Skip to content

Security Groups CLI reference

See https://docs.openstack.org/ocata/cli-reference/neutron.html.

These commands allow you to create, list, show details of, and delete security groups and their rules in the Network service. The <security_group_id_or_name> and <security_group_rule_id> in the commands are placeholders that should be replaced with the actual IDs or names of the security groups and rules.

List security groups

Bash
openstack security group list

Show security group details

Bash
openstack security group show <security_group_id_or_name>

Create a security group

Bash
openstack security group create --description "Security group description" <security_group_name>

Delete a security group

Bash
openstack security group delete <security_group_id_or_name>

List security group rules

Bash
openstack security group rule list <security_group_id_or_name>

Create a security group rule

Bash
openstack security group rule create --protocol <protocol> --dst-port <port_range> --remote-ip <remote_ip_range> <security_group_id_or_name>
  • <protocol>: The protocol for the rule (e.g., tcp, udp, icmp).
  • <port_range>: The port or port range for the rule (e.g., 80, 22:23).
  • <remote_ip_range>: The remote IP range for the rule (e.g., 0.0.0.0/0 for all IPs).

Delete a security group rule

Bash
openstack security group rule delete <security_group_rule_id>