Open Stack

On Jul 12, 2016, at 5:33 PM, Darek Śmigiel wrote:

> I believe you’re thinking about adding 22/tcp (and maybe icmp) to default security group.

No, because I've changed that to allow _everything_
(useful for testing and debugging).

> If you don’t specify security group at launch, you will get default security group

Yeah, but if I specifically specify the "ssh" SG, then it
will _only_ accept that. NOT "80 tcp 169.254.169.254/32"!

Unless I add that rule to the "ssh" SG. And all my other
SGs. Which I don't want.

I want a "hidden" SG, which is _always_ added, no matter
what SGs I chose when creating the instance (or change
SGs when the instance is up and running).


I guess I could change my "default" SG to only allow that
http connection, but that won't help unless I always remember
to include that SG..
--
Michael Jackson is not going to buried or cremated
but recycled into shopping bags so he can remain white,
plastic and dangerous for kids to play with.