Add Security Groups docs

Jamie Hannaford · Jamie Hannaford · commit fa11f19aed4c · 2015-03-09T11:43:57.000+01:00
diff --git a/doc/services/networking/index.rst b/doc/services/networking/index.rst
@@ -23,6 +23,8 @@ Operations
   networks
   subnets
   ports
+  security-groups
+  security-group-rules
 
 Glossary
 --------
@@ -49,6 +51,14 @@ Glossary
     associated with a subet, as the IP address is taken from the allocation
     pool for a specific subnet.
 
+  security group
+    A security group is a named container for security group rules.
+
+  security group rule
+    A security group rule provides users the ability to specify the types of
+    traffic that are allowed to pass through to and from ports on a virtual
+    server instance.
+
 
 Further links
 -------------
diff --git a/doc/services/networking/security-group-rules.rst b/doc/services/networking/security-group-rules.rst
@@ -0,0 +1,61 @@
+Security Group Rules
+====================
+
+Create a security group rule
+----------------------------
+
+This operation takes one parameter, an associative array, with the
+following keys:
+
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+| Name                  | Description                                                                                                                                                                                                                                                       | Data type                             | Required?   | Default value   | Example value                              |
++=======================+===================================================================================================================================================================================================================================================================+=======================================+=============+=================+============================================+
+| ``securityGroupId``   | The security group ID to associate with this security group rule.                                                                                                                                                                                                 | String                                | Yes         | -               | ``2076db17-a522-4506-91de-c6dd8e837028``   |
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+| ``direction``         | The direction in which the security group rule is applied. For a compute instance, an ingress security group rule is applied to incoming (ingress) traffic for that instance. An egress rule is applied to traffic leaving the instance.                          | String (``ingress`` or ``egress``)    | Yes         | -               | ``ingress``                                |
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+| ``ethertype``         | Must be IPv4 or IPv6, and addresses represented in CIDR must match the ingress or egress rules.                                                                                                                                                                   | String (``IPv4`` or ``IPv6``)         | No          | ``IPv4``        | ``IPv6``                                   |
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+| ``portRangeMin``      | The minimum port number in the range that is matched by the security group rule. If the protocol is TCP or UDP, this value must be less than or equal to the value of the ``portRangeMax`` attribute. If the protocol is ICMP, this value must be an ICMP type.   | Integer                               | No          | ``null``        | ``80``                                     |
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+| ``portRangeMax``      | The maximum port number in the range that is matched by the security group rule. The port\_range\_min attribute constrains the attribute. If the protocol is ICMP, this value must be an ICMP type.                                                               | Integer                               | No          | ``null``        | ``80``                                     |
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+| ``protocol``          | The protocol that is matched by the security group rule.                                                                                                                                                                                                          | String (``tcp``, ``udp``, ``icmp``)   | No          | ``null``        | ``tcp``                                    |
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+| ``remoteGroupId``     | The remote group ID to be associated with this security group rule. You can specify either ``remoteGroupId`` or ``remoteGroupPrefix``.                                                                                                                            | String                                | Optional    | ``null``        | ``85cc3048-abc3-43cc-89b3-377341426ac5``   |
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+| ``remoteIpPrefix``    | The remote IP prefix to be associated with this security group rule. You can specify either ``remoteGroupId`` or ``remoteGroupPrefix``.                                                                                                                           | String                                | Optional    | ``null``        | ``192.168.5.0``                            |
++-----------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+---------------------------------------+-------------+-----------------+--------------------------------------------+
+
+You can create a security group rule as shown in the following example:
+
+.. code:: php
+
+  /** @var $securityGroupRule OpenCloud\Networking\Resource\SecurityGroupRule **/
+  $securityGroupRule = $networkingService->createSecurityGroupRule(array(
+      'securityGroupId' => '2076db17-a522-4506-91de-c6dd8e837028',
+      'direction'       => 'egress',
+      'ethertype'       => 'IPv4',
+      'portRangeMin'    => 80,
+      'portRangeMax'    => 80,
+      'protocol'        => 'tcp',
+      'remoteGroupId'   => '85cc3048-abc3-43cc-89b3-377341426ac5'
+  ));
+
+`Get the executable PHP script for this example <https://raw.githubusercontent.com/rackspace/php-opencloud/working/samples/Networking/create-security-group-rule.php>`_
+
+
+List security group rules
+-------------------------
+
+You can list all the security group rules to which you have access as
+shown in the following example:
+
+.. code:: php
+
+  $securityGroupRules = $networkingService->listSecurityGroupRules();
+  foreach ($securityGroupRules as $securityGroupRule) {
+      /** @var $securityGroupRule OpenCloud\Networking\Resource\SecurityGroupRule **/
+  }
+
+`Get the executable PHP script for this example <https://raw.githubusercontent.com/rackspace/php-opencloud/working/samples/Networking/list-security-group-rules.php>`_
diff --git a/doc/services/networking/security-groups.rst b/doc/services/networking/security-groups.rst
@@ -0,0 +1,67 @@
+Security Groups
+===============
+
+Create a security group
+~~~~~~~~~~~~~~~~~~~~~~~
+
+This operation takes one parameter, an associative array, with the
+following keys:
+
++-------------------+--------------------------------------------------------------------------------+-------------+-------------+-----------------+-------------------------------------+
+| Name              | Description                                                                    | Data type   | Required?   | Default value   | Example value                       |
++===================+================================================================================+=============+=============+=================+=====================================+
+| ``name``          | A human-readable name for the security group. This name might not be unique.   | String      | Yes         | -               | ``new-webservers``                  |
++-------------------+--------------------------------------------------------------------------------+-------------+-------------+-----------------+-------------------------------------+
+| ``description``   | Description of the security group.                                             | String      | No          | ``null``        | ``security group for webservers``   |
++-------------------+--------------------------------------------------------------------------------+-------------+-------------+-----------------+-------------------------------------+
+
+You can create a security group as shown in the following example:
+
+.. code-block:: php
+
+  /** @var $securityGroup OpenCloud\Networking\Resource\SecurityGroup **/
+  $securityGroup = $networkingService->createSecurityGroup(array(
+      'name' => 'new-webservers',
+      'description' => 'security group for webservers'
+  ));
+
+`Get the executable PHP script for this example <https://raw.githubusercontent.com/rackspace/php-opencloud/working/samples/Networking/create-security-group.php>`_
+
+List security groups
+~~~~~~~~~~~~~~~~~~~~
+
+You can list all the security groups to which you have access as shown
+in the following example:
+
+.. code-block:: php
+
+  $securityGroups = $networkingService->listSecurityGroups();
+  foreach ($securityGroups as $securityGroup) {
+      /** @var $securityGroup OpenCloud\Networking\Resource\SecurityGroup **/
+  }
+
+`Get the executable PHP script for this example </samples/Networking/list-security-groups.php>`_
+
+Get a security group
+~~~~~~~~~~~~~~~~~~~~
+
+You can retrieve a specific security group by using that security
+group’s ID, as shown in the following example:
+
+.. code-block:: php
+
+  /** @var $securityGroup OpenCloud\Networking\Resource\SecurityGroup **/
+  $securityGroup = $networkingService->getSecurityGroup('{secGroupId}');
+
+`Get the executable PHP script for this example </samples/Networking/get-security-group.php>`_
+
+Delete a security group
+~~~~~~~~~~~~~~~~~~~~~~~
+
+You can delete a security group as shown in the following example:
+
+.. code-block:: php
+
+  $securityGroup->delete();
+
+`Get the executable PHP script for this example </samples/Networking/delete-security-group.php>`_
