Create Firewall Group Rule
Mike.robski (Talk | contribs) |
Mike.robski (Talk | contribs) m (1 revision: Release 86) |
||
(6 intermediate revisions by 3 users not shown) | |||
Line 1: | Line 1: | ||
This operation will create a new firewall group rule. | This operation will create a new firewall group rule. | ||
− | ='''POST''' /os-security-group-rules= | + | ='''POST''' /accounts/''{accountId}''/flexcloud/os-security-group-rules= |
This operation will create a new firewall group rule. | This operation will create a new firewall group rule. | ||
== Request == | == Request == | ||
+ | === Parameters === | ||
+ | ; accountId - ''string'' | ||
+ | : The selected account Id. | ||
+ | |||
=== JSON === | === JSON === | ||
<nowiki> | <nowiki> | ||
{ | { | ||
− | " | + | "securityGroupRule" : { |
− | " | + | "fromPort": {start_port}, |
− | " | + | "toPort": {end_port}, |
− | " | + | "protocol": "{ip_protocol}", |
"cidr": "127.0.0.1/24", | "cidr": "127.0.0.1/24", | ||
− | " | + | "parentGroupId": "{parent_group_id}" |
} | } | ||
}</nowiki> | }</nowiki> | ||
− | ==== | + | ====securityGroupRule==== |
− | ; | + | ; fromPort - ''int'' |
: Start port number. | : Start port number. | ||
− | ; | + | ; toPort - ''int'' |
: End port number. | : End port number. | ||
− | ; | + | ; protocol - ''string'' |
− | : IP protocol used. | + | : IP protocol used. TCP or UDP |
; cidr - ''string'' | ; cidr - ''string'' | ||
: CIDR notation IP address. | : CIDR notation IP address. | ||
− | ; | + | ; parentGroupId - ''string'' |
: Parent group identifier for this rule. | : Parent group identifier for this rule. | ||
Line 37: | Line 41: | ||
<nowiki> | <nowiki> | ||
{ | { | ||
− | " | + | "securityGroupRule" : { |
− | " | + | "fromPort": {start_port}, |
− | " | + | "protocol": "{ip_protocol}", |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
"links": [ | "links": [ | ||
{ | { | ||
− | "href": "http://{api_server}/os-security-group-rules/{firewall_group_rule_id}/", | + | "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/{firewall_group_rule_id}/", |
"rel": "self" | "rel": "self" | ||
} | } | ||
], | ], | ||
− | " | + | "toPort": {end_port}, |
− | " | + | "parentGroupId": "{parent_firewall_group_name}", |
− | + | "cidr": "127.0.0.1/24" | |
− | + | ||
− | + | ||
"id": {firewall_group_rule_id} | "id": {firewall_group_rule_id} | ||
} | } | ||
Line 69: | Line 58: | ||
</nowiki> | </nowiki> | ||
− | ==== | + | ====securityGroupRule==== |
− | ; | + | ; fromPort - ''int'' |
: Start port number. | : Start port number. | ||
− | ; | + | ; protocol - ''string'' |
− | + | ||
− | + | ||
− | + | ||
: IP protocol used. | : IP protocol used. | ||
Line 82: | Line 68: | ||
: [[Hypermedia]] for this resource. | : [[Hypermedia]] for this resource. | ||
− | ; | + | ; toPort - ''int'' |
: End port number. | : End port number. | ||
− | ; | + | ; parentGroupId - ''string'' |
: Parent group identifier for this rule. | : Parent group identifier for this rule. | ||
− | ; | + | ; cidr - ''string'' |
: IP range in CIDR notation. | : IP range in CIDR notation. | ||
Line 101: | Line 87: | ||
: ''HTTP/1.1 400 Bad Request'' | : ''HTTP/1.1 400 Bad Request'' | ||
: ''HTTP/1.1 401 Unauthorized'' : This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required. | : ''HTTP/1.1 401 Unauthorized'' : This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required. | ||
+ | : ''HTTP/1.1 404 Not Found'' - The resource does not exist. | ||
== Examples == | == Examples == | ||
'''Successfully create a new firewall group rule''' | '''Successfully create a new firewall group rule''' | ||
− | :'''POST''' http(s)://{api_server}//os-security-group-rules | + | :'''POST''' http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules |
''Request Headers:'' | ''Request Headers:'' | ||
Line 121: | Line 108: | ||
"parent_group_id": "group2012May11_NpCpS3995" | "parent_group_id": "group2012May11_NpCpS3995" | ||
} | } | ||
− | } | + | } </nowiki> |
− | + | ||
''Response Code:'' | ''Response Code:'' | ||
Line 130: | Line 116: | ||
<nowiki> | <nowiki> | ||
{ | { | ||
− | " | + | "securityGroupRule" : { |
− | " | + | "fromPort": 80, |
− | " | + | "protocol": "tcp", |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
"links": [ | "links": [ | ||
{ | { | ||
