The nova.network.security_group.security_group_base Module

class SecurityGroupBase(skip_policy_check=False)

Bases: object

add_rules(context, id, name, vals)

add_to_instance(context, instance, security_group_name)

Add security group to the instance.

Parameters:

• context – The request context.
• instance – nova.objects.instance.Instance object.
• security_group_name – security group name to add

create_security_group(context, name, description)

create_security_group_rule(context, security_group, new_rule)

destroy(context, security_group)

ensure_default(context)

get(context, name=None, id=None, map_exception=False)

get_instance_security_groups(context, instance, detailed=False)

get_rule(context, id)

list(context, names=None, ids=None, project=None, search_opts=None)

static new_cidr_ingress_rule(grantee_cidr, protocol, from_port, to_port)

static new_group_ingress_rule(grantee_group_id, protocol, from_port, to_port)

parse_cidr(cidr)

populate_security_groups(security_groups)

Called when populating the database for an instances security groups.

static raise_group_already_exists(msg)

static raise_invalid_cidr(cidr, decoding_exception=None)

static raise_invalid_group(msg)

static raise_invalid_property(msg)

static raise_not_found(msg)

static raise_over_quota(msg)

remove_from_instance(context, instance, security_group_name)

Remove the security group associated with the instance.

Parameters:

• context – The request context.
• instance – nova.objects.instance.Instance object.
• security_group_name – security group name to remove

remove_rules(context, security_group, rule_ids)

rule_exists(security_group, new_rule)

Indicates whether the specified rule is already defined in the given security group.

trigger_members_refresh(context, group_ids)

Called when a security group gains a new or loses a member.

Sends an update request to each compute node for each instance for which this is relevant.

trigger_rules_refresh(context, id)

Called when a rule is added to or removed from a security_group.

update_security_group(context, security_group, name, description)

validate_property(value, property, allowed)