openstack_networking_port_secgroup_associate_v2
These instructions are a copy of the official OpenStack Terraform provider documentation in the Terraform Registry.
Manages a V2 port's security groups within OpenStack. Useful, when the port wascreated not by Terraform (e.g. Manila or LBaaS). It should not be used, when theport was created directly within Terraform.
When the resource is deleted, Terraform doesn't delete the port, but unsets the list of user defined security group IDs.However, if enforce
is set to trueand
the resource is deleted, Terraform will remove all assigned security groupIDs.
Example Usage
Append a security group to an existing port
data "openstack_networking_port_v2" "system_port" {
fixed_ip = "10.0.0.10"
}
data "openstack_networking_secgroup_v2" "secgroup" {
name = "secgroup"
}
resource "openstack_networking_port_secgroup_associate_v2" "port_1" {
port_id = data.openstack_networking_port_v2.system_port.id
security_group_ids = [
data.openstack_networking_secgroup_v2.secgroup.id,
]
}
Enforce a security group to an existing port
data "openstack_networking_port_v2" "system_port" {
fixed_ip = "10.0.0.10"
}
data "openstack_networking_secgroup_v2" "secgroup" {
name = "secgroup"
}
resource "openstack_networking_port_secgroup_associate_v2" "port_1" {
port_id = data.openstack_networking_port_v2.system_port.id
enforce = "true"
security_group_ids = [
data.openstack_networking_secgroup_v2.secgroup.id,
]
}
Remove all security groups from an existing port
data "openstack_networking_port_v2" "system_port" {
fixed_ip = "10.0.0.10"
}
resource "openstack_networking_port_secgroup_associate_v2" "port_1" {
port_id = data.openstack_networking_port_v2.system_port.id
enforce = "true"
security_group_ids = []
}
Argument Reference
The following arguments are supported:
-
region
— (Optional) The region in which to obtain the V2 networking client.A networking client is needed to manage a port. If omitted, theregion
argument of the provider is used. Changing this creates a newresource. -
port_id
— (Required) An UUID of the port to apply security groups to. -
security_group_ids
— (Required) A list of security group IDs to apply tothe port. The security groups must be specified by ID and not name (asopposed to how they are configured with the Compute Instance). -
enforce
— (Optional) Whether to replace or append the list of securitygroups specified in thesecurity_group_ids
. Defaults tofalse
.
Attributes Reference
The following attributes are exported:
region
— See Argument Reference above.port_id
— See Argument Reference above.security_group_ids
— See Argument Reference above.all_security_group_ids
— The collection of Security Group IDs on the portwhich have been explicitly and implicitly added.
Import
Port security group association can be imported using the id of
the port, e.g.
$ terraform import openstack_networking_port_secgroup_associate_v2.port_1 eae26a3e-1c33-4cc1-9c31-0cd729c438a1