Hello, If you use CLI, you can use a script (with all your rules "nova secgroup-add-rule default") and send the tenant_name as parameter. The best way (I think) is to script the tenant creation which includes all your security group rules. On 04/05/2016 01:28 PM, Tom Verdaat wrote: > No it is not possible at this time. > > Easiest workaround right now is to use a HEAT template to create a > custom security group with the settings you're looking for and find a > way to load it automatically for all new tenants. > > This blueprint is marked obsolete because it doesn't comply with the > new specification requirements. Hope somebody resubmits this because > it is a valuable feature that should have been developed a long time ago! > > Tom > > > 2016-04-05 12:57 GMT+02:00 Tomas Vondra <vondra at czech-itc.cz > <mailto:vondra at czech-itc.cz>>: > > Jagga <jagga13 at ...> writes: > > > > > Hi Guys, > > > > I was wondering if there is a way for us to change what the default > security group looks like for new projects > > without having to change it manually. Basically I want to make > sure that > when a new project is created it > > automatically gets a minimal set of our standard rules. Is > there a way I > can do this? > > > > Also changing the default security group in one project should > not change > anything for another project > > right? Meaning even though the default security group shares > the same > name between projects/tenants it > > is specific to only that one project. > > > > Thanks. > > > > > Hi! > Looking at this quite recently obsoleted blueprint, I would say it > is not > possible. > https://blueprints.launchpad.net/neutron/+spec/ > default-rules-for-default-security-group > Tomas > > > _______________________________________________ > Mailing list: > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack at lists.openstack.org > <mailto:openstack at lists.openstack.org> > Unsubscribe : > http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > > > > > _______________________________________________ > Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack > Post to : openstack at lists.openstack.org > Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.openstack.org/pipermail/openstack/attachments/20160405/6097ee9f/attachment.html>