CLISecurity Groups
hudl sg rule add <sg-id>
Add a single ingress or egress rule to a security group.
Add a single ingress or egress rule to a security group. Each rule specifies a protocol, port range, and source CIDR to allow traffic from.
Usage
hudl sg rule add <sg-id> [flags]Flags
| Flag | Description |
|---|---|
--from-port <int> | Start of the port range (e.g. 80). |
--to-port <int> | End of the port range (e.g. 80). Use the same value as --from-port for a single port. |
--protocol <proto> | IP protocol: tcp, udp, or icmp. |
--cidr <cidr> | Source CIDR to allow traffic from (e.g. 0.0.0.0/0 for anywhere). |
Common flags
| Flag | Description |
|---|---|
--region <code> | Override the active region for this call only. |
--workspace <slug> | Override the active workspace for this call only. |
-o, --output | Output format: table (default), json, yaml, wide, name. |
--idempotency-key <key> | Attach an idempotency key so retries are safe. |
Examples
Allow inbound SSH from anywhere:
hudl sg rule add 4f2a8c1b-7d3e-4a9f-b5c6-2d1e3f4a5b6c \
--protocol tcp \
--from-port 22 \
--to-port 22 \
--cidr 0.0.0.0/0Allow HTTP and HTTPS (port range):
hudl sg rule add 4f2a8c1b-7d3e-4a9f-b5c6-2d1e3f4a5b6c \
--protocol tcp \
--from-port 80 \
--to-port 80 \
--cidr 0.0.0.0/0
hudl sg rule add 4f2a8c1b-7d3e-4a9f-b5c6-2d1e3f4a5b6c \
--protocol tcp \
--from-port 443 \
--to-port 443 \
--cidr 0.0.0.0/0Allow PostgreSQL access from a private subnet only:
hudl sg rule add 4f2a8c1b-7d3e-4a9f-b5c6-2d1e3f4a5b6c \
--protocol tcp \
--from-port 5432 \
--to-port 5432 \
--cidr 10.0.1.0/24Allow ICMP (ping) from anywhere:
hudl sg rule add 4f2a8c1b-7d3e-4a9f-b5c6-2d1e3f4a5b6c \
--protocol icmp \
--cidr 0.0.0.0/0API reference
This command calls POST /security-groups/{id}/rules under the hood. See the full request and response schema in the API reference.