OpenStack

Pulumi Official
Package maintained by Pulumi
v3.9.0 published on Thursday, Aug 4, 2022 by Pulumi

PortSecGroupAssociate

Import

Port security group association can be imported using the id of the port, e.g.

 $ pulumi import openstack:networking/portSecGroupAssociate:PortSecGroupAssociate port_1 eae26a3e-1c33-4cc1-9c31-0cd729c438a1

Example Usage

Append a security group to an existing port

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
    public MyStack()
    {
        var systemPort = Output.Create(OpenStack.Networking.GetPort.InvokeAsync(new OpenStack.Networking.GetPortArgs
        {
            FixedIp = "10.0.0.10",
        }));
        var secgroup = Output.Create(OpenStack.Networking.GetSecGroup.InvokeAsync(new OpenStack.Networking.GetSecGroupArgs
        {
            Name = "secgroup",
        }));
        var port1 = new OpenStack.Networking.PortSecGroupAssociate("port1", new OpenStack.Networking.PortSecGroupAssociateArgs
        {
            PortId = systemPort.Apply(systemPort => systemPort.Id),
            SecurityGroupIds = 
            {
                secgroup.Apply(secgroup => secgroup.Id),
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v3/go/openstack/networking"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		systemPort, err := networking.LookupPort(ctx, &networking.LookupPortArgs{
			FixedIp: pulumi.StringRef("10.0.0.10"),
		}, nil)
		if err != nil {
			return err
		}
		secgroup, err := networking.LookupSecGroup(ctx, &networking.LookupSecGroupArgs{
			Name: pulumi.StringRef("secgroup"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = networking.NewPortSecGroupAssociate(ctx, "port1", &networking.PortSecGroupAssociateArgs{
			PortId: pulumi.String(systemPort.Id),
			SecurityGroupIds: pulumi.StringArray{
				pulumi.String(secgroup.Id),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.networking.NetworkingFunctions;
import com.pulumi.openstack.networking.inputs.GetPortArgs;
import com.pulumi.openstack.networking.inputs.GetSecGroupArgs;
import com.pulumi.openstack.networking.PortSecGroupAssociate;
import com.pulumi.openstack.networking.PortSecGroupAssociateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var systemPort = NetworkingFunctions.getPort(GetPortArgs.builder()
            .fixedIp("10.0.0.10")
            .build());

        final var secgroup = NetworkingFunctions.getSecGroup(GetSecGroupArgs.builder()
            .name("secgroup")
            .build());

        var port1 = new PortSecGroupAssociate("port1", PortSecGroupAssociateArgs.builder()        
            .portId(systemPort.applyValue(getPortResult -> getPortResult.id()))
            .securityGroupIds(secgroup.applyValue(getSecGroupResult -> getSecGroupResult.id()))
            .build());

    }
}
import pulumi
import pulumi_openstack as openstack

system_port = openstack.networking.get_port(fixed_ip="10.0.0.10")
secgroup = openstack.networking.get_sec_group(name="secgroup")
port1 = openstack.networking.PortSecGroupAssociate("port1",
    port_id=system_port.id,
    security_group_ids=[secgroup.id])
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const systemPort = pulumi.output(openstack.networking.getPort({
    fixedIp: "10.0.0.10",
}));
const secgroup = pulumi.output(openstack.networking.getSecGroup({
    name: "secgroup",
}));
const port1 = new openstack.networking.PortSecGroupAssociate("port_1", {
    portId: systemPort.id,
    securityGroupIds: [secgroup.id],
});
resources:
  port1:
    type: openstack:networking:PortSecGroupAssociate
    properties:
      portId: ${systemPort.id}
      securityGroupIds:
        - ${secgroup.id}
variables:
  systemPort:
    Fn::Invoke:
      Function: openstack:networking:getPort
      Arguments:
        fixedIp: 10.0.0.10
  secgroup:
    Fn::Invoke:
      Function: openstack:networking:getSecGroup
      Arguments:
        name: secgroup