− | "href": "http://{api_server}/os-security-group-rules/214/", | + | "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/214/", |
"rel": "self" | "rel": "self" | ||
} | } | ||
], | ], | ||
− | " | + | "toPort": 80, |
− | " | + | "parentGroupId": "group2012May11_NpCpS3995", |
− | + | "cidr": "127.0.0.1/24", | |
− | + | ||
− | + | ||
"id": 214 | "id": 214 | ||
} | } | ||
− | } | + | } </nowiki> |
− | + | ||
'''Successfully create a new firewall group rule with an IP without a netmask''' | '''Successfully create a new firewall group rule with an IP without a netmask''' | ||
− | :'''POST''' http(s)://{api_server}//os-security-group-rules | + | :'''POST''' http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules |
''Request Headers:'' | ''Request Headers:'' | ||
Line 173: | Line 143: | ||
<nowiki> | <nowiki> | ||
{ | { | ||
− | " | + | "securityGroupRule" : { |
− | " | + | "fromPort": 80, |
− | " | + | "toPort": 80, |
− | " | + | "protocol": "TCP", |
"cidr": "127.0.0.1", | "cidr": "127.0.0.1", | ||
− | " | + | "parentGroupId": "group2012May11_NpCpS3995" |
} | } | ||
− | } | + | } </nowiki> |
− | + | ||
''Response Code:'' | ''Response Code:'' | ||
Line 189: | Line 158: | ||
<nowiki> | <nowiki> | ||
{ | { | ||
− | " | + | "securityGroupRule" : { |
− | " | + | "fromPort": 80, |
− | " | + | "protocol": "tcp", |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | ||
"links": [ | "links": [ | ||
{ | { | ||
− | "href": "http://{api_server}/os-security-group-rules/215/", | + | "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/215/", |
"rel": "self" | "rel": "self" | ||
} | } | ||
], | ], | ||
− | " | + | "toPort": 80, |
− | " | + | "parentGroupId": "group2012May11_NpCpS3995", |
− | + | "cidr": "127.0.0.1/32", | |
− | + | ||
− | + | ||
"id": 215 | "id": 215 | ||
} | } | ||
− | } | + | } </nowiki> |
− | + | ||
'''Failure while trying to create a new firewall group rule with invalid data''' | '''Failure while trying to create a new firewall group rule with invalid data''' | ||
− | :'''POST''' http(s)://{api_server}/os-security-group-rules | + | :'''POST''' http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules |
''Request Headers:'' | ''Request Headers:'' | ||
Line 243: | Line 196: | ||
"message": "Invalid", | "message": "Invalid", | ||
"code": 400, | "code": 400, | ||
− | "details": "" | + | "details": "", |
+ | "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" | ||
} | } | ||
}</nowiki> | }</nowiki> | ||
'''Failure while trying to create a new rule with invalid from and to ports''' | '''Failure while trying to create a new rule with invalid from and to ports''' | ||
− | :'''POST''' http(s)://{api_server}/os-security-group-rules | + | :'''POST''' http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules |
''Request Headers:'' | ''Request Headers:'' | ||
Line 256: | Line 210: | ||
''Request Body:'' | ''Request Body:'' | ||
+ | <nowiki> | ||
{ | { | ||
− | " | + | "securityGroupRule" : { |
− | " | + | "fromPort": </nowiki><span style="color:red">81</span><nowiki>, |
− | " | + | "toPort": </nowiki><span style="color:red">80</span><nowiki>, |
− | " | + | "protocol": "tcp", |
"cidr": "127.0.0.1/24", | "cidr": "127.0.0.1/24", | ||
− | " | + | "parentGroupId": "group2012May11_NpCpS3995" |
} | } | ||
− | } | + | }</nowiki> |
''Response Code:'' | ''Response Code:'' | ||
Line 275: | Line 230: | ||
"message": "FirewallRuleError", | "message": "FirewallRuleError", | ||
"code": 400, | "code": 400, | ||
− | "details": "Invalid ports" | + | "details": "Invalid ports", |
+ | "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" | ||
} | } | ||
}</nowiki> | }</nowiki> | ||
'''Failure while trying to create a new rule rule with an invalid protocol''' | '''Failure while trying to create a new rule rule with an invalid protocol''' | ||
− | :'''POST''' http(s)://{api_server}/os-security-group-rules | + | :'''POST''' http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules |
''Request Headers:'' | ''Request Headers:'' | ||
Line 289: | Line 245: | ||
''Request Body:'' | ''Request Body:'' | ||
{ | { | ||
− | " | + | "securityGroupRule" : { |
− | " | + | "fromPort": 80, |
− | " | + | "toPort": 80, |
− | " | + | "protocol": "<span style="color:red">proto</span>", |
"cidr": "127.0.0.1/24", | "cidr": "127.0.0.1/24", | ||
− | " | + | "parentGroupId": "group2012May11_NpCpS3995" |
} | } | ||
} | } | ||
Line 307: