Identifying the Security Rules Applicable to an Instance

Over time, you may create multiple security rules for different purposes. To find out which security rules are applicable to a Compute Classic instance, you must identify the security lists to which the instance belongs and then determine the security rules in which each of those security lists is specified.

Task REST API Call
1. Find out the vcable ID of the instance. GET /instance/{name}

In the response, note the value of the vcable_id parameter.

2. Get a list of all the security associations for the vcable ID that you noted in step 1. GET /secassociation/{container}/?vcable={vcableID}

Note the security list returned for each security association.

3. For each security list from step 2, get a list of all the security rules in which the given security list is the destination. GET /secrule/{container}/?dst_list=seclist:{seclist}

Note the security rules returned for each security list.

4. For each security list from step 2, get a list of all the security rules in which the given security list is the source. GET /secrule/{container}/?src_list=seclist:{seclist}

Note the security rules returned for each security list.

5. Combine the output from steps 3 and 4. The result is a list of all the security rules applicable to the instance.