# ConfigureSecurityGroupRules

## 1. API Description

This API (ConfigureSecurityGroupRules) is used to configure the rules of a security group.

{% hint style="info" %} <mark style="color:blue;">**Note**</mark>

* <mark style="color:blue;">Rules of the default security group cannot be modified.</mark>
* <mark style="color:blue;">Rules in the same direction cannot be duplicated.</mark>
* <mark style="color:blue;">A security group has a limited number of rules. If you need more, please contact us.</mark>
* <mark style="color:blue;">This API is used to configure full rules for the security group.</mark>
  {% endhint %}

## 2. Input Parameters

The following request parameter list only provides API request parameters.

| Parameter Name  | Required | Type                                                                                                | Description                                                       |
| --------------- | -------- | --------------------------------------------------------------------------------------------------- | ----------------------------------------------------------------- |
| securityGroupId | Yes      | String                                                                                              | Security group ID.                                                |
| ruleInfos       | No       | Array of [SecurityGroupRuleInfo](/api-reference/compute/zec/datastructure.md#securitygroupruleinfo) | <p>Security group rules.</p><p>Configured for full overwrite.</p> |

## 3. Output Parameters

| Parameter Name | Type   | Description                                                                                                           |
| -------------- | ------ | --------------------------------------------------------------------------------------------------------------------- |
| requestId      | String | <p>The unique request ID, which is returned for each request.</p><p>RequestId is required for locating a problem.</p> |

## 4. Code Example

{% tabs %}
{% tab title="Example" %}
**Configure rules for the security group.**

```json
POST /api/v2/zec HTTP/1.1
Host: console.zenlayer.com
Content-Type: application/json
X-ZC-Action: ConfigureSecurityGroupRules
<Common Request Params>

Request:
{
  "securityGroupId": "your-security-group-id",
  "ruleInfos": [
    {
      "direction": "ingress",
      "policy": "accept",
      "priority": 1,
      "ipProtocol": "tcp",
      "portRange": "22",
      "cidrIp": "0.0.0.0/0",
      "desc": "aaa"
    },
    {
      "direction": "egress",
      "policy": "accept",
      "priority": 1,
      "ipProtocol": "tcp",
      "portRange": "22",
      "cidrIp": "0.0.0.0/0",
      "desc": "xxx"
    }
  ]
}

Response:
{
  "requestId": "T58CAD52F-458A-4AFF-8FB5-1EACD453C219",
  "response": {
    "requestId": "T58CAD52F-458A-4AFF-8FB5-1EACD453C219"
  }
}
```

{% endtab %}
{% endtabs %}

## 5. Developer Resources

Zenlayer Cloud API 2.0 integrates [SDKs](/api-reference/api-introduction/toolkit/api-sdk.md)，to make it easier for you to call APIs. More programming languages will be supported.

## 6. Error Codes

The following only lists the error codes related to the API business logic. For other error codes, see [Common Error Codes](/api-reference/api-introduction/instruction/commonerrorcode.md).

| HTTP Status Code | Error Code                                              | Description                                         |
| ---------------- | ------------------------------------------------------- | --------------------------------------------------- |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_CIDR\_IP           | Invalid source IP address range.                    |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_DESC               | The rule description contains invalid characters.   |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_DIRECTION          | Inbound or outbound rules error.                    |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_IP\_PROTOCOL       | Invalid IP protocol.                                |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_PORT\_RANGE        | Invalid security group rule PortRange parameter.    |
| 400              | INVALID\_PARAMETER\_SECURITY\_GROUP\_PRIORITY           | Invalid security group rule Priority parameter.     |
| 404              | INVALID\_SECURITY\_GROUP\_NOT\_FOUND                    | The specified security group does not exist.        |
| 400              | OPERATION\_DENIED\_SECURITY\_GROUP\_RULE\_EXCEED\_LIMIT | Quantity of security group rules exceeds the limit. |


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.console.zenlayer.com/api-reference/compute/zec/security-group/configuresecuritygrouprules.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.