I'd like to see this RFE discussed with the drivers team before it is
marked as Won't Fix.
** Changed in: neutron
Status: Won't Fix => Confirmed
--
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to neutron.
https://bugs.launchpad.net/bugs/1592000
Title:
[RFE] Admin customized default security-group
Status in neutron:
Confirmed
Bug description:
Allow the admin to decide which rules should be added (by default) to
the tenant default security-group once created.
At the moment, each tenant default security-group is created with specific
set of rules: allow all egress and allow ingress from default sg.
However, this is not the desired behavior for all deployments, as some would
want to practice a “zero trust” model where all traffic is blocked unless
explicitly decided otherwise, or on the other hand, allow all inbound+outbound
traffic.
It’s worth nothing that at some use cases the default behavior can be
expressed with very specific sets of rules, which only the admin has the
knowledge to define (e.g- allow connection to active directory endpoints), in
such cases the impact on usability is even worse, as it requires the admin to
create rules on every tenant default security-group.
To manage notifications about this bug go to:
https://bugs.launchpad.net/neutron/+bug/1592000/+subscriptions
--
Mailing list: https://launchpad.net/~yahoo-eng-team
Post to : [email protected]
Unsubscribe : https://launchpad.net/~yahoo-eng-team
More help : https://help.launchpad.net/ListHelp
