NetworkSecurityGroup

class oci.core.models.NetworkSecurityGroup(**kwargs)

Bases: object

A network security group (NSG) provides virtual firewall rules for a specific set of Vnic in a VCN. Compare NSGs with SecurityList, which provide virtual firewall rules to all the VNICs in a subnet.

A network security group consists of two items:

  • The set of Vnic that all have the same security rule needs (for

Attributes

LIFECYCLE_STATE_AVAILABLE A constant which can be used with the lifecycle_state property of a NetworkSecurityGroup.
LIFECYCLE_STATE_PROVISIONING A constant which can be used with the lifecycle_state property of a NetworkSecurityGroup.
LIFECYCLE_STATE_TERMINATED A constant which can be used with the lifecycle_state property of a NetworkSecurityGroup.
LIFECYCLE_STATE_TERMINATING A constant which can be used with the lifecycle_state property of a NetworkSecurityGroup.
compartment_id [Required] Gets the compartment_id of this NetworkSecurityGroup.
defined_tags Gets the defined_tags of this NetworkSecurityGroup.
display_name Gets the display_name of this NetworkSecurityGroup.
freeform_tags Gets the freeform_tags of this NetworkSecurityGroup.
id [Required] Gets the id of this NetworkSecurityGroup.
lifecycle_state [Required] Gets the lifecycle_state of this NetworkSecurityGroup.
time_created [Required] Gets the time_created of this NetworkSecurityGroup.
vcn_id [Required] Gets the vcn_id of this NetworkSecurityGroup.

Methods

__init__(**kwargs) Initializes a new NetworkSecurityGroup object with values from keyword arguments.

example, a group of Compute instances all running the same application) * A set of NSG SecurityRule that apply to the VNICs in the group

After creating an NSG, you can add VNICs and security rules to it. For example, when you create an instance, you can specify one or more NSGs to add the instance to (see :func:`create_vnic_details)`. Or you can add an existing instance to an NSG with :func:`update_vnic`.

To add security rules to an NSG, see :func:`add_network_security_group_security_rules`.

To list the VNICs in an NSG, see :func:`list_network_security_group_vnics`.

To list the security rules in an NSG, see :func:`list_network_security_group_security_rules`.

For more information about network security groups, see ``Network Security Groups`__`.

Important: Oracle Cloud Infrastructure Compute service images automatically include firewall rules (for example, Linux iptables, Windows firewall). If there are issues with some type of access to an instance, make sure all of the following are set correctly:

  • Any security rules in any NSGs the instance’s VNIC belongs to
  • Any :class:`SecurityList` associated with the instance’s subnet
  • The instance’s OS firewall rules

To use any of the API operations, you must be authorized in an IAM policy. If you’re not authorized, talk to an administrator. If you’re an administrator who needs to write policies to give users access, see `Getting Started with Policies`__.

LIFECYCLE_STATE_AVAILABLE = 'AVAILABLE'

A constant which can be used with the lifecycle_state property of a NetworkSecurityGroup. This constant has a value of “AVAILABLE”

LIFECYCLE_STATE_PROVISIONING = 'PROVISIONING'

A constant which can be used with the lifecycle_state property of a NetworkSecurityGroup. This constant has a value of “PROVISIONING”

LIFECYCLE_STATE_TERMINATED = 'TERMINATED'

A constant which can be used with the lifecycle_state property of a NetworkSecurityGroup. This constant has a value of “TERMINATED”

LIFECYCLE_STATE_TERMINATING = 'TERMINATING'

A constant which can be used with the lifecycle_state property of a NetworkSecurityGroup. This constant has a value of “TERMINATING”

__init__(**kwargs)

Initializes a new NetworkSecurityGroup object with values from keyword arguments. The following keyword arguments are supported (corresponding to the getters/setters of this class):

Parameters:
  • compartment_id (str) – The value to assign to the compartment_id property of this NetworkSecurityGroup.
  • defined_tags (dict(str, dict(str, object))) – The value to assign to the defined_tags property of this NetworkSecurityGroup.
  • display_name (str) – The value to assign to the display_name property of this NetworkSecurityGroup.
  • freeform_tags (dict(str, str)) – The value to assign to the freeform_tags property of this NetworkSecurityGroup.
  • id (str) – The value to assign to the id property of this NetworkSecurityGroup.
  • lifecycle_state (str) – The value to assign to the lifecycle_state property of this NetworkSecurityGroup. Allowed values for this property are: “PROVISIONING”, “AVAILABLE”, “TERMINATING”, “TERMINATED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.
  • time_created (datetime) – The value to assign to the time_created property of this NetworkSecurityGroup.
  • vcn_id (str) – The value to assign to the vcn_id property of this NetworkSecurityGroup.
compartment_id

[Required] Gets the compartment_id of this NetworkSecurityGroup. The `OCID`__ of the compartment the network security group is in.

Returns:The compartment_id of this NetworkSecurityGroup.
Return type:str
defined_tags

Gets the defined_tags of this NetworkSecurityGroup. Defined tags for this resource. Each key is predefined and scoped to a namespace. For more information, see `Resource Tags`__.

Example: {“Operations”: {“CostCenter”: “42”}}

Returns:The defined_tags of this NetworkSecurityGroup.
Return type:dict(str, dict(str, object))
display_name

Gets the display_name of this NetworkSecurityGroup. A user-friendly name. Does not have to be unique, and it’s changeable. Avoid entering confidential information.

Returns:The display_name of this NetworkSecurityGroup.
Return type:str
freeform_tags

Gets the freeform_tags of this NetworkSecurityGroup. Free-form tags for this resource. Each tag is a simple key-value pair with no predefined name, type, or namespace. For more information, see `Resource Tags`__.

Example: {“Department”: “Finance”}

Returns:The freeform_tags of this NetworkSecurityGroup.
Return type:dict(str, str)
id

[Required] Gets the id of this NetworkSecurityGroup. The `OCID`__ of the network security group.

Returns:The id of this NetworkSecurityGroup.
Return type:str
lifecycle_state

[Required] Gets the lifecycle_state of this NetworkSecurityGroup. The network security group’s current state.

Allowed values for this property are: “PROVISIONING”, “AVAILABLE”, “TERMINATING”, “TERMINATED”, ‘UNKNOWN_ENUM_VALUE’. Any unrecognized values returned by a service will be mapped to ‘UNKNOWN_ENUM_VALUE’.

Returns:The lifecycle_state of this NetworkSecurityGroup.
Return type:str
time_created

[Required] Gets the time_created of this NetworkSecurityGroup. The date and time the network security group was created, in the format defined by `RFC3339`__.

Example: 2016-08-25T21:10:29.600Z

Returns:The time_created of this NetworkSecurityGroup.
Return type:datetime
vcn_id

[Required] Gets the vcn_id of this NetworkSecurityGroup. The `OCID`__ of the network security group’s VCN.

Returns:The vcn_id of this NetworkSecurityGroup.
Return type:str