@Hang Yang - thx for working on this. I don't think that adding "shared" field will help here because we are here talking about SGs which are shared only with some specific tenant using RBAC mechanism. Such SGs aren't shared with all tenants, like is in case of the networks with "shared=True".
IMO we should add some flag in the API (it can be for both networks and security groups, and also maybe for other resources later) to tell neutron that it should include shared resources in the returned list too. So Nova or Horizon would be able to do just one call "get_security_groups(tenant_id=XXX, include_shared=True)" to get all SGs to which project has access in some way.
Does it makes sense?
@Hang Yang - thx for working on this. I don't think that adding "shared" field will help here because we are here talking about SGs which are shared only with some specific tenant using RBAC mechanism. Such SGs aren't shared with all tenants, like is in case of the networks with "shared=True". groups( tenant_ id=XXX, include_ shared= True)" to get all SGs to which project has access in some way.
IMO we should add some flag in the API (it can be for both networks and security groups, and also maybe for other resources later) to tell neutron that it should include shared resources in the returned list too. So Nova or Horizon would be able to do just one call "get_security_
Does it makes sense?