--- layout: "cloudstack" page_title: "CloudStack: cloudstack_security_group" sidebar_current: "docs-cloudstack-resource-security_group" description: |- Creates security group. --- # cloudstack\_security\_group Creates security group. ## Example Usage ``` resource "cloudstack_security_group" "default" { name = "allow_web" description = "Allow access to HTTP and HTTPS" rules = [ { cidr_list = "0.0.0.0/0" protocol = "tcp" ports = "80" traffic_type = "ingress" }, { cidr_list = "0.0.0.0/0" protocol = "tcp" ports = "443" traffic_type = "ingress" }, ] } ``` ## Argument Reference The following arguments are supported: * `name` - (Required) The Name of the Security Group to create. Changing this forces a new resource to be created. * `description` - (Optional) The description of the Security Group to create. Changing this forces a new resource to be created. * `rules` - (Optional) List of rule blocks, supported fields documented below. The `rule` block supports: * `cidr_list` - (Optional) A CIDR list to allow access to the given ports. * `security_group` - (Optional) A Security Group to apply the rules to. * `protocol` - (Required) The name of the protocol to allow. Valid options are: `tcp`, `udp` and `icmp`. * `ports` - (Optional) List of ports and/or port ranges to allow. This can only be specified if the protocol is TCP or UDP. * `traffic_type` - (Optional) Weither Ingress or Egress. (Default: Ingress). ## Attributes Reference The following attributes are exported: * `name` - The name of the Security Group.