How to determine what Neutron security groups are assigned to what Keystone tenant/project

less than 1 minute read

Today I was trying to use the Neutron Python CLI client to determine what Neutron security groups a specific tenant was using. I'm not sure if this is a Havana bug but regardless of method I continuously received all of the security groups for all of the tenants. I ended up resorting to a MySQL query using the Keystone and Neutron databases. Oh well, when I get a sec I'll search the Havana buglist for an answer as to why.

mysql> select keystone.project.name,neutron.securitygroups.name,neutron.securitygroups.id from keystone.project JOIN neutron.securitygroups where keystone.project.id=neutron.securitygroups.tenant_id;
+-------------+---------+--------------------------------------+
| name | name | id |
+-------------+---------+--------------------------------------+
| service | default | 0beeb42f-f96c-4ce9-beb2-cc8884121ac0 |
| QA | default | 5525973b-2453-4d5b-9dac-b24e302f10db |
| admin | default | 59f4a7f6-84d7-4059-a418-2fdd373b22ef |
| Engineering | default | ca1d104e-cf38-4a78-bbf8-656aea774e0c |
| Engineering | test | d1f42d05-a8a2-4812-bd06-bf145567891f |
+-------------+---------+--------------------------------------+
5 rows in set (0.00 sec)

If anyone knows a better way please post it in the Comments section.

Updated: