secgroups

package
v1.1.31 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 10, 2023 License: Apache-2.0 Imports: 4 Imported by: 0

Documentation

Overview

Package secgroups provides the ability to manage security groups through the Nova API.

This API has been deprecated and will be removed from a future release of the Nova API service.

For environments that support this extension, this package can be used regardless of if either Neutron or nova-network is used as the cloud's network service.

Example to List Security Groups 

allPages, err := secroups.List(computeClient).AllPages()
if err != nil {
	panic(err)
}

allSecurityGroups, err := secgroups.ExtractSecurityGroups(allPages)
if err != nil {
	panic(err)
}

for _, sg := range allSecurityGroups {
	fmt.Printf("%+v\n", sg)
}

Example to List Security Groups by Server 

serverID := "aab3ad01-9956-4623-a29b-24afc89a7d36"

allPages, err := secroups.ListByServer(computeClient, serverID).AllPages()
if err != nil {
	panic(err)
}

allSecurityGroups, err := secgroups.ExtractSecurityGroups(allPages)
if err != nil {
	panic(err)
}

for _, sg := range allSecurityGroups {
	fmt.Printf("%+v\n", sg)
}

Example to Create a Security Group 

createOpts := secgroups.CreateOpts{
	Name:        "group_name",
	Description: "A Security Group",
}

sg, err := secgroups.Create(computeClient, createOpts).Extract()
if err != nil {
	panic(err)
}

Example to Create a Security Group Rule 

sgID := "37d94f8a-d136-465c-ae46-144f0d8ef141"

createOpts := secgroups.CreateRuleOpts{
	ParentGroupID: sgID,
	FromPort:      22,
	ToPort:        22,
	IPProtocol:    "tcp",
	CIDR:          "0.0.0.0/0",
}

rule, err := secgroups.CreateRule(computeClient, createOpts).Extract()
if err != nil {
	panic(err)
}

Example to Add a Security Group to a Server 

serverID := "aab3ad01-9956-4623-a29b-24afc89a7d36"
sgID := "37d94f8a-d136-465c-ae46-144f0d8ef141"

err := secgroups.AddServer(computeClient, serverID, sgID).ExtractErr()
if err != nil {
	panic(err)
}

Example to Remove a Security Group from a Server 

serverID := "aab3ad01-9956-4623-a29b-24afc89a7d36"
sgID := "37d94f8a-d136-465c-ae46-144f0d8ef141"

err := secgroups.RemoveServer(computeClient, serverID, sgID).ExtractErr()
if err != nil {
	panic(err)
}

Example to Delete a Security Group 

sgID := "37d94f8a-d136-465c-ae46-144f0d8ef141"
err := secgroups.Delete(computeClient, sgID).ExtractErr()
if err != nil {
	panic(err)
}

Example to Delete a Security Group Rule 

ruleID := "6221fe3e-383d-46c9-a3a6-845e66c1e8b4"
err := secgroups.DeleteRule(computeClient, ruleID).ExtractErr()
if err != nil {
	panic(err)
}

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func List 

func List(client *gophercloud.ServiceClient) pagination.Pager

List will return a collection of all the security groups for a particular tenant.

func ListByServer 

func ListByServer(client *gophercloud.ServiceClient, serverID string) pagination.Pager

ListByServer will return a collection of all the security groups which are associated with a particular server.

Types

type AddServerResult 

type AddServerResult struct {
	gophercloud.ErrResult
}

AddServerResult is the response from an AddServer operation. Call its ExtractErr method to determine if the request succeeded or failed.

func AddServer 

func AddServer(client *gophercloud.ServiceClient, serverID, groupName string) (r AddServerResult)

AddServer will associate a server and a security group, enforcing the rules of the group on the server.

type CreateOpts 

type CreateOpts struct {
	// the name of your security group.
	Name string `json:"name" required:"true"`
	// the description of your security group.
	Description string `json:"description,omitempty"`
}

CreateOpts is the struct responsible for creating a security group.

func (CreateOpts) ToSecGroupCreateMap 

func (opts CreateOpts) ToSecGroupCreateMap() (map[string]interface{}, error)

ToSecGroupCreateMap builds a request body from CreateOpts.

type CreateOptsBuilder 

type CreateOptsBuilder interface {
	ToSecGroupCreateMap() (map[string]interface{}, error)
}

