# ConfigureSecurityGroupRules
## 1. API Description
This API (ConfigureSecurityGroupRules) is used to configure the rules of a security group.
{% hint style="info" %} **Note**
* Rules of the default security group cannot be modified.
* Rules in the same direction cannot be duplicated.
* A security group has a limited number of rules. If you need more, please contact us.
* This API is used to configure full rules for the security group.
{% endhint %}
## 2. Input Parameters
The following request parameter list only provides API request parameters.
| Parameter Name | Required | Type | Description |
| --------------- | -------- | ----------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- |
| securityGroupId | Yes | String | Security group ID. |
| ruleInfos | No | Array of [SecurityGroupRuleInfo](https://docs.console.zenlayer.com/api-reference/compute/datastructure#securitygroupruleinfo) | Security group rules.
Configured for full overwrite.
|
## 3. Output Parameters
| Parameter Name | Type | Description |
| -------------- | ------ | --------------------------------------------------------------------------------------------------------------------- |
| requestId | String | The unique request ID, which is returned for each request.
RequestId is required for locating a problem.
|
## 4. Code Example
{% tabs %}
{% tab title="Example" %}
**Configure rules for the security group.**
```json
POST /api/v2/zec HTTP/1.1
Host: console.zenlayer.com
Content-Type: application/json
X-ZC-Action: ConfigureSecurityGroupRules
Request:
{
"securityGroupId": "your-security-group-id",
"ruleInfos": [
{
"direction": "ingress",
"policy": "accept",
"priority": 1,
"ipProtocol": "tcp",
"portRange": "22",
"cidrIp": "0.0.0.0/0",
"desc": "aaa"
},
{
"direction": "egress",
"policy": "accept",
"priority": 1,
"ipProtocol": "tcp",
"portRange": "22",
"cidrIp": "0.0.0.0/0",
"desc": "xxx"
}
]
}
Response:
{
"requestId": "T58CAD52F-458A-4AFF-8FB5-1EACD453C219",
"response": {
"requestId": "T58CAD52F-458A-4AFF-8FB5-1EACD453C219"
}
}
```
{% endtab %}
{% endtabs %}
## 5. Developer Resources
Zenlayer Cloud API 2.0 integrates [SDKs](https://docs.console.zenlayer.com/api-reference/api-introduction/toolkit/api-sdk),to make it easier for you to call APIs. More programming languages will be supported.
## 6. Error Codes
The following only lists the error codes related to the API business logic. For other error codes, see [Common Error Codes](https://docs.console.zenlayer.com/api-reference/api-introduction/instruction/commonerrorcode).
| HTTP Status Code | Error Code | Description |
| ---------------- | ------------------------------------------------------- | --------------------------------------------------- |
| 400 | INVALID\_PARAMETER\_SECURITY\_GROUP\_CIDR\_IP | Invalid source IP address range. |
| 400 | INVALID\_PARAMETER\_SECURITY\_GROUP\_DESC | The rule description contains invalid characters. |
| 400 | INVALID\_PARAMETER\_SECURITY\_GROUP\_DIRECTION | Inbound or outbound rules error. |
| 400 | INVALID\_PARAMETER\_SECURITY\_GROUP\_IP\_PROTOCOL | Invalid IP protocol. |
| 400 | INVALID\_PARAMETER\_SECURITY\_GROUP\_PORT\_RANGE | Invalid security group rule PortRange parameter. |
| 400 | INVALID\_PARAMETER\_SECURITY\_GROUP\_PRIORITY | Invalid security group rule Priority parameter. |
| 404 | INVALID\_SECURITY\_GROUP\_NOT\_FOUND | The specified security group does not exist. |
| 400 | OPERATION\_DENIED\_SECURITY\_GROUP\_RULE\_EXCEED\_LIMIT | Quantity of security group rules exceeds the limit. |