diff options
| author | Morgan Fainberg <m@metacloud.com> | 2013-02-06 15:39:54 -0800 |
|---|---|---|
| committer | Gerrit Code Review <review@openstack.org> | 2013-02-19 01:50:51 +0000 |
| commit | 59aaf1dff97aa25a71d317300b8255f4c59391a9 (patch) | |
| tree | 6c5614d8cdd8b3963e5abacbf0939f1772deaad9 /doc | |
| parent | 30c2a8f66edb9f9601a519fb525a46cc4486ab2a (diff) | |
| download | nova-59aaf1dff97aa25a71d317300b8255f4c59391a9.tar.gz nova-59aaf1dff97aa25a71d317300b8255f4c59391a9.tar.xz nova-59aaf1dff97aa25a71d317300b8255f4c59391a9.zip | |
Default SG rules for the Security Group "Default"
Added in the API os-security-group-default-rules
This allows create, delete, list, and get (of individual rules) for
rules that will be pre-populated into the Security Group "default"
that is populated in all projects on creation.
These rules will not be applied retroactively, as it is designed
to allow the creation of a "reasonable" base-line set of sg rules.
The new rules live in a separate table that mirrors the relevant
structures of the security_group_rules table.
Added unit tests/API samples for the new API calls
Related to bp default-rules-for-default-security-group
DocImpact
Change-Id: I7ab51e68aff562bb869538197a0eca158fc3220c
Diffstat (limited to 'doc')
10 files changed, 90 insertions, 0 deletions
diff --git a/doc/api_samples/all_extensions/extensions-get-resp.json b/doc/api_samples/all_extensions/extensions-get-resp.json index ba5e410eb..14e9062ca 100644 --- a/doc/api_samples/all_extensions/extensions-get-resp.json +++ b/doc/api_samples/all_extensions/extensions-get-resp.json @@ -385,6 +385,14 @@ "updated": "2011-08-18T00:00:00+00:00" }, { + "alias": "os-security-group-default-rules", + "description": "Default rules for security group support.", + "links": [], + "name": "SecurityGroupDefaultRules", + "namespace": "http://docs.openstack.org/compute/ext/securitygroupdefaultrules/api/v1.1", + "updated": "2013-02-05T00:00:00+00:00" + }, + { "alias": "os-security-groups", "description": "Security group support.", "links": [], diff --git a/doc/api_samples/all_extensions/extensions-get-resp.xml b/doc/api_samples/all_extensions/extensions-get-resp.xml index a18e52437..133b0570a 100644 --- a/doc/api_samples/all_extensions/extensions-get-resp.xml +++ b/doc/api_samples/all_extensions/extensions-get-resp.xml @@ -162,6 +162,9 @@ <extension alias="os-rescue" updated="2011-08-18T00:00:00+00:00" namespace="http://docs.openstack.org/compute/ext/rescue/api/v1.1" name="Rescue"> <description>Instance rescue mode.</description> </extension> + <extension alias="os-security-group-default-rules" updated="2013-02-05T00:00:00+00:00" namespace="http://docs.openstack.org/compute/ext/securitygroupdefaultrules/api/v1.1" name="SecurityGroupDefaultRules"> + <description>Default rules for security group support.</description> + </extension> <extension alias="os-security-groups" updated="2011-07-21T00:00:00+00:00" namespace="http://docs.openstack.org/compute/ext/securitygroups/api/v1.1" name="SecurityGroups"> <description>Security group support.</description> </extension> diff --git a/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.json b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.json new file mode 100644 index 000000000..8b0a901c7 --- /dev/null +++ b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.json @@ -0,0 +1,8 @@ +{ + "security_group_default_rule": { + "ip_protocol": "TCP", + "from_port": "80", + "to_port": "80", + "cidr": "10.10.12.0/24" + } +}
\ No newline at end of file diff --git a/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.xml b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.xml new file mode 100644 index 000000000..7fa3af7d9 --- /dev/null +++ b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-req.xml @@ -0,0 +1,7 @@ +<?xml version='1.0' encoding='UTF-8'?> +<security_group_default_rule> + <ip_protocol>TCP</ip_protocol> + <from_port>80</from_port> + <to_port>80</to_port> + <cidr>10.10.12.0/24</cidr> +</security_group_default_rule>
\ No newline at end of file diff --git a/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.json b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.json new file mode 100644 index 000000000..ae6c62bfd --- /dev/null +++ b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.json @@ -0,0 +1,11 @@ +{ + "security_group_default_rule": { + "from_port": 80, + "id": 1, + "ip_protocol": "TCP", + "ip_range":{ + "cidr": "10.10.10.0/24" + }, + "to_port": 80 + } +}
\ No newline at end of file diff --git a/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.xml b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.xml new file mode 100644 index 000000000..9e700969f --- /dev/null +++ b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-create-resp.xml @@ -0,0 +1,9 @@ +<?xml version='1.0' encoding='UTF-8'?> +<security_group_default_rule xmlns="http://docs.openstack.org/compute/api/v1.1" id="1"> + <ip_protocol>TCP</ip_protocol> + <from_port>80</from_port> + <to_port>80</to_port> + <ip_range> + <cidr>10.10.10.0/24</cidr> + </ip_range> +</security_group_default_rule>
\ No newline at end of file diff --git a/doc/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.json b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.json new file mode 100644 index 000000000..c083640c3 --- /dev/null +++ b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.json @@ -0,0 +1,13 @@ +{ + "security_group_default_rules": [ + { + "from_port": 80, + "id": 1, + "ip_protocol": "TCP", + "ip_range": { + "cidr": "10.10.10.0/24" + }, + "to_port": 80 + } + ] +}
\ No newline at end of file diff --git a/doc/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.xml b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.xml new file mode 100644 index 000000000..f009bf80f --- /dev/null +++ b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-list-resp.xml @@ -0,0 +1,11 @@ +<?xml version='1.0' encoding='UTF-8'?> +<security_group_default_rules xmlns="http://docs.openstack.org/compute/api/v1.1"> + <security_group_default_rule id="1"> + <ip_protocol>TCP</ip_protocol> + <from_port>80</from_port> + <to_port>80</to_port> + <ip_range> + <cidr>10.10.10.0/24</cidr> + </ip_range> + </security_group_default_rule> +</security_group_default_rules>
\ No newline at end of file diff --git a/doc/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.json b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.json new file mode 100644 index 000000000..97b5259a1 --- /dev/null +++ b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.json @@ -0,0 +1,11 @@ +{ + "security_group_default_rule": { + "id": 1, + "from_port": 80, + "to_port": 80, + "ip_protocol": "TCP", + "ip_range": { + "cidr": "10.10.10.0/24" + } + } +}
\ No newline at end of file diff --git a/doc/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.xml b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.xml new file mode 100644 index 000000000..9181abd38 --- /dev/null +++ b/doc/api_samples/os-security-group-default-rules/security-group-default-rules-show-resp.xml @@ -0,0 +1,9 @@ +<?xml version='1.0' encoding='UTF-8'?> +<security_group_default_rule xmlns="http://docs.openstack.org/compute/api/v1.1" id="1"> + <from_port>80</from_port> + <to_port>80</to_port> + <ip_protocol>TCP</ip_protocol> + <ip_range> + <cidr>10.10.10.0/24</cidr> + </ip_range> +</security_group_default_rule>
\ No newline at end of file |