Security Group Management

Permission

API

Action

Dependencies

IAM Project

Enterprise Project

Creating a security group (native OpenStack API)

POST /v2.1/{project_id}/os-security-groups

ecs:securityGroups:use

vpc:securityGroups:get

vpc:securityGroups:create

vpc:securityGroups:update

Supported

Not supported

Deleting a security group (native OpenStack API)

DELETE /v2.1/{project_id}/os-security-groups/{security_group_id}

ecs:securityGroups:use

vpc:securityGroups:get

vpc:securityGroups:delete

vpc:securityGroups:update

Supported

Not supported

Querying details about a security group (native OpenStack API)

GET /v2.1/{project_id}/os-security-groups/{security_group_id}

ecs:securityGroups:use

vpc:securityGroups:get

Supported

Not supported

Querying security groups (native OpenStack API)

GET /v2.1/{project_id}/os-security-groups

ecs:securityGroups:use

vpc:securityGroups:get

Supported

Not supported

Creating a security group rule (native OpenStack API)

POST /v2.1/{project_id}/os-security-group-rules

ecs:securityGroups:use

vpc:securityGroups:get

vpc:securityGroups:update

vpc:securityGroupRules:get

vpc:securityGroupRules:create

Supported

Not supported

Deleting a security group rule (native OpenStack API)

DELETE /v2.1/{project_id}/os-security-group-rules/{security_group_rule_id}

ecs:securityGroups:use

vpc:securityGroups:get

vpc:securityGroups:update

vpc:securityGroupRules:get

vpc:securityGroupRules:delete

Supported

Not supported

Updating a security group (native OpenStack API)

PUT /v2.1/{project_id}/os-security-groups/{security_group_id}

ecs:securityGroups:use

vpc:securityGroups:get

vpc:securityGroups:update

Supported

Not supported

Querying security groups of a specified ECS (native OpenStack API)

GET /v2.1/{project_id}/servers/{server_id}/os-security-groups

ecs:securityGroups:use

vpc:securityGroups:get

vpc:ports:get

Supported

Not supported

Adding an ECS to a security group (native OpenStack API)

POST /v2.1/{project_id}/servers/{server_id}/action

ecs:securityGroups:use

ecs:servers:get

ecs:servers:list

ecs:serverVolumes:use

ecs:diskConfigs:use

ecs:serverKeypairs:get

vpc:securityGroups:get

vpc:securityGroups:create

vpc:securityGroups:update

vpc:securityGroupRules:get

vpc:networks:get

vpc:subnets:get

vpc:routers:get

vpc:ports:get

vpc:ports:update

Supported

Not supported

Removing a security group (native OpenStack API)

POST /v2.1/{project_id}/servers/{server_id}/action

ecs:securityGroups:use

ecs:servers:get

ecs:servers:list

ecs:serverVolumes:use

ecs:diskConfigs:use

ecs:serverKeypairs:get

vpc:securityGroups:get

vpc:securityGroups:delete

vpc:securityGroups:update

vpc:securityGroupRules:get

vpc:networks:get

vpc:subnets:get

vpc:routers:get

vpc:ports:get

vpc:ports:update

Supported

Not supported