Create default-security-group-rules.md #167
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
a guide for default security group rules Signed-off-by: josephineSei <[email protected]>
josephineSei
added a commit
to SovereignCloudStack/standards
that referenced
this pull request
Mar 20, 2024
remove example in favor of the guide in docs: SovereignCloudStack/docs#167 Signed-off-by: josephineSei <[email protected]>
|
@markus-hentsch Can you please review this one? |
markus-hentsch
requested changes
Apr 3, 2024
|
|
||
| ### Example of a conform set of default Security Group Rules | ||
|
|
||
| This is an exapmle how a table with default Security Group Rules may look like: |
There was a problem hiding this comment.
Suggested change
| This is an exapmle how a table with default Security Group Rules may look like: | |
| This is an example how a table with default Security Group Rules may look like: |
|
|
||
| ::: | ||
|
|
||
| The default security Group Rules can differ between default Security Groups and all other Security Groups - called `custom Security Group`. |
There was a problem hiding this comment.
Suggested change
| The default security Group Rules can differ between default Security Groups and all other Security Groups - called `custom Security Group`. | |
| Default Security Group Rules may be adjusted individually for one of two different types of Security Groups: | |
| 1. The default Security Groups that are automatically created for projects initially. | |
| 2. Custom Security Groups created by users and initialized with a default rule set. | |
| The default rule set is configured separately for each of those two types. |
I found the original sentence a bit hard to grasp due to the meaning of "default" and "custom" being separate between rules and groups making this multi-dimensional but hard to convey in a single sentence. That's the reason I rephrased this to make a more clear distinction.
| ::: | ||
|
|
||
| The default security Group Rules can differ between default Security Groups and all other Security Groups - called `custom Security Group`. | ||
| So it is possible as an administrator to define rules only for one of those groups of Security Groups. |
There was a problem hiding this comment.
Suggested change
| So it is possible as an administrator to define rules only for one of those groups of Security Groups. | |
| So it is possible as an administrator to define rules only for one of those types of Security Groups. |
josephineSei
added a commit
to SovereignCloudStack/standards
that referenced
this pull request
Jun 12, 2024
* Create scs-XXXX-v1-default-rules-for-security-groups.md First draft of standard for default security group rules Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> * Update Standards/scs-XXXX-v1-default-rules-for-security-groups.md fix typos Co-authored-by: Sven <[email protected]> Signed-off-by: josephineSei <[email protected]> * Create default-security-group-rules.py Create Test for the default security group rules Signed-off-by: josephineSei <[email protected]> * Update default-security-group-rules.py Signed-off-by: josephineSei <[email protected]> * Update default-security-group-rules.py Signed-off-by: josephineSei <[email protected]> * Update default-security-group-rules.py Signed-off-by: josephineSei <[email protected]> * Update default-security-group-rules.py Signed-off-by: josephineSei <[email protected]> * Apply suggestions from code review fix typos and adjust some wording Co-authored-by: Markus Hentsch <[email protected]> Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Add example on how to create a rule only for custom security groups Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md remove example in favor of the guide in docs: SovereignCloudStack/docs#167 Signed-off-by: josephineSei <[email protected]> * Restructure Tests to allow the special ingress case but only for default security groups. Signed-off-by: josephineSei <[email protected]> * Change to allow the OpenStack default default SG rules This will only allow ingress traffic from the same SG for the default security groups. Signed-off-by: josephineSei <[email protected]> * change indentation Signed-off-by: josephineSei <[email protected]> * adjust the if clause Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> * remove unnecessary sentence Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> * add tests for egress traffic rules to be present Signed-off-by: josephineSei <[email protected]> * Update default-security-group-rules.py Signed-off-by: josephineSei <[email protected]> * clarify conformance test abstract Signed-off-by: josephineSei <[email protected]> * Update default-security-group-rules.py Signed-off-by: josephineSei <[email protected]> * Apply suggestions from code review Co-authored-by: Markus Hentsch <[email protected]> Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> * Apply suggestions from code review Co-authored-by: Markus Hentsch <[email protected]> Signed-off-by: josephineSei <[email protected]> * Update scs-XXXX-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> * Rename scs-XXXX-v1-default-rules-for-security-groups.md to scs-0115-v1-default-rules-for-security-groups.md Signed-off-by: josephineSei <[email protected]> --------- Signed-off-by: josephineSei <[email protected]> Co-authored-by: Sven <[email protected]> Co-authored-by: Markus Hentsch <[email protected]>
|
@josephineSei @markus-hentsch This seems to have been in limbo for weeks. What's the status here? |
|
This belonged to SovereignCloudStack/standards#521. Taht issue was closed automatically, when the standard was merged. So this PR was not on my focus anymore. |
I agree. We already added a user-facing guide for custom SG rule handling. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
a guide for default security group rules
follow-up part of: SovereignCloudStack/standards#521