Skip to main content

openstack_cli_network/v2/default_security_group_rule/
create.rs

1// Licensed under the Apache License, Version 2.0 (the "License");
2// you may not use this file except in compliance with the License.
3// You may obtain a copy of the License at
4//
5//     http://www.apache.org/licenses/LICENSE-2.0
6//
7// Unless required by applicable law or agreed to in writing, software
8// distributed under the License is distributed on an "AS IS" BASIS,
9// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
10// See the License for the specific language governing permissions and
11// limitations under the License.
12//
13// SPDX-License-Identifier: Apache-2.0
14//
15// WARNING: This file is automatically generated from OpenAPI schema using
16// `openstack-codegenerator`.
17
18//! Create DefaultSecurityGroupRule command
19//!
20//! Wraps invoking of the `v2.0/default-security-group-rules` with `POST` method
21
22use clap::Args;
23use eyre::WrapErr;
24use tracing::info;
25
26use openstack_cli_core::cli::CliArgs;
27use openstack_cli_core::error::OpenStackCliError;
28use openstack_cli_core::output::OutputProcessor;
29use openstack_sdk::AsyncOpenStack;
30
31use clap::ValueEnum;
32use openstack_sdk::api::QueryAsync;
33use openstack_sdk::api::network::v2::default_security_group_rule::create;
34use openstack_types::network::v2::default_security_group_rule::response;
35
36/// Creates an Openstack Networking security group rule template.
37///
38/// Normal response codes: 201
39///
40/// Error response codes: 400, 401, 404, 409
41#[derive(Args)]
42#[command(about = "Create security group default rule")]
43pub struct DefaultSecurityGroupRuleCommand {
44    /// Request Query parameters
45    #[command(flatten)]
46    query: QueryParameters,
47
48    /// Path parameters
49    #[command(flatten)]
50    path: PathParameters,
51
52    /// A `default_security_group_rule` object.
53    #[command(flatten)]
54    default_security_group_rule: DefaultSecurityGroupRule,
55}
56
57/// Query parameters
58#[derive(Args)]
59struct QueryParameters {}
60
61/// Path parameters
62#[derive(Args)]
63struct PathParameters {}
64
65#[derive(Clone, Eq, Ord, PartialEq, PartialOrd, ValueEnum)]
66enum Direction {
67    Egress,
68    Ingress,
69}
70
71#[derive(Clone, Eq, Ord, PartialEq, PartialOrd, ValueEnum)]
72enum Ethertype {
73    Ipv4,
74    Ipv6,
75}
76
77/// DefaultSecurityGroupRule Body data
78#[derive(Args, Clone)]
79struct DefaultSecurityGroupRule {
80    /// A human-readable description for the resource. Default is an empty
81    /// string.
82    #[arg(help_heading = "Body parameters", long)]
83    description: Option<String>,
84
85    /// Ingress or egress, which is the direction in which the security group
86    /// rule is applied.
87    #[arg(help_heading = "Body parameters", long)]
88    direction: Option<Direction>,
89
90    /// Must be IPv4 or IPv6, and addresses represented in CIDR must match the
91    /// ingress or egress rules.
92    #[arg(help_heading = "Body parameters", long)]
93    ethertype: Option<Ethertype>,
94
95    /// The maximum port number in the range that is matched by the security
96    /// group rule. If the protocol is TCP, UDP, DCCP, SCTP or UDP-Lite this
97    /// value must be greater than or equal to the `port_range_min` attribute
98    /// value. If the protocol is ICMP, this value must be an ICMP code.
99    #[arg(help_heading = "Body parameters", long)]
100    port_range_max: Option<Option<i32>>,
101
102    /// The minimum port number in the range that is matched by the security
103    /// group rule. If the protocol is TCP, UDP, DCCP, SCTP or UDP-Lite this
104    /// value must be less than or equal to the `port_range_max` attribute
105    /// value. If the protocol is ICMP, this value must be an ICMP type.
106    #[arg(help_heading = "Body parameters", long)]
107    port_range_min: Option<Option<i32>>,
108
109    /// The IP protocol can be represented by a string, an integer, or `null`.
110    /// Valid string or integer values are `any` or `0`, `ah` or `51`, `dccp`
111    /// or `33`, `egp` or `8`, `esp` or `50`, `gre` or `47`, `icmp` or `1`,
112    /// `icmpv6` or `58`, `igmp` or `2`, `ipip` or `4`, `ipv6-encap` or `41`,
113    /// `ipv6-frag` or `44`, `ipv6-icmp` or `58`, `ipv6-nonxt` or `59`,
114    /// `ipv6-opts` or `60`, `ipv6-route` or `43`, `ospf` or `89`, `pgm` or
115    /// `113`, `rsvp` or `46`, `sctp` or `132`, `tcp` or `6`, `udp` or `17`,
116    /// `udplite` or `136`, `vrrp` or `112`. Additionally, any integer value
117    /// between [0-255] is also valid. The string `any` (or integer `0`) means
118    /// `all` IP protocols. See the constants in `neutron_lib.constants` for
119    /// the most up-to-date list of supported strings.
