• SAP HANA

saphana
  1. Help Center
  2. SAP HANA
  3. User Guide (API)
  4. Creating a HANA ECS
  5. Creating a Security Group

Creating a Security Group

The configuration of a security group involves security group rules. Four security groups with different rules configured are generally required for configuring the network access rules for all HANA ECSs.

Parameters

[1] Security Group

Attribute

Type

CRUD

Default Value

Restriction

Description

id

Uuid-str

R

None

N/A

Specifies a security group ID.

tenant_id

String (255)

CR

None

N/A

Specifies a tenant ID. Only the administrator can specify the tenant_id of other tenants.

name

String (255)

CRU

None

The value of this parameter cannot be default for a created or updated security group.

Specifies a security group name.

description

String (255)

CRU

Empty

N/A

Describes a security group.

security_group_rules

List (security_group_rule)

R

None

N/A

Specifies security group rules. For details, see the Security Group Rule table.

[2] Security Group Rule

Attribute

Type

CRUD

Default Value

Restriction

Description

id

Uuid-str

R

None

N/A

Specifies a security group rule ID.

security_group_id

Uuid-str

CR

None

Mandatory

Specifies a security group ID.

remote_group_id

Uuid-str

CR

None

Optional

Specifies the peer ID of a security group.

This parameter is alternative to remote_ip_prefix.

direction

String

CR

ingress

ingress/egress

Specifies a rule application direction.

remote_ip_prefix

String (255)

CR

None

CIDR format

Specifies a peer network segment.

This parameter is alternative to remote_group_id.

protocol

String (40)

CR

None

TCP, UDP, ICMP, or IP protocol ID

Specifies a protocol type or an IP protocol ID.

port_range_max

Int

CR

None

Range: 0-65535 (0-255 for code)

Specifies the maximum port number. When ICMP is used, the value is the ICMP code.

port_range_min

Int

CR

None

Range: 0-65535 (0-255 for type)

Specifies the minimum port number. When ICMP is used, the value is the ICMP type.

ethertype

String (40)

CR

IPv4

IPv4 or IPv6

Specifies a network type.

Only IPv4 is supported.

tenant_id

String (255)

CR

None

N/A

Specifies a tenant ID. Only the administrator can specify the tenant_id of other tenants.

API Format

Method

URI

Description

POST

/v2.0/security-groups

Creates a security group.

Restrictions

None

Request Parameters

Parameter

Type

Mandatory or Not

Description

security_group

Dict

Yes

Specifies a security group. For details, see the security_group table.

Mandatory field: none

Response Parameters

Parameter

Type

Mandatory or Not

Description

security_group

Dict

Yes

Specifies a security group. For details, see the security_group table.

Request Example

POST/v2.0/security-groups
{
   "security_group":{
   "name":"test",
   "description": "This is a security group"
   }
}

Response Example

{
   "security_group": {
     "tenant_id": "6fbe9263116a4b68818cf1edce16bc4f",
     "name": "test",
     "description": "This is a security group",
     "security_group_rules": [],
     "id": "9f79f6af-b30f-4b83-bc20-d86e0857cdf3"
  }
}

Number of security groups: 4

For example, the names of the four security groups are saphanagroupnfsServernatserver, and saphanastudigroup.