Enforce a security group to an existing port

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
    public MyStack()
    {
        var systemPort = Output.Create(OpenStack.Networking.GetPort.InvokeAsync(new OpenStack.Networking.GetPortArgs
        {
            FixedIp = "10.0.0.10",
        }));
        var secgroup = Output.Create(OpenStack.Networking.GetSecGroup.InvokeAsync(new OpenStack.Networking.GetSecGroupArgs
        {
            Name = "secgroup",
        }));
        var port1 = new OpenStack.Networking.PortSecGroupAssociate("port1", new OpenStack.Networking.PortSecGroupAssociateArgs
        {
            Enforce = true,
            PortId = systemPort.Apply(systemPort => systemPort.Id),
            SecurityGroupIds = 
            {
                secgroup.Apply(secgroup => secgroup.Id),
            },
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v3/go/openstack/networking"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		systemPort, err := networking.LookupPort(ctx, &networking.LookupPortArgs{
			FixedIp: pulumi.StringRef("10.0.0.10"),
		}, nil)
		if err != nil {
			return err
		}
		secgroup, err := networking.LookupSecGroup(ctx, &networking.LookupSecGroupArgs{
			Name: pulumi.StringRef("secgroup"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = networking.NewPortSecGroupAssociate(ctx, "port1", &networking.PortSecGroupAssociateArgs{
			Enforce: pulumi.Bool(true),
			PortId:  pulumi.String(systemPort.Id),
			SecurityGroupIds: pulumi.StringArray{
				pulumi.String(secgroup.Id),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.networking.NetworkingFunctions;
import com.pulumi.openstack.networking.inputs.GetPortArgs;
import com.pulumi.openstack.networking.inputs.GetSecGroupArgs;
import com.pulumi.openstack.networking.PortSecGroupAssociate;
import com.pulumi.openstack.networking.PortSecGroupAssociateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var systemPort = NetworkingFunctions.getPort(GetPortArgs.builder()
            .fixedIp("10.0.0.10")
            .build());

        final var secgroup = NetworkingFunctions.getSecGroup(GetSecGroupArgs.builder()
            .name("secgroup")
            .build());

        var port1 = new PortSecGroupAssociate("port1", PortSecGroupAssociateArgs.builder()        
            .enforce("true")
            .portId(systemPort.applyValue(getPortResult -> getPortResult.id()))
            .securityGroupIds(secgroup.applyValue(getSecGroupResult -> getSecGroupResult.id()))
            .build());

    }
}
import pulumi
import pulumi_openstack as openstack

system_port = openstack.networking.get_port(fixed_ip="10.0.0.10")
secgroup = openstack.networking.get_sec_group(name="secgroup")
port1 = openstack.networking.PortSecGroupAssociate("port1",
    enforce=True,
    port_id=system_port.id,
    security_group_ids=[secgroup.id])
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const systemPort = pulumi.output(openstack.networking.getPort({
    fixedIp: "10.0.0.10",
}));
const secgroup = pulumi.output(openstack.networking.getSecGroup({
    name: "secgroup",
}));
const port1 = new openstack.networking.PortSecGroupAssociate("port_1", {
    enforce: true,
    portId: systemPort.id,
    securityGroupIds: [secgroup.id],
});
resources:
  port1:
    type: openstack:networking:PortSecGroupAssociate
    properties:
      enforce: true
      portId: ${systemPort.id}
      securityGroupIds:
        - ${secgroup.id}
variables:
  systemPort:
    Fn::Invoke:
      Function: openstack:networking:getPort
      Arguments:
        fixedIp: 10.0.0.10
  secgroup:
    Fn::Invoke:
      Function: openstack:networking:getSecGroup
      Arguments:
        name: secgroup

