [--print-empty]
[--noindent] [--prefix PREFIX]
<group>| Value | Summary |
|---|---|
| --print-empty | Print empty table if there is no data to show. |
| --max-width <integer> | Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence. |
| --fit-width | Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable |
| Value | Summary |
|---|---|
| <group> | Security group to display (name or id) |
| Value | Summary |
|---|---|
| output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml} | The output format, defaults to table |
| -c COLUMN, --column COLUMN | Specify the column(s) to include, can be repeated |
| Value | Summary |
|---|---|
| --noindent | Whether to disable indenting the json |
| Value | Summary |
|---|---|
| -h, --help | Show this help message and exit |
| Value | Summary |
|---|---|
| a format a UNIX shell can parse (variable="value")--prefix PREFIX | Add a prefix to all variable names |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}