public-cloud-roadmap icon indicating copy to clipboard operation
public-cloud-roadmap copied to clipboard
verified publisher icon ovh

Enable or explicitely throw an error for security groups in Baremetal Instances Network

Open joelwurtz opened this issue 1 year ago • 1 comments

As an OVHcloud customer using bare metal instance on public cloud I want to create security group on external network port or be informed it does not work when creating a security group on external network port

I was struggling understanding why my bare metal instances were not blocking ingress trafic and it happens it is not possible, i think at least there should be an error on openstack when trying to do this (or allow it).

Also without https://github.com/ovh/public-cloud-roadmap/issues/60 it is impossible to manage ingress rules in public network through api or terraform for public cloud bare metal instance, i end up using a gateway as a work around

joelwurtz avatar Jul 22 '24 10:07 joelwurtz

Thanks for your inputs.

It is a known limit today. To block private ingress traffic, we do not have a solution yet. To block (Public) ingress traffic, a workaround would be to use Edge network firewall.

We'll make it more explicit for the users and take that input into consideration for feature improvements.

DavidDelebecque avatar Jul 24 '24 15:07 DavidDelebecque