Remove all security groups from an existing port

using Pulumi;
using OpenStack = Pulumi.OpenStack;

class MyStack : Stack
{
    public MyStack()
    {
        var systemPort = Output.Create(OpenStack.Networking.GetPort.InvokeAsync(new OpenStack.Networking.GetPortArgs
        {
            FixedIp = "10.0.0.10",
        }));
        var port1 = new OpenStack.Networking.PortSecGroupAssociate("port1", new OpenStack.Networking.PortSecGroupAssociateArgs
        {
            Enforce = true,
            PortId = systemPort.Apply(systemPort => systemPort.Id),
            SecurityGroupIds = {},
        });
    }

}
package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v3/go/openstack/networking"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		systemPort, err := networking.LookupPort(ctx, &networking.LookupPortArgs{
			FixedIp: pulumi.StringRef("10.0.0.10"),
		}, nil)
		if err != nil {
			return err
		}
		_, err = networking.NewPortSecGroupAssociate(ctx, "port1", &networking.PortSecGroupAssociateArgs{
			Enforce:          pulumi.Bool(true),
			PortId:           pulumi.String(systemPort.Id),
			SecurityGroupIds: pulumi.StringArray{},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.networking.NetworkingFunctions;
import com.pulumi.openstack.networking.inputs.GetPortArgs;
import com.pulumi.openstack.networking.PortSecGroupAssociate;
import com.pulumi.openstack.networking.PortSecGroupAssociateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var systemPort = NetworkingFunctions.getPort(GetPortArgs.builder()
            .fixedIp("10.0.0.10")
            .build());

        var port1 = new PortSecGroupAssociate("port1", PortSecGroupAssociateArgs.builder()        
            .enforce("true")
            .portId(systemPort.applyValue(getPortResult -> getPortResult.id()))
            .securityGroupIds()
            .build());

    }
}
import pulumi
import pulumi_openstack as openstack

system_port = openstack.networking.get_port(fixed_ip="10.0.0.10")
port1 = openstack.networking.PortSecGroupAssociate("port1",
    enforce=True,
    port_id=system_port.id,
    security_group_ids=[])
import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const systemPort = pulumi.output(openstack.networking.getPort({
    fixedIp: "10.0.0.10",
}));
const port1 = new openstack.networking.PortSecGroupAssociate("port_1", {
    enforce: true,
    portId: systemPort.id,
    securityGroupIds: [],
});
resources:
  port1:
    type: openstack:networking:PortSecGroupAssociate
    properties:
      enforce: true
      portId: ${systemPort.id}
      securityGroupIds: []
variables:
  systemPort:
    Fn::Invoke:
      Function: openstack:networking:getPort
      Arguments:
        fixedIp: 10.0.0.10

Create a PortSecGroupAssociate Resource

new PortSecGroupAssociate(name: string, args: PortSecGroupAssociateArgs, opts?: CustomResourceOptions);
@overload
def PortSecGroupAssociate(resource_name: str,
                          opts: Optional[ResourceOptions] = None,
                          enforce: Optional[bool] = None,
                          port_id: Optional[str] = None,
                          region: Optional[str] = None,
                          security_group_ids: Optional[Sequence[str]] = None)
@overload
def PortSecGroupAssociate(resource_name: str,
                          args: PortSecGroupAssociateArgs,
                          opts: Optional[ResourceOptions] = None)
func NewPortSecGroupAssociate(ctx *Context, name string, args PortSecGroupAssociateArgs, opts ...ResourceOption) (*PortSecGroupAssociate, error)
public PortSecGroupAssociate(string name, PortSecGroupAssociateArgs args, CustomResourceOptions? opts = null)
public PortSecGroupAssociate(String name, PortSecGroupAssociateArgs args)
public PortSecGroupAssociate(String name, PortSecGroupAssociateArgs args, CustomResourceOptions options)
type: openstack:networking:PortSecGroupAssociate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args PortSecGroupAssociateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args PortSecGroupAssociateArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args PortSecGroupAssociateArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args PortSecGroupAssociateArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args PortSecGroupAssociateArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

PortSecGroupAssociate Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The PortSecGroupAssociate resource accepts the following input properties:

PortId string

An UUID of the port to apply security groups to.

