Doc CenterSign in to zenConsole

AuthorizeSecurityGroupRule

AuthorizeSecurityGroupRule

1. API Description

This API is used to add a security group rule.

Note

  • Status of security group should be Available.

  • Rules cannot be duplicated in one rule direction.

  • The upper limit of quantity of security group rules is 40, including 20 inbound rules and 20 outbound rules.

  • Editing is not supported for default security group.

2. Input Parameters

The following request parameter list only provides API request parameters. |

Parameter Name
Required
Type
Description

securityGroupId

Yes

String

Security group ID.

direction

Yes

String

Traffic directions.

ingress: inbound rules.

egress: outbound rules.

policy

No

String

Access strategy.

Available values:

accept: allows access by default.

Only accept strategy is supported for now.

priority

Yes

Integer

Priority of rules.

Available values:

[1,100].

Default value: 1.

ipProtocol

Yes

String

Transport protocol. The value is case sensitive.

Available value:

  • tcp: TCP protocol.

  • udp: UDP protocol.

  • icmp: ICMP protocol.

  • all: all protocols supported.

portRange

Yes

String

Destination port range.

Available values:

  • For TCP and UDP protocols: The value ranges from 1 to 65535. Use a slash (/) to separate the start port number and the end port number. Examples: 1/200; incorrect example: 200/1.

  • For ICMP protocol: -1/-1.

  • For all protocols: -1/-1.

cidrIp

Yes

String

Source IP address range.

Default value: 0.0.XX.XX/0.

3. Output Parameters

Parameter Name
Type
Description

requestId

String

The unique request ID, which is returned for each request. RequestId is required for locating a problem.

4. Code Example

Add a security group rule.

POST /api/v2/vm HTTP/1.1
Host: console.zenlayer.com
Content-Type: application/json
X-ZC-Action: AuthorizeSecurityGroupRule
<Common Request Params>

Request:
{
  "securityGroupId": "your-security-group-id",
  "direction": "egress",
  "policy": "accept",
  "priority": 6,
  "ipProtocol": "tcp",
  "portRange": "22/22",
  "cidrIp": "0.0.0.0/0"
}

Response:
{
  "requestId": "T79B0A6A1-2921-4702-8F48-46C0541744FC",
  "response": {
    "requestId": "T79B0A6A1-2921-4702-8F48-46C0541744FC"
  }
}

5. Developer Resources

Zenlayer Cloud API 2.0 integrates SDKs to make it easier for you to call APIs. More programming languages will be supported.

6. Error Codes

The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.​

HTTP Status Code
Error Code
Description

400

INVALID_PARAMETER_SECURITY_GROUP_RULE_ID_NOT_ALLOW

Security group rule ID is not allowed to be passed in.

400

INVALID_PARAMETER_SECURITY_GROUP_POLICY

Invalid value of policy.

400

INVALID_PARAMETER_SECURITY_GROUP_PORT_RANGE

Invalid value of portRange.

400

INVALID_PARAMETER_SECURITY_GROUP_PRIORITY

Invalid value of priority.

400

INVALID_PARAMETER_SECURITY_GROUP_SOURCE_CIDR_IP

Invalid value of source cidrIp.

403

OPERATION_DENIED_SECURITY_GROUP_EXIST_REPEAT_RULE

Duplicated security group rules.

404

INVALID_SECURITY_GROUP_NOT_FOUND

Security group does not exist.

403

OPERATION_DENIED_SECURITY_GROUP_STATUS_NOT_AVAILABLE

Status of security group should be Available.

403

OPERATION_DENIED_SECURITY_GROUP_RULE_EXCEED_LIMIT

Rule quantity exceeds limit.

403

OPERATION_DENIED_DEFAULT_SECURITY_GROUP_NOT_SUPPORT

Operations on the default security groups are not supported.

Last updated