百度智能云
All Product Document

          Cloud Compute Service

          • Cloud Compute Service
          • >
          • Java-SDK
          • >
          • Security Group

          Security Group

          Last Updated2020-10-21

          Query the Security Group List

          You can query the security group list by using the following codes:

          public static void listSecurityGroup(BccClient bccClient) {
    ListSecurityGroupsRequest listSecurityGroupsRequest = new ListSecurityGroupsRequest();
    // Set a paging flag
    listSecurityGroupsRequest.setMarker(securityGroupId);
    // Set the pagination return data size
    listSecurityGroupsRequest.setMaxKeys(maxKey);
    // Set filtered instance Bcc instance id
    listSecurityGroupsRequest.setInstanceId(instanceId);
    // Design filtered vpcId
    listSecurityGroupsRequest.setVpcId(vpcId);
    // Carry out a Get Security Group List Operation
    ListSecurityGroupsResponse listSecurityGroupsResponse = bccClient.listSecurityGroups(listSecurityGroupsRequest);

    for (SecurityGroupModel securityGroupModel : listSecurityGroupsResponse.getSecurityGroups()) {
        System.out.println(securityGroupModel.getName());
    }
}

          Create a Security Group

          You can create a security group by using the following codes:

          public static void createSecurityGroup(BccClient bccClient) {
    CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest();
    // Set the security group name
    createSecurityGroupRequest.setName(newName);
    // Set security group description
    createSecurityGroupRequest.setDesc(newDescription);
    List<SecurityGroupRuleModel> rules = new ArrayList<SecurityGroupRuleModel>();
    rules.add(new SecurityGroupRuleModel()
            // Set remarks
            .withRemark(securityGroupRemark)
            // Set protocol type
            .withProtocol(securityGroupProtocol)
            // Set the port range. The default time is 1-65535. You can specify a single port such as 80.
            .withPortRange(securityGroupPortRange)
            // Set inbound / outbound to get ingress or egress, the parameter is required.
            .withDirection(securityGroupDirection)
            // Set the source IP address. You cannot set the value at the same time as the sourceGroupId.
            .withSourceIp(securityGroupSourceIp)
            // Set a source security group ID
            .withSourceGroupId(securityGroupSourceGroupId));

    rules.add(new SecurityGroupRuleModel()
            // Set remarks
            .withRemark(securityGroupRemark)
            // Set protocol type
            .withProtocol(securityGroupProtocol)
            // Set the port range. The default time is 1-65535. You can specify a single port such as 80.
            .withPortRange(securityGroupPortRange)
            // Set inbound / outbound to get ingress or egress, the parameter is required.
            .withDirection(securityGroupDirection)
            // Setup Destination IP. The value can not be set together with destGroupId at the same time.
            .withDestIp(securityGroupDestIp)
            // Setup a destination security group ID
            .withDestGroupId(securityGroupDestGroupId));
    // Set Security Group Rules
    createSecurityGroupRequest.setRules(rules);
    // Create a Security Group
    System.out.println(bccClient.createSecurityGroup(createSecurityGroupRequest).getSecurityGroupId());
}

          The rules in the same security group take the remark, protocol, direction, portRange, sourceIp|destIp and sourceGroupId|destGroupId as the unique indexes. In the case of any repeated records, a 409 error occurs. The value of protocol (tcp | udp | icmp). The default value is empty, which means "all". Specific Create Security Group Rule Interface Description BCC API Document Create Security Group).

          Delete a Security Group

          You can delete the specified security group by using the following codes:

          public static void deleteSecurityGroup(BccClient bccClient) {
    // Delete the security group id with security group of securityGroupId
    bccClient.deleteSecurityGroup(securityGroupId);
}

          Authorize Security Group Rules

          You can add the authorization of security group rules in the specified security group by using the following codes:

          public static void authorizeSecurityGroupRule(BccClient bccClient) {
    SecurityGroupRuleOperateRequest securityGroupRuleOperateRequest = new SecurityGroupRuleOperateRequest();

    securityGroupRuleOperateRequest.setSecurityGroupId(securityGroupId);
    SecurityGroupRuleModel securityGroupRuleModel = new SecurityGroupRuleModel()
            // Set remarks
            .withRemark(securityGroupRemark)
            // Set protocol type
            .withProtocol(securityGroupProtocol)
            // Set the port range. The default time is 1-65535. You can specify a single port such as 80.
            .withPortRange(securityGroupPortRange)
            // Set inbound / outbound to get ingress or egress, the parameter is required.
            .withDirection(securityGroupDirection)
            // Set the source IP address. You cannot set the value at the same time as the sourceGroupId.
            .withSourceIp(securityGroupSourceIp)
            // Set a source security group ID
            .withSourceGroupId(securityGroupSourceGroupId);

    // Set Security Group Rules
    securityGroupRuleOperateRequest.setRule(securityGroupRuleModel);
    // carry out authorization security group rules
    bccClient.authorizeSecurityGroupRule(securityGroupRuleOperateRequest);
}
          • The rules in the same security group take the the remark, protocol, direction, portRange, sourceIp|destIp and sourceGroupId|destGroupId as the unique indexes. If the same rule exists in the security group, a 409 error occurs.
          • For the specific interface description, see BCC API Documentation Authorize Security Group Rules.

          Cancel Security Group Rules

          You can cancel the authorization of specified security group rules in the specified security group by using the following codes:

          public static void revokeSecurityGroupRule(BccClient bccClient) {
    SecurityGroupRuleOperateRequest securityGroupRuleOperateRequest = new SecurityGroupRuleOperateRequest();
    // Set Security Group Rules id
    securityGroupRuleOperateRequest.setSecurityGroupId(securityGroupId);

    SecurityGroupRuleModel securityGroupRuleModel = new SecurityGroupRuleModel()
            // Set remarks
            .withRemark(securityGroupRemark)
            // Set protocol type
            .withProtocol(securityGroupProtocol)
            // Set the port range. The default time is 1-65535. You can specify a single port such as 80.
            .withPortRange(securityGroupPortRange)
            // Set inbound / outbound to get ingress or egress, the parameter is required.
            .withDirection(securityGroupDirection)
            // Set the source IP address. You cannot set the value at the same time as the sourceGroupId.
            .withSourceIp(securityGroupSourceIp)
            // Set a source security group ID
            .withSourceGroupId(securityGroupSourceGroupId);
    // Carry out revoking security group rules
    bccClient.revokeSecurityGroupRule(securityGroupRuleOperateRequest);
}
          • The rules in the same security group take the the remark, protocol, direction, portRange, sourceIp|destIp and sourceGroupId|destGroupId as the unique indexes.If no corresponding rule exists in the security group, a 404 error occurs.
          • For the specific interface description, see BCC API Documentation Cancel Security Group Rules.
          Previous
          Automatic Snapshot Policy
          Next
          Key Pair