CreateOptsBuilder allows extensions to add additional parameters to the Create request.

type CreateResult 

type CreateResult struct {
	// contains filtered or unexported fields
}

CreateResult represents the result of a create operation. Call its Extract method to interpret the result as a SecurityGroup.

func Create 

func Create(client *gophercloud.ServiceClient, opts CreateOptsBuilder) (r CreateResult)

Create will create a new security group.

func (CreateResult) Extract 

func (r CreateResult) Extract() (*SecurityGroup, error)

Extract will extract a SecurityGroup struct from most responses.

type CreateRuleOpts 

type CreateRuleOpts struct {
	// ID is the ID of the group that this rule will be added to.
	ParentGroupID string `json:"parent_group_id" required:"true"`

	// FromPort is the lower bound of the port range that will be opened.
	// Use -1 to allow all ICMP traffic.
	FromPort int `json:"from_port"`

	// ToPort is the upper bound of the port range that will be opened.
	// Use -1 to allow all ICMP traffic.
	ToPort int `json:"to_port"`

	// IPProtocol the protocol type that will be allowed, e.g. TCP.
	IPProtocol string `json:"ip_protocol" required:"true"`

	// CIDR is the network CIDR to allow traffic from.
	// This is ONLY required if FromGroupID is blank. This represents the IP
	// range that will be the source of network traffic to your security group.
	// Use 0.0.0.0/0 to allow all IP addresses.
	CIDR string `json:"cidr,omitempty" or:"FromGroupID"`

	// FromGroupID represents another security group to allow access.
	// This is ONLY required if CIDR is blank. This value represents the ID of a
	// group that forwards traffic to the parent group. So, instead of accepting
	// network traffic from an entire IP range, you can instead refine the
	// inbound source by an existing security group.
	FromGroupID string `json:"group_id,omitempty" or:"CIDR"`
}

CreateRuleOpts represents the configuration for adding a new rule to an existing security group.

func (CreateRuleOpts) ToRuleCreateMap 

func (opts CreateRuleOpts) ToRuleCreateMap() (map[string]interface{}, error)

ToRuleCreateMap builds a request body from CreateRuleOpts.

type CreateRuleOptsBuilder 

type CreateRuleOptsBuilder interface {
	ToRuleCreateMap() (map[string]interface{}, error)
}

CreateRuleOptsBuilder allows extensions to add additional parameters to the CreateRule request.

type CreateRuleResult 

type CreateRuleResult struct {
	gophercloud.Result
}

CreateRuleResult represents the result when adding rules to a security group. Call its Extract method to interpret the result as a Rule.

func CreateRule 

func CreateRule(client *gophercloud.ServiceClient, opts CreateRuleOptsBuilder) (r CreateRuleResult)

CreateRule will add a new rule to an existing security group (whose ID is specified in CreateRuleOpts). You have the option of controlling inbound traffic from either an IP range (CIDR) or from another security group.

func (CreateRuleResult) Extract 

func (r CreateRuleResult) Extract() (*Rule, error)

Extract will extract a Rule struct from a CreateRuleResult.

type DeleteResult 

type DeleteResult struct {
	gophercloud.ErrResult
}

DeleteResult is the response from delete operation. Call its ExtractErr method to determine if the request succeeded or failed.

func Delete 

func Delete(client *gophercloud.ServiceClient, id string) (r DeleteResult)

Delete will permanently delete a security group from the project.

type DeleteRuleResult 

type DeleteRuleResult struct {
	gophercloud.ErrResult
}

DeleteRuleResult is the response from a DeleteRule operation. Call its ExtractErr method to determine if the request succeeded or failed.

func DeleteRule 

func DeleteRule(client *gophercloud.ServiceClient, id string) (r DeleteRuleResult)

DeleteRule will permanently delete a rule from a security group.

type GetResult 

type GetResult struct {
	// contains filtered or unexported fields
}

GetResult represents the result of a get operation. Call its Extract method to interpret the result as a SecurityGroup.

func Get 

func Get(client *gophercloud.ServiceClient, id string) (r GetResult)

Get will return details for a particular security group.

func (GetResult) Extract 

func (r GetResult) Extract() (*SecurityGroup, error)

Extract will extract a SecurityGroup struct from most responses.

