github.com/koding/terraform@v0.6.4-0.20170608090606-5d7e0339779d/website/source/docs/providers/openstack/r/networking_secgroup_v2.html.markdown (about) 1 --- 2 layout: "openstack" 3 page_title: "OpenStack: openstack_networking_secgroup_v2" 4 sidebar_current: "docs-openstack-resource-networking-secgroup-v2" 5 description: |- 6 Manages a V2 Neutron security group resource within OpenStack. 7 --- 8 9 # openstack\_networking\_secgroup_v2 10 11 Manages a V2 neutron security group resource within OpenStack. 12 Unlike Nova security groups, neutron separates the group from the rules 13 and also allows an admin to target a specific tenant_id. 14 15 ## Example Usage 16 17 ```hcl 18 resource "openstack_networking_secgroup_v2" "secgroup_1" { 19 name = "secgroup_1" 20 description = "My neutron security group" 21 } 22 ``` 23 24 ## Argument Reference 25 26 The following arguments are supported: 27 28 * `region` - (Required) The region in which to obtain the V2 networking client. 29 A networking client is needed to create a port. If omitted, the 30 `OS_REGION_NAME` environment variable is used. Changing this creates a new 31 security group. 32 33 * `name` - (Required) A unique name for the security group. 34 35 * `description` - (Optional) A unique name for the security group. 36 37 * `tenant_id` - (Optional) The owner of the security group. Required if admin 38 wants to create a port for another tenant. Changing this creates a new 39 security group. 40 41 * `delete_default_rules` - (Optional) Whether or not to delete the default 42 egress security rules. This is `false` by default. See the below note 43 for more information. 44 45 ## Attributes Reference 46 47 The following attributes are exported: 48 49 * `region` - See Argument Reference above. 50 * `name` - See Argument Reference above. 51 * `description` - See Argument Reference above. 52 * `tenant_id` - See Argument Reference above. 53 54 ## Default Security Group Rules 55 56 In most cases, OpenStack will create some egress security group rules for each 57 new security group. These security group rules will not be managed by 58 Terraform, so if you prefer to have *all* aspects of your infrastructure 59 managed by Terraform, set `delete_default_rules` to `true` and then create 60 separate security group rules such as the following: 61 62 ```hcl 63 resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_v4" { 64 direction = "egress" 65 ethertype = "IPv4" 66 security_group_id = "${openstack_networking_secgroup_v2.secgroup.id}" 67 } 68 69 resource "openstack_networking_secgroup_rule_v2" "secgroup_rule_v6" { 70 direction = "egress" 71 ethertype = "IPv6" 72 security_group_id = "${openstack_networking_secgroup_v2.secgroup.id}" 73 } 74 ``` 75 76 Please note that this behavior may differ depending on the configuration of 77 the OpenStack cloud. The above illustrates the current default Neutron 78 behavior. Some OpenStack clouds might provide additional rules and some might 79 not provide any rules at all (in which case the `delete_default_rules` setting 80 is moot). 81 82 ## Import 83 84 Security Groups can be imported using the `id`, e.g. 85 86 ``` 87 $ terraform import openstack_networking_secgroup_v2.secgroup_1 38809219-5e8a-4852-9139-6f461c90e8bc 88 ```