secgroups: enable delete_default_rules (!51) · Merge requests · repos / cloud / cloud-vps / tofu-infra

Arturo Borrero Gonzalez requested to merge arturo-111-secgroups-enable-de into main Sep 19, 2024

Neutron will always inject a set of default security group rules when creating a security group.

We wont be able to fully track the security group rules in tofu-infra unless we delete them, which conveniently the tofy openstack provider allows.

This means that the default sg rules (like, allow egress) should be included in the security group YAML we have in this repo, which is exactly what we wanted in the first place.

Bug: T375111 Signed-off-by: Arturo Borrero Gonzalez aborrero@wikimedia.org

Admin message

Admin message

secgroups: enable delete_default_rules

Merge request reports