-
Created by
Tomas Gonzalo, last updated on Jun 18, 2026
1 minute read
This page describes how to add security groups to a tenancy
Pre-requisites
- Application credentials EWC OpenStack API access - Openstack Application Credentials
- OpenStack command-line client EWC OpenStack API access - Install and use Command-Line client
Create a security group
In order to create a new security group do
openstack security group create <security_group_name>
with <security_group_name> the name of thew newly created security group
Add security group rules
To add rules to an existing security group do
openstack security group rule create [--ingress/--egress] [--protocol <protocol>] [--remote-ip <ip-address>] --dst-port <port-range> <security_group_name>
where:
--ingressdenotes that the rule applies to incoming network traffic. This option is default if neither ingress or egress is specified--egressdenotes that the rule applies to outoging network traffic<protocol>is the protocol of the network, typically TCP, UDP or ICMP<ip-address>is the remote ip address block. By default0.0.0.0/0- <port-range> is the ranges of ports at destination that the rule applies to. Can be given as a single port, e.g. 22, or a range, e.g. 120:125