Security Groups

See here for background on Security Groups.

See here for the Security Group API reference

Creating a security group

Create a security group by applying a YAML configuration:

$ cat securitygroup.yaml
apiVersion: networking.evroclabs.net/v1alpha1
kind: SecurityGroup
metadata:
  name: my-sg
spec:
  rules:
  - direction: Egress
    name: allowEgress
    remote:
      address:
        IPAddressOrCIDR: 0.0.0.0/0
      securityGroupRef: {}
      subnetRef: {}
  - direction: Ingress
    name: allowSSH
    port: 22
    protocol: TCP
    remote:
      address:
        IPAddressOrCIDR: 0.0.0.0/0
      securityGroupRef: {}
      subnetRef: {}
  - direction: Ingress
    name: HTTPS
    port: 443
    protocol: TCP
    remote:
      address:
        IPAddressOrCIDR: 0.0.0.0/0
      securityGroupRef: {}
      subnetRef: {}

$ kubectl apply -f securitygroup.yaml
secuirtygroup.netowrking.evroclabs.net/my-sg created

Adding a virtual machine to a security group

To create a new VM in a security group, or to add an existing VM to a security group, refer to the VM docs.

Get Detailed Security Group Information

To see the security group information, run::

$  kubectl describe securitygroup my-sg
apiVersion: networking.evroclabs.net/v1alpha1
kind: SecurityGroup
metadata:
  name: my-sg
...
status:
  conditions:
  - lastTransitionTime: "2025-05-20T07:13:04Z"
    message: ""
    reason: Ready
    status: "True"
    type: Ready