[openstack-dev] [neutron] - Changing the Neutron default security group rules

Jonathan Proulx jon at csail.mit.edu
Thu Mar 3 15:22:04 UTC 2016

On Wed, Mar 02, 2016 at 02:05:40PM -0600, Monty Taylor wrote:

:(try writing an idempotent ansible playbook that tries to make your
:security group look exactly like you want it not knowing in advance
:what security group rules this provider happens to want to give you
:that you didn't think to explicitly look for.)

my approach is just never to use 'default' & only use groups I've

but yes making default policies obvious and easily discoverable is a
good thing.


More information about the OpenStack-dev mailing list