120    #[arg(help_heading = "Body parameters", long)]
121    protocol: Option<String>,
122
123    #[arg(help_heading = "Body parameters", long)]
124    remote_address_group_id: Option<String>,
125
126    /// The remote group UUID to associate with this security group rule. You
127    /// can specify either the `remote_group_id` or `remote_ip_prefix`
128    /// attribute in the request body.
129    #[arg(help_heading = "Body parameters", long)]
130    remote_group_id: Option<String>,
131
132    /// The remote IP prefix that is matched by this security group rule.
133    #[arg(help_heading = "Body parameters", long)]
134    remote_ip_prefix: Option<String>,
135
136    #[arg(help_heading = "Body parameters", long)]
137    tenant_id: Option<String>,
138
139    /// Whether this security group rule template should be used in default
140    /// security group created automatically for each new project. Default
141    /// value is `False`.
142    #[arg(action=clap::ArgAction::Set, help_heading = "Body parameters", long)]
143    used_in_default_sg: Option<bool>,
144
145    /// Whether this security group rule template should be used in custom
146    /// security groups created by project user. Default value is `True`.
147    #[arg(action=clap::ArgAction::Set, help_heading = "Body parameters", long)]
148    used_in_non_default_sg: Option<bool>,
149}
150
151impl DefaultSecurityGroupRuleCommand {
152    /// Perform command action
153    pub async fn take_action<C: CliArgs>(
154        &self,
155        parsed_args: &C,
156        client: &mut AsyncOpenStack,
157    ) -> Result<(), OpenStackCliError> {
158        info!("Create DefaultSecurityGroupRule");
159
160        let op = OutputProcessor::from_args(
161            parsed_args,
162            Some("network.default_security_group_rule"),
163            Some("create"),
164        );
165        op.validate_args(parsed_args)?;
166
167        let mut ep_builder = create::Request::builder();
168
169        // Set body parameters
170        // Set Request.default_security_group_rule data
171        let args = &self.default_security_group_rule;
172        let mut default_security_group_rule_builder =
173            create::DefaultSecurityGroupRuleBuilder::default();
174        if let Some(val) = &args.description {
175            default_security_group_rule_builder.description(val);
176        }
177
178        if let Some(val) = &args.direction {
179            let tmp = match val {
180                Direction::Egress => create::Direction::Egress,
181                Direction::Ingress => create::Direction::Ingress,
182            };
183            default_security_group_rule_builder.direction(tmp);
184        }
185
186        if let Some(val) = &args.ethertype {
187            let tmp = match val {
188                Ethertype::Ipv4 => create::Ethertype::Ipv4,
189                Ethertype::Ipv6 => create::Ethertype::Ipv6,
190            };
191            default_security_group_rule_builder.ethertype(tmp);
192        }
193
194        if let Some(val) = &args.port_range_max {
195            default_security_group_rule_builder.port_range_max(*val);
196        }
197
198        if let Some(val) = &args.port_range_min {
199            default_security_group_rule_builder.port_range_min(*val);
200        }
201
202        if let Some(val) = &args.protocol {
203            default_security_group_rule_builder.protocol(val);
204        }
205
206        if let Some(val) = &args.remote_address_group_id {
207            default_security_group_rule_builder.remote_address_group_id(val);
208        }
209
210        if let Some(val) = &args.remote_group_id {
211            default_security_group_rule_builder.remote_group_id(val);
212        }
213
214        if let Some(val) = &args.remote_ip_prefix {
215            default_security_group_rule_builder.remote_ip_prefix(val);
216        }
217
218        if let Some(val) = &args.tenant_id {
219            default_security_group_rule_builder.tenant_id(val);
220        }
221
222        if let Some(val) = &args.used_in_default_sg {
223            default_security_group_rule_builder.used_in_default_sg(*val);
224        }
225
226        if let Some(val) = &args.used_in_non_default_sg {
227            default_security_group_rule_builder.used_in_non_default_sg(*val);
228        }
229
230        ep_builder.default_security_group_rule(
231            default_security_group_rule_builder
232                .build()
233                .wrap_err("error preparing the request data")?,
234        );
235
236        let ep = ep_builder
237            .build()
238            .map_err(|x| OpenStackCliError::EndpointBuild(x.to_string()))?;
239
240        let data: serde_json::Value = ep.query_async(client).await?;
241
242        op.output_single::<response::create::DefaultSecurityGroupRuleResponse>(data.clone())?;
243        // Show command specific hints
244        op.show_command_hint()?;
245        Ok(())
246    }
247}