OpenStack Security Groups Management Tool.
See groups.yaml for specification and its expanded version.
Sample configuration:
document: sgmanager-groups
version: 1
data:
- test1:
description: SGManager testing security group
rules:
- cidr: [108.171.171.226/32]
port: 22
protocol: tcp
- groups: [test2]
port: 80
protocol: tcp
- test2:
description: SGManager testing security group number 2
rules:
- groups: [test1]
port_min: 50000
port_max: 50500
protocol: tcp
Sample configuration using old format:
test1:
description: SGManager testing security group
rules:
- cidr: [108.171.171.226/32]
port: 22
protocol: tcp
- groups: [test2]
port: 80
protocol: tcp
test2:
description: SGManager testing security group number 2
rules:
- groups: [test1]
port_from: 50000
port_to: 50500
protocol: tcp
Running from source tree can be done in 2 ways:
- Using flit:
flit install -s
and then usesgmanager
from$PATH
- Using Python directly:
python3 -m sgmanager
Installation can be done using flit install
. See --help
from it.
py.test-3 -vv
There are 3 standard ways of passing credentials for OpenStack environments:
--os-*
option for commandlineexport OS_*
from environment variablesclouds.yaml
and use--os-cloud
option
- Multiple rules with the same name are unsupported (even though this is supported in latest OS). This means that you probably want to delete all groups before using sgmanager.
- Egress rules are ignored temporarily.