SecurityGroupIds List<string>

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

Enforce bool

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

Region string

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

PortId string

An UUID of the port to apply security groups to.

SecurityGroupIds []string

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

Enforce bool

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

Region string

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

portId String

An UUID of the port to apply security groups to.

securityGroupIds List<String>

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

enforce Boolean

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

region String

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

portId string

An UUID of the port to apply security groups to.

securityGroupIds string[]

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

enforce boolean

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

region string

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

port_id str

An UUID of the port to apply security groups to.

security_group_ids Sequence[str]

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

enforce bool

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

region str

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

portId String

An UUID of the port to apply security groups to.

securityGroupIds List<String>

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

enforce Boolean

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

region String

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

Outputs

All input properties are implicitly available as output properties. Additionally, the PortSecGroupAssociate resource produces the following output properties:

AllSecurityGroupIds List<string>

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

Id string

The provider-assigned unique ID for this managed resource.

AllSecurityGroupIds []string

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

Id string

The provider-assigned unique ID for this managed resource.

allSecurityGroupIds List<String>

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

id String

The provider-assigned unique ID for this managed resource.

allSecurityGroupIds string[]

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

id string

The provider-assigned unique ID for this managed resource.

all_security_group_ids Sequence[str]

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

id str

The provider-assigned unique ID for this managed resource.

allSecurityGroupIds List<String>

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

id String

The provider-assigned unique ID for this managed resource.

Look up an Existing PortSecGroupAssociate Resource

Get an existing PortSecGroupAssociate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: PortSecGroupAssociateState, opts?: CustomResourceOptions): PortSecGroupAssociate
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        all_security_group_ids: Optional[Sequence[str]] = None,
        enforce: Optional[bool] = None,
        port_id: Optional[str] = None,
        region: Optional[str] = None,
        security_group_ids: Optional[Sequence[str]] = None) -> PortSecGroupAssociate
func GetPortSecGroupAssociate(ctx *Context, name string, id IDInput, state *PortSecGroupAssociateState, opts ...ResourceOption) (*PortSecGroupAssociate, error)
public static PortSecGroupAssociate Get(string name, Input<string> id, PortSecGroupAssociateState? state, CustomResourceOptions? opts = null)
public static PortSecGroupAssociate get(String name, Output<String> id, PortSecGroupAssociateState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
AllSecurityGroupIds List<string>

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

Enforce bool

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

PortId string

An UUID of the port to apply security groups to.

Region string

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

SecurityGroupIds List<string>

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

AllSecurityGroupIds []string

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

Enforce bool

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

PortId string

An UUID of the port to apply security groups to.

Region string

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

SecurityGroupIds []string

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

allSecurityGroupIds List<String>

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

enforce Boolean

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

portId String

An UUID of the port to apply security groups to.

region String

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

securityGroupIds List<String>

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

allSecurityGroupIds string[]

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

enforce boolean

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

portId string

An UUID of the port to apply security groups to.

region string

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

securityGroupIds string[]

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

all_security_group_ids Sequence[str]

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

enforce bool

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

port_id str

An UUID of the port to apply security groups to.

region str

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

security_group_ids Sequence[str]

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

allSecurityGroupIds List<String>

The collection of Security Group IDs on the port which have been explicitly and implicitly added.

enforce Boolean

Whether to replace or append the list of security groups, specified in the security_group_ids. Defaults to false.

portId String

An UUID of the port to apply security groups to.

region String

The region in which to obtain the V2 networking client. A networking client is needed to manage a port. If omitted, the region argument of the provider is used. Changing this creates a new resource.

securityGroupIds List<String>

A list of security group IDs to apply to the port. The security groups must be specified by ID and not name (as opposed to how they are configured with the Compute Instance).

Package Details

Repository
https://github.com/pulumi/pulumi-openstack
License
Apache-2.0
Notes

This Pulumi package is based on the openstack Terraform Provider.