Only ingress rules are supported in security groups
Bug #1532317 reported by
Serg Melikyan
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Murano |
Fix Released
|
Wishlist
|
Dmytro Dovbii | ||
Kilo |
Fix Released
|
Undecided
|
Unassigned | ||
Liberty |
Fix Released
|
Undecided
|
Unassigned | ||
Mitaka |
Fix Released
|
Wishlist
|
Dmytro Dovbii |
Bug Description
There is no way to specify in which direction security rule should be applied, only ingress is supported. Also there should be an optional key in existing parameter specifying rule IP protocol version (IPv4/IPv6)
https:/
https:/
summary: |
- Can't specify security rule direction + Can't specify security rule with egress direction |
summary: |
- Can't specify security rule with egress direction + Only ingress rules are supported in security groups |
Changed in murano: | |
milestone: | mitaka-3 → mitaka-2 |
description: | updated |
tags: | added: core-library kilo-backport-potential liberty-backport-potential |
Changed in murano: | |
milestone: | mitaka-2 → mitaka-3 |
tags: | added: security |
To post a comment you must log in.
There should be a separate function for egress rules. Also there should be an optional key in existing parameter specifying rule IP protocol version (IPv4/IPv6). Optimal implementation should make use of it only when it IPv6 so that it will still be possible to use the class with older versions of OpenStack that do not support IPv6 in cases when IPv4 rules are added (IPv4 is the default but older versions of Heat will complain on unknown resource property when if IPv4 is specified explicitly)