On Jul 12, 2016, at 5:33 PM, Darek Śmigiel wrote: > I believe you’re thinking about adding 22/tcp (and maybe icmp) to default > security group.
No, because I've changed that to allow _everything_ (useful for testing and debugging). > If you don’t specify security group at launch, you will get default security > group Yeah, but if I specifically specify the "ssh" SG, then it will _only_ accept that. NOT "80 tcp 169.254.169.254/32"! Unless I add that rule to the "ssh" SG. And all my other SGs. Which I don't want. I want a "hidden" SG, which is _always_ added, no matter what SGs I chose when creating the instance (or change SGs when the instance is up and running). I guess I could change my "default" SG to only allow that http connection, but that won't help unless I always remember to include that SG.. -- Michael Jackson is not going to buried or cremated but recycled into shopping bags so he can remain white, plastic and dangerous for kids to play with. _______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
