Authorize the Security Group Rules
Last Updated:2020-07-20
- This API is used to authorize the new security group rules in the security group.
- The rules in the same security group take the remark, protocol, direction, portRange, sourceIp | destIp and sourceGroupId | destGroupId as the unique indexes. If the same rule exists in the security group, a 409 error occurs.
Request Structure
PUT /v{version}/securityGroup/{securityGroupId}?{action}&clientToken={clientToken} HTTP/1.1
Host: bcc.bj.baidubce.com
Authorization: authorization string
{
"rule":
{
"remark": "Remark",
"protocol": protocol,
"portRange": portRange,
"direction": direction,
"sourceIp": sourceIp,
"sourceGroupId": sourceGroupId
}
}Request Header Field
There are no other special header fields except the public header field.
Request Parameters
| Parameter Name | Type | Required? | Parameter Position | Description |
|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number |
| action | String | Yes | Query Parameters | Operation on security group, whose current value is authorizeRule. |
| clientToken | String | Yes | Query Parameters | Idempotent Token, which is an ASCII string with the length no more than 64 bits. See Idempotency of ClientToken for details. |
| securityGroupId | String | Yes | URL parameter | Security group ID to authorize new security group rules |
| rule | SecurityGroupRuleModel | Yes | RequestBody parameter | Security group rule to authorize |
Return Header Field
There are no other special header fields except the common header field.
Return Parameter
No specific parameters are returned.
Error Code
| Error Code | Error Description | HTTP Status Code | Explanations |
|---|---|---|---|
| BadRequest | protocol is invalid. | 400 | The protocol type is incorrect. |
| SecurityGroup.RulePortOrderInvalid | The order of security group rule port is incorrect. | 400 | The order of security group rule port is incorrect. |
| SecurityGroup.RulePortRangeInvalid | The value of security group rule port is exceeded. | 400 | The value of security group rule port exceeds the limit. |
| SecurityGroup.RulePortInvalid | The value of security group rule port must be number. | 400 | The security group rule port is not number. |
| SecurityGroup.RuleCIDRAddressError | Security group rule ip(cidr) address is incorrect. | 400 | The security group rule source (destination) address is incorrect. |
| SecurityGroup.RuleDirectionError | Security group rule direction is incorrect. | 400 | The security group rule direction is incorrect. |
| NoSuchObject | The specified object is not found or resource do not exist. | 404 | The object security group does not exist. |
| SecurityGroup.RuleNumberExceededLimit | Security groups that contain rule number exceed limit. | 413 | The number of rules in security group exceeds the limit. |
| SecurityGroup.RuleDuplicated | Security group rule is duplicated. | 409 | The security group rule is duplicated. |
Request Instance
PUT /v2/securityGroup/g-nky7qeom?authorizeRule&clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
Host: bcc.bj.baidubce.com
Authorization: bce-auth-v1/f81d3b34e48048fbb2634dc7882d7e21/2015-08-11T04:17:29Z/3600/host/74c506f68c65e26c633bfa104c863fffac5190fdec1ec24b7c03eb5d67d2e1de
{
"rule":
{
"remark": "Remark",
"protocol": "tcp",
"portRange": "1-65535",
"direction": "ingress",
"sourceIp": "",
"sourceGroupId": ""
}
}Return Instance
HTTP/1.1 200 OK
x-bce-request-id: 1214cca7-4ad5-451d-9215-71cb844c0a50
Date: Wed, 03 Dec 2014 06:42:19 GMT
Content-Type: application/json;charset=UTF-8
Server: BWS