AddSecurityGroupRule

API Request

URLs
POST zstack/v1/security-groups/{securityGroupUuid}/rules
Headers
Authorization: OAuth the-session-uuid
Body
{
  "params": {
    "rules": [
      {
        "type": "Ingress",
        "startPort": 22,
        "endPort": 22,
        "protocol": "TCP",
        "allowedCidr": "0.0.0.0/0"
      }
    ],
    "remoteSecurityGroupUuids": [
      "32647e8a0a5e4efca703b0fec190ab54"
    ]
  },
  "systemTags": [],
  "userTags": []
}
Note: In the preceding sample, both systemTags and userTags are optional. These two fields can be included in the body structure.
Curl Sample
curl -H "Content-Type: application/json;charset=UTF-8" \
-H "Authorization: OAuth b86c9016b4f24953a9edefb53ca0678c" \
-X POST -d '{"params":{"rules":[{"type":"Ingress","startPort":22,"endPort":22,"protocol":"TCP","allowedCidr":"0.0.0.0/0"}],"remoteSecurityGroupUuids":["7d4337c2b18339ffb6f5d1023fc2ea42"]}}' \
http://localhost:8080/zstack/v1/security-groups/00fdf47ec62b316a8f17c80d0ee59a01/rules
Request Parameters
Name Type Location Description Optional Value Starting Version
securityGroupUuid String url The security group UUID. 0.6
rules List body (contained in the params structure) The rules in the security group. 0.6
remoteSecurityGroupUuids List body (contained in the params structure) Optional. The security group that the rule takes effect. 2.1
systemTags List body Optional. The system tags. 0.6
userTags List body Optional. The user tags. 0.6

API Response

Sample Response
{
  "inventory": {
    "uuid": "5949aece9cd64d5a939d6dc5e2c1f327",
    "name": "web",
    "description": "for test",
    "state": "Enabled",
    "createDate": "Sep 22, 2017 12:24:11 PM",
    "lastOpDate": "Sep 22, 2017 12:24:11 PM",
    "internalId": 0.0
  }
}
Name Type Description Starting Version
error ErrorCode The error code. If not null, the operation fails, or vice versa. For more information, see error. 0.6
inventory SecurityGroupInventory See inventory. 0.6
#error
Name Type Description Starting Version
code String The error code, which is a numbered or alphanumeric code that specifies an error. For example, SYS.1000, HOST.1001. 0.6
description String The brief description of the error. 0.6
details String The details about the error. 0.6
elaboration String The reserved field. Default value: null. 0.6
opaque LinkedHashMap The reserved field. Default value: null. 0.6
cause ErrorCode The root error, which is the associated root cause of the current error. If no root error exists, this parameter is null. 0.6
#inventory
Name Type Description Starting Version
uuid String The resource UUID. 0.6
name String The resource name. 0.6
description String The detailed description of the resource. 0.6
state String 0.6
ipVersion Integer The IP version. 3.1.0
createDate Timestamp The creation date. 0.6
lastOpDate Timestamp The last operation date. 0.6
attachedL3NetworkUuids Set 0.6
rules List See rules. 0.6
#rules
Name Type Description Starting Version
uuid String The resource UUID. 0.6
securityGroupUuid String The security group UUID. 0.6
type String The traffic type. 0.6
ipVersion Integer The IP version. 3.1.0
startPort Integer
  • If the protocol is TCP or UDP, this parameter is the start port of the port range.
  • If the protocol is ICMP, this parameter is the ICMP type.
 0.6
endPort Integer
  • If the protocol is TCP or UDP, this parameter is the end port of the port range.
  • If the protocol is ICMP, this parameter is the ICMP type.
 0.6
protocol String The traffic protocol type. 0.6
state String The rule state, which is not implemented in the current version. 0.6
allowedCidr String
  • The allowed CIDR, which has different meanings according to different traffic types.
  • If the traffic type is Ingress, the allowed CIDR is a source CIDR that is allowed to access VM NICs.
  • If the traffic type is Egress, the allowed CIDR is a destination CIDR that is allowed to leave from VM NICs.
 0.6
remoteSecurityGroupUuid String 0.6
createDate Timestamp The creation date. 0.6
lastOpDate Timestamp The last operation date. 0.6

SDK Sample

Java SDK
AddSecurityGroupRuleAction action = new AddSecurityGroupRuleAction();
action.securityGroupUuid = "11a632fb43434d9582a736f538af41a0";
action.rules = asList([type:Ingress, startPort:22.0, endPort:22.0, protocol:TCP, allowedCidr:0.0.0.0/0]);
action.remoteSecurityGroupUuids = asList("22ee23f9b3924d13a11eabbe8786f0dc");
action.sessionId = "96d2a0445f4241bd823141c281fb4b3e";
AddSecurityGroupRuleAction.Result res = action.call();
Python SDK
AddSecurityGroupRuleAction action = AddSecurityGroupRuleAction()
action.securityGroupUuid = "38aa7db9d299456f8c2410a1148bb18c"
action.rules = [[type:Ingress, startPort:22.0, endPort:22.0, protocol:TCP, allowedCidr:0.0.0.0/0]]
action.remoteSecurityGroupUuids = [b4e32c0abbfb428798b48ea2cbe8103d]
action.sessionId = "3435114ce8294deea437496ccf78a1d8"
AddSecurityGroupRuleAction.Result res = action.call()