2.7 KiB
layout, page_title, sidebar_current, description
| layout | page_title | sidebar_current | description |
|---|---|---|---|
| openstack | OpenStack: openstack_compute_secgroup_v2 | docs-openstack-resource-compute-secgroup-v2 | Manages a V2 security group resource within OpenStack. |
openstack_compute_secgroup_v2
Manages a V2 security group resource within OpenStack.
Example Usage
resource "openstack_compute_secgroup_v2" "secgroup_1" {
name = "my_secgroup"
description = "my security group"
rule {
from_port = 22
to_port = 22
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
rule {
from_port = 80
to_port = 80
ip_protocol = "tcp"
cidr = "0.0.0.0/0"
}
}
Argument Reference
The following arguments are supported:
-
region- (Required) The region in which to obtain the V2 Compute client. A Compute client is needed to create a security group. If omitted, theOS_REGION_NAMEenvironment variable is used. Changing this creates a new security group. -
name- (Required) A unique name for the security group. Changing this updates thenameof an existing security group. -
description- (Required) A description for the security group. Changing this updates thedescriptionof an existing security group. -
rule- (Optional) A rule describing how the security group operates. The rule object structure is documented below. Changing this updates the security group rules. As shown in the example above, multiple rule blocks may be used.
The rule block supports:
-
from_port- (Required) An integer representing the lower bound of the port range to open. Changing this creates a new security group rule. -
to_port- (Required) An integer representing the upper bound of the port range to open. Changing this creates a new security group rule. -
ip_protocol- (Required) The protocol type that will be allowed. Changing this creates a new security group rule. -
cidr- (Optional) Required iffrom_group_idis empty. The IP range that will be the source of network traffic to the security group. Use 0.0.0.0./0 to allow all IP addresses. Changing this creates a new security group rule. -
from_group_id- (Optional) Required ifcidris empty. The ID of a group from which to forward traffic to the parent group. Changing this creates a new security group rule. -
self- (Optional) Required ifcidrandfrom_group_idis empty. If true, the security group itself will be added as a source to this ingress rule.
Attributes Reference
The following attributes are exported:
region- See Argument Reference above.name- See Argument Reference above.description- See Argument Reference above.rule- See Argument Reference above.