type Group 

type Group struct {
	TenantID string `json:"tenant_id"`
	Name     string
}

Group represents a group.

type IPRange 

type IPRange struct {
	CIDR string
}

IPRange represents the IP range whose traffic will be accepted by the security group.

type RemoveServerResult 

type RemoveServerResult struct {
	gophercloud.ErrResult
}

RemoveServerResult is the response from a RemoveServer operation. Call its ExtractErr method to determine if the request succeeded or failed.

func RemoveServer 

func RemoveServer(client *gophercloud.ServiceClient, serverID, groupName string) (r RemoveServerResult)

RemoveServer will disassociate a server from a security group.

type Rule 

type Rule struct {
	// The unique ID. If Neutron is installed, this ID will be
	// represented as a string UUID; if Neutron is not installed, it will be a
	// numeric ID. For the sake of consistency, we always cast it to a string.
	ID string `json:"-"`

	// The lower bound of the port range which this security group should open up.
	FromPort int `json:"from_port"`

	// The upper bound of the port range which this security group should open up.
	ToPort int `json:"to_port"`

	// The IP protocol (e.g. TCP) which the security group accepts.
	IPProtocol string `json:"ip_protocol"`

	// The CIDR IP range whose traffic can be received.
	IPRange IPRange `json:"ip_range"`

	// The security group ID to which this rule belongs.
	ParentGroupID string `json:"-"`

	// Not documented.
	Group Group
}

Rule represents a security group rule, a policy which determines how a security group operates and what inbound traffic it allows in.

func (*Rule) UnmarshalJSON 

func (r *Rule) UnmarshalJSON(b []byte) error

type SecurityGroup 

type SecurityGroup struct {
	// The unique ID of the group. If Neutron is installed, this ID will be
	// represented as a string UUID; if Neutron is not installed, it will be a
	// numeric ID. For the sake of consistency, we always cast it to a string.
	ID string `json:"-"`

	// The human-readable name of the group, which needs to be unique.
	Name string `json:"name"`

	// The human-readable description of the group.
	Description string `json:"description"`

	// The rules which determine how this security group operates.
	Rules []Rule `json:"rules"`

	// The ID of the tenant to which this security group belongs.
	TenantID string `json:"tenant_id"`
}

SecurityGroup represents a security group.

func ExtractSecurityGroups 

func ExtractSecurityGroups(r pagination.Page) ([]SecurityGroup, error)

ExtractSecurityGroups returns a slice of SecurityGroups contained in a single page of results.

func (*SecurityGroup) UnmarshalJSON 

func (r *SecurityGroup) UnmarshalJSON(b []byte) error

type SecurityGroupPage 

type SecurityGroupPage struct {
	pagination.SinglePageBase
}

SecurityGroupPage is a single page of a SecurityGroup collection.

func (SecurityGroupPage) IsEmpty 

func (page SecurityGroupPage) IsEmpty() (bool, error)

IsEmpty determines whether or not a page of Security Groups contains any results.

type UpdateOpts 

type UpdateOpts struct {
	// the name of your security group.
	Name string `json:"name,omitempty"`
	// the description of your security group.
	Description *string `json:"description,omitempty"`
}

UpdateOpts is the struct responsible for updating an existing security group.

func (UpdateOpts) ToSecGroupUpdateMap 

func (opts UpdateOpts) ToSecGroupUpdateMap() (map[string]interface{}, error)

ToSecGroupUpdateMap builds a request body from UpdateOpts.

type UpdateOptsBuilder 

type UpdateOptsBuilder interface {
	ToSecGroupUpdateMap() (map[string]interface{}, error)
}

UpdateOptsBuilder allows extensions to add additional parameters to the Update request.

type UpdateResult 

type UpdateResult struct {
	// contains filtered or unexported fields
}

UpdateResult represents the result of an update operation. Call its Extract method to interpret the result as a SecurityGroup.

func Update 

func Update(client *gophercloud.ServiceClient, id string, opts UpdateOptsBuilder) (r UpdateResult)

Update will modify the mutable properties of a security group, notably its name and description.

func (UpdateResult) Extract 

func (r UpdateResult) Extract() (*SecurityGroup, error)

Extract will extract a SecurityGroup struct from most responses.

Source Files

View all Source files

Directories

Path Synopsis
secgroups unit tests
 secgroups unit tests

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.