Security Group
Query the Security Group List
You can query the security group list by using the following codes:
public static void listSecurityGroup(BccClient bccClient) {
ListSecurityGroupsRequest listSecurityGroupsRequest = new ListSecurityGroupsRequest();
// Set a paging flag
listSecurityGroupsRequest.setMarker(securityGroupId);
// Set the pagination return data size
listSecurityGroupsRequest.setMaxKeys(maxKey);
// Set filtered instance Bcc instance id
listSecurityGroupsRequest.setInstanceId(instanceId);
// Design filtered vpcId
listSecurityGroupsRequest.setVpcId(vpcId);
// Carry out a Get Security Group List Operation
ListSecurityGroupsResponse listSecurityGroupsResponse = bccClient.listSecurityGroups(listSecurityGroupsRequest);
for (SecurityGroupModel securityGroupModel : listSecurityGroupsResponse.getSecurityGroups()) {
System.out.println(securityGroupModel.getName());
}
}
Create a Security Group
You can create a security group by using the following codes:
public static void createSecurityGroup(BccClient bccClient) {
CreateSecurityGroupRequest createSecurityGroupRequest = new CreateSecurityGroupRequest();
// Set the security group name
createSecurityGroupRequest.setName(newName);
// Set security group description
createSecurityGroupRequest.setDesc(newDescription);
List<SecurityGroupRuleModel> rules = new ArrayList<SecurityGroupRuleModel>();
rules.add(new SecurityGroupRuleModel()
// Set remarks
.withRemark(securityGroupRemark)
// Set protocol type
.withProtocol(securityGroupProtocol)
// Set the port range. The default time is 1-65535. You can specify a single port such as 80.
.withPortRange(securityGroupPortRange)
// Set inbound / outbound to get ingress or egress, the parameter is required.
.withDirection(securityGroupDirection)
// Set the source IP address. You cannot set the value at the same time as the sourceGroupId.
.withSourceIp(securityGroupSourceIp)
// Set a source security group ID
.withSourceGroupId(securityGroupSourceGroupId));
rules.add(new SecurityGroupRuleModel()
// Set remarks
.withRemark(securityGroupRemark)
// Set protocol type
.withProtocol(securityGroupProtocol)
// Set the port range. The default time is 1-65535. You can specify a single port such as 80.
.withPortRange(securityGroupPortRange)
// Set inbound / outbound to get ingress or egress, the parameter is required.
.withDirection(securityGroupDirection)
// Setup Destination IP. The value can not be set together with destGroupId at the same time.
.withDestIp(securityGroupDestIp)
// Setup a destination security group ID
.withDestGroupId(securityGroupDestGroupId));
// Set Security Group Rules
createSecurityGroupRequest.setRules(rules);
// Create a Security Group
System.out.println(bccClient.createSecurityGroup(createSecurityGroupRequest).getSecurityGroupId());
}
The rules in the same security group take the remark, protocol, direction, portRange, sourceIp|destIp and sourceGroupId|destGroupId as the unique indexes. In the case of any repeated records, a 409 error occurs. The value of protocol (tcp | udp | icmp). The default value is empty, which means "all". Specific Create Security Group Rule Interface Description BCC API Document Create Security Group).
Delete a Security Group
You can delete the specified security group by using the following codes:
public static void deleteSecurityGroup(BccClient bccClient) {
// Delete the security group id with security group of securityGroupId
bccClient.deleteSecurityGroup(securityGroupId);
}
Authorize Security Group Rules
You can add the authorization of security group rules in the specified security group by using the following codes:
public static void authorizeSecurityGroupRule(BccClient bccClient) {
SecurityGroupRuleOperateRequest securityGroupRuleOperateRequest = new SecurityGroupRuleOperateRequest();
securityGroupRuleOperateRequest.setSecurityGroupId(securityGroupId);
SecurityGroupRuleModel securityGroupRuleModel = new SecurityGroupRuleModel()
// Set remarks
.withRemark(securityGroupRemark)
// Set protocol type
.withProtocol(securityGroupProtocol)
// Set the port range. The default time is 1-65535. You can specify a single port such as 80.
.withPortRange(securityGroupPortRange)
// Set inbound / outbound to get ingress or egress, the parameter is required.
.withDirection(securityGroupDirection)
// Set the source IP address. You cannot set the value at the same time as the sourceGroupId.
.withSourceIp(securityGroupSourceIp)
// Set a source security group ID
.withSourceGroupId(securityGroupSourceGroupId);
// Set Security Group Rules
securityGroupRuleOperateRequest.setRule(securityGroupRuleModel);
// carry out authorization security group rules
bccClient.authorizeSecurityGroupRule(securityGroupRuleOperateRequest);
}
- The rules in the same security group take the the remark, protocol, direction, portRange, sourceIp|destIp and sourceGroupId|destGroupId as the unique indexes. If the same rule exists in the security group, a 409 error occurs.
- For the specific interface description, see BCC API Documentation Authorize Security Group Rules.
Cancel Security Group Rules
You can cancel the authorization of specified security group rules in the specified security group by using the following codes:
public static void revokeSecurityGroupRule(BccClient bccClient) {
SecurityGroupRuleOperateRequest securityGroupRuleOperateRequest = new SecurityGroupRuleOperateRequest();
// Set Security Group Rules id
securityGroupRuleOperateRequest.setSecurityGroupId(securityGroupId);
SecurityGroupRuleModel securityGroupRuleModel = new SecurityGroupRuleModel()
// Set remarks
.withRemark(securityGroupRemark)
// Set protocol type
.withProtocol(securityGroupProtocol)
// Set the port range. The default time is 1-65535. You can specify a single port such as 80.
.withPortRange(securityGroupPortRange)
// Set inbound / outbound to get ingress or egress, the parameter is required.
.withDirection(securityGroupDirection)
// Set the source IP address. You cannot set the value at the same time as the sourceGroupId.
.withSourceIp(securityGroupSourceIp)
// Set a source security group ID
.withSourceGroupId(securityGroupSourceGroupId);
// Carry out revoking security group rules
bccClient.revokeSecurityGroupRule(securityGroupRuleOperateRequest);
}
- The rules in the same security group take the the remark, protocol, direction, portRange, sourceIp|destIp and sourceGroupId|destGroupId as the unique indexes.If no corresponding rule exists in the security group, a 404 error occurs.
- For the specific interface description, see BCC API Documentation Cancel Security Group Rules.