Chapter 56. security

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

<name>

New security group name

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--noindent

Whether to disable indenting the json

-h, --help

Show this help message and exit

--description <description>

Security group description

--project <project>

Owner’s project (name or id)

--project-domain <project-domain>

Domain the project belongs to (name or id). this can be used in case collisions between project names exist.

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

<group>

Security group(s) to delete (name or id)

-h, --help

Show this help message and exit

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

--quote {all,minimal,none,nonnumeric}

When to include quotes, defaults to nonnumeric

output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--sort-column SORT_COLUMN

Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

--noindent

Whether to disable indenting the json

-h, --help

Show this help message and exit

--project <project>

List security groups according to the project (name or ID)

--project-domain <project-domain>

Domain the project belongs to (name or id). this can be used in case collisions between project names exist.

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

<group>

Create rule in this security group (name or id)

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--noindent

Whether to disable indenting the json

--remote-ip <ip-address>

Remote ip address block (may use cidr notation; default for IPv4 rule: 0.0.0.0/0)

--remote-group <group>

Remote security group (name or id)

--icmp-type <icmp-type>

Icmp type for icmp ip protocols

--icmp-code <icmp-code>

Icmp code for icmp ip protocols

--ethertype <ethertype>

Ethertype of network traffic (ipv4, ipv6; default: based on IP protocol)

--ingress

Rule applies to incoming network traffic (default)

--project-domain <project-domain>

Domain the project belongs to (name or id). this can be used in case collisions between project names exist.

--protocol <protocol>

Ip protocol (ah, dccp, egp, esp, gre, icmp, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255] or any; default: tcp)

--dst-port <port-range>

Destination port, may be a single port or a starting and ending port range: 137:139. Required for IP protocols TCP and UDP. Ignored for ICMP IP protocols.

-h, --help

Show this help message and exit

--description <description>

Set security group rule description

--project <project>

Owner’s project (name or id)

--egress

Rule applies to outgoing network traffic

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

<rule>

Security group rule(s) to delete (id only)

-h, --help

Show this help message and exit

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

<group>

List all rules in this security group (name or id)

--quote {all,minimal,none,nonnumeric}

When to include quotes, defaults to nonnumeric

output formatter options-f {csv,json,table,value,yaml}, --format {csv,json,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--sort-column SORT_COLUMN

Specify the column(s) to sort the data (columns specified first have a priority, non-existing columns are ignored), can be repeated

--noindent

Whether to disable indenting the json

--protocol <protocol>

List rules by the ip protocol (ah, dhcp, egp, esp, gre, icmp, igmp, ipv6-encap, ipv6-frag, ipv6-icmp, ipv6-nonxt, ipv6-opts, ipv6-route, ospf, pgm, rsvp, sctp, tcp, udp, udplite, vrrp and integer representations [0-255]).

-h, --help

Show this help message and exit

--long

List additional fields in output

--ingress

List rules applied to incoming network traffic

--egress

List rules applied to outgoing network traffic

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

<rule>

Security group rule to display (id only)

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--noindent

Whether to disable indenting the json

-h, --help

Show this help message and exit

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names

<group>

Security group to modify (name or id)

-h, --help

Show this help message and exit

--description <description>

New security group description

--name <new-name>

New security group name

--print-empty

Print empty table if there is no data to show.

--max-width <integer>

Maximum display width, <1 to disable. you can also use the CLIFF_MAX_TERM_WIDTH environment variable, but the parameter takes precedence.

--fit-width

Fit the table to the display width. implied if --max- width greater than 0. Set the environment variable CLIFF_FIT_WIDTH=1 to always enable

<group>

Security group to display (name or id)

output formatter options-f {json,shell,table,value,yaml}, --format {json,shell,table,value,yaml}

The output format, defaults to table

-c COLUMN, --column COLUMN

Specify the column(s) to include, can be repeated

--noindent

Whether to disable indenting the json

-h, --help

Show this help message and exit

a format a UNIX shell can parse (variable="value")--prefix PREFIX

Add a prefix to all variable names