# AuthorizeSecurityGroupRules

## 1. API Description

This API (AuthorizeSecurityGroupRules) is used to add security group rules.

{% hint style="info" %} <mark style="color:blue;">**Note**</mark>

* <mark style="color:blue;">Status of security group should be</mark> <mark style="color:blue;">`Available`</mark><mark style="color:blue;">.</mark>
* <mark style="color:blue;">Rules cannot be duplicated in one rule direction.</mark>
* <mark style="color:blue;">The upper limit of quantity of security group rules is 40, including 20 inbound rules and 20 outbound rules.</mark>
* <mark style="color:blue;">Editing is not supported for default security group.</mark>
  {% endhint %}

## 2. Input Parameters

The following request parameter list only provides API request parameters.

| Parameter Name  | Required | Type                                                                     | Description           |
| --------------- | -------- | ------------------------------------------------------------------------ | --------------------- |
| securityGroupId | Yes      | String                                                                   | Security group ID.    |
| ruleInfos       | Yes      | Array of [RuleInfo](/api-reference/compute/vm/datastructure.md#ruleinfo) | Security group rules. |

## 3. Output Parameters

| Parameter Name | Type   | Description                                                                                                           |
| -------------- | ------ | --------------------------------------------------------------------------------------------------------------------- |
| requestId      | String | <p>The unique request ID, which is returned for each request.</p><p>RequestId is required for locating a problem.</p> |

## 4. Code Example

{% tabs %}
{% tab title="Example" %}
**Add security group rules.**

```json
POST /api/v2/vm HTTP/1.1
Host: console.zenlayer.com
Content-Type: application/json
X-ZC-Action: AuthorizeSecurityGroupRules
<Common Request Params>

Request:
{
  "securityGroupId": "your-security-group-id",
  "ruleInfos": [
    {
      "direction": "ingress",
      "policy": "accept",
      "priority": 3,
      "ipProtocol": "tcp",
      "portRange": "22/22",
      "cidrIp": "0.0.0.0/0"
    }
  ]
}

Response:
{
  "requestId": "T193B3359-B718-4BA4-A633-5865A2C63ABA",
  "response": {
    "requestId": "T193B3359-B718-4BA4-A633-5865A2C63ABA"
  }
}
```

{% endtab %}
{% endtabs %}

## 5. Developer Resources

Zenlayer Cloud API 2.0 integrates [SDKs](/api-reference/api-introduction/toolkit/api-sdk.md)，to make it easier for you to call APIs. More programming languages will be supported.

## 6. Error Codes

The following only lists the error codes related to the API business logic. For other error codes, see [Common Error Codes](/api-reference/api-introduction/instruction/commonerrorcode.md).

| HTTP Status Code | Error Code                                                 | Description                                                  |
| ---------------- | ---------------------------------------------------------- | ------------------------------------------------------------ |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_RULE\_ID\_NOT\_ALLOW  | Security group rule ID is not allowed to be passed in.       |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_POLICY                | Invalid value of `policy`.                                   |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_PORT\_RANGE           | Invalid value of `portRange`.                                |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_PRIORITY              | Invalid value of `priority`.                                 |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_SOURCE\_CIDR\_IP      | Invalid value of source `cidrIp`.                            |
| 403              | OPERATION\_DENIED\_SECURITY\_GROUP\_EXIST\_REPEAT\_RULE    | Duplicated security group rules.                             |
| 404              | INVALID\_SECURITY\_GROUP\_NOT\_FOUND                       | Security group does not exist.                               |
| 403              | OPERATION\_DENIED\_SECURITY\_GROUP\_STATUS\_NOT\_AVAILABLE | Status of security group should be `Available`.              |
| 403              | OPERATION\_DENIED\_SECURITY\_GROUP\_RULE\_EXCEED\_LIMIT    | Rule quantity exceeds limit.                                 |
| 403              | OPERATION\_DENIED\_DEFAULT\_SECURITY\_GROUP\_NOT\_SUPPORT  | Operations on the default security groups are not supported. |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.console.zenlayer.com/api-reference/compute/vm/security-group/authorizesecuritygrouprules.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.