Associating Security Groups

Security groups, as discussed earlier, are typically required to allow network traffic to an instance, unless the default security group for a project has been modified to be more permissive.

Adding security groups is typically done on instance boot. When launching from the dashboard you do this on the Access & Security tab of the Launch Instance dialog. When launching from the command line, append --security-groups with a comma-separated list of security groups.

It is also possible to add and remove security groups when an instance is running. Currently this is only available through the command-line tools. Here is an example:

$ nova add-secgroup <server> <securitygroup>
$ nova remove-secgroup <server> <securitygroup>
Questions? Discuss on ask.openstack.org
Found an error? Report a bug against this page

loading table of contents...