• Elastic Cloud Server

ecs
  1. Help Center
  2. Elastic Cloud Server
  3. API Reference
  4. OpenStack Nova APIs
  5. Security Group Management
  6. Creating a Security Group Rule (Discarded)

Creating a Security Group Rule (Discarded)

Function Description

This interface is used to create a security group rule.

Constraints

This API will be discarded.

You are advised to use the desired network interface. For details, see section "Security Group (Native OpenStack API) > Creating a Security Group Rule" in Virtual Private Network API Reference.

URI

POST /v2/{project_id}/os-security-group-rules

POST /v2.1/{project_id}/os-security-group-rules

Table 1 describes the parameters in the URI.
Table 1 Parameter description

Parameter

Mandatory

Description

project_id

Yes

Specifies the project ID.

Request

Request parameters

Table 2 describes the request parameters.

Table 2 Request parameters

Parameter

Type

Mandatory

Description

security_group_rule

Dict

Yes

Specifies the security group rule, which is configured in the message body. For details, see Table 3.

Table 3 Objects of request parameter security_group_rule

Parameter

Type

Mandatory

Description

parent_group_id

String

Yes

Specifies the associated security group ID in UUID format.

ip_protocol

String

Yes

Specifies the IP protocol, which can be icmptcp, or udp.

from_port

Int

Yes

Specifies the start port. The value ranges from 1 to 65,535 and is no greater than the value of to_port.

If the value of ip_protocol is icmp, this parameter specifies the ICMP type. The value ranges from 0 to 255.

to_port

Int

Yes

Specifies the end port. The value ranges from 1 to 65,535 and cannot be less than from_port.

If ip_protocol is icmp, this parameter specifies the ICMP code. The value ranges from 0 to 255. If both from_port and to_port are -1, any ICMP packet can be transmitted.

cidr

String

No

Specifies the IP address range. The address is in CIDR format, such as 192.168.0.0/24.

group_id

String

No

Specifies the source security group ID. If both group_id and cidr are set, group_id prevails.

Response

Response parameters

Table 4 describes the response parameters.

Table 4 Response parameters

Parameter

Type

Mandatory

Description

security_group_rule

Dict

Yes

Specifies the security group rule, which is configured in the message body. For details, see Table 5.

Table 5 Objects of response parameter security_group_rule

Parameter

Type

Mandatory

Description

parent_group_id

String

Yes

Specifies the associated security group ID in UUID format.

ip_protocol

String

Yes

Specifies the IP protocol, which can be icmptcp, or udp.

from_port

Int

Yes

Specifies the start port number. The value ranges from 1 to 65,535 and cannot be greater than to_port.

When the protocol type is set to ICMP, from_port is the ICMP type and ranges from 0 to 255.

to_port

Int

Yes

Specifies the end port number. The value ranges from 1 to 65,535.

  • When the protocol type is set to ICMP, to_port is the ICMP code and ranges from 0 to 255.
  • If both from_port and to_port are -1, it indicates that any ICMP packet can be transmitted.

ip_range

Dict(ip_range)

Yes

Specifies the IP address range, including the CIDR information, such as "ip_range": {"cidr": "0.0.0.0/0"}. For details, see the ip_range object.

group

Dict

Yes

Nothing is returned.

id

String

Yes

Specifies the security group rule ID in UUID format.

Table 6 ip_range objects

Parameter

Type

Mandatory

Description

cidr

String

Yes

Specifies the IP address range. The address is in CIDR format, such as 192.168.0.0/24.

Examples

  • Example request
    {
    "security_group_rule": {
    "from_port": "443",
    "ip_protocol": "tcp",
    "to_port": "443",
    "cidr": "0.0.0.0/0",
    "parent_group_id": "48700ff3-30b8-4e63-845f-a79c9633e9fb"
    }
    }
  • Example response
    {
    "security_group_rule": {
    "id": "F4966B29-D21D-B211-B6B4-0018E1C5D866",
    "ip_range": {
    "cidr": "0.0.0.0/0"
    },
    "parent_group_id": "48700ff3-30b8-4e63-845f-a79c9633e9fb",
    "to_port": 443,
    "ip_protocol": "tcp",
    "group": {},
    "from_port": 443
    }
    }

Returned Values

See General Request Returned Values.