Create Security Group
Last Updated:2021-12-16
This API is used to create the security group and the security group rule.
- The rule in the same security group takes the remark, protocol, direction, portRange, sourceIp|destIp, and sourceGroupId|destGroupId as the uniqueness index and records and reports the 409 error repeatedly.
- The value of the protocol (tcp|udp|icmp) is empty by default, representing all.
Request Structure
POST /v{version}/securityGroup?clientToken={clientToken} HTTP/1.1
Host: bcc.bj.baidubce.com
Authorization: authorization stringRequest Header Field
No other special header fields are available except for the public header fields.
Request Parameters
| Parameter Name | Type | Required? | Parameter Position | Description | |
|---|---|---|---|---|---|
| version | String | Yes | URL parameter | API version number | |
| clientToken | String | Yes | Query parameter | Idempotent Token, which is an ASCII string with the length no more than 64 bits. For details, see Idempotency of ClientToken. | |
| name | String | Yes | RequestBody parameter | Name of security group created, which supports uppercase and lowercase letters, numbers, Chinese, and special characters like -, , _, /, and ., has a length of 1-65 characters, and must begin with a letter | |
| vpcId | String | Yes | RequestBody parameter | “vpcId” of the security group. | |
| desc | String | No | RequestBody parameter | Description of security group created | |
| rules | List<SecurityGroupRuleModel> | No | RequestBody parameter | List of the security group rule bound during creation of security group | |
| tags | List<[Tag](BCC/Tag Service API Reference/Appendix 1.md#Tag)> | No | RequestBody parameter | List of tags bound during the creation of the security group. |
Return Header Field
No other special header fields are available except for the public header field.
Return Parameters
| Parameter Name | Type | Description |
|---|---|---|
| securityGroupId | String | Security group ID created |
Error Codes
| Error Code | Error Description | HTTP Status Code | Explanation |
|---|---|---|---|
| SecurityGroup.RuleRemarkTooLong | Security group | description is too long. | 400 |
| BadRequest | protocol is invalid. | 400 | The protocol type is incorrect. |
| SecurityGroup.RulePortOrderInvalid | The order of security group rule port is incorrect. | 400 | The order of the security group rule port is incorrect. |
| SecurityGroup.RulePortRangeInvalid | The value of the security group rule port is exceeded. | 400 | The value of the security group rule port exceeds the limit. |
| SecurityGroup.RulePortInvalid | The value of the security group rule port must be number. | 400 | The security group rule port is not a number. |
| SecurityGroup.RuleCIDRAddressError | The security group rule ip(cidr) address is incorrect. | 400 | The security group rule source (destination) address is incorrect. |
| SecurityGroup.RuleDirectionError | The security group rule direction is incorrect. | 400 | The security group rule direction is incorrect. |
| SecurityGroup.RuleNumberExceededLimit | Security groups that contain rule number exceed the limit. | 413 | The number of rules in the security group exceeds the limit. |
| SecurityGroup.RuleDuplicated | Security group rule is duplicated. | 409 | The security group rule is duplicative. |
Request Example
POST /v2/securityGroup?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
Host: bcc.bj.baidubce.com
Authorization: bce-auth-v1/f81d3b34e48048fbb2634dc7882d7e21/2015-08-11T04:17:29Z/3600/host/74c506f68c65e26c633bfa104c863fffac5190fdec1ec24b7c03eb5d67d2e1de
{
"name": "test-security-group",
"desc": "create a security group for api doc",
"vpcId":"vpc-uxjret8rnv"
"rules": [
{
"remark": "Remark",
"protocol": "tcp",
"portRange": "1-65535",
"direction": "ingress",
"sourceIp": "",
"sourceGroupId": ""
},
{
"remark": “ Entire Protocol",
"protocol": "",
"portRange": "",
"direction": "egress",
"destIp": "",
"destGroupId": ""
}
]
}Return Example
HTTP/1.1 200 OK
x-bce-request-id: 1214cca7-4ad5-451d-9215-71cb844c0a50
Date: Wed, 03 Dec 2014 06:42:19 GMT
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"securityGroupId": "g-nky7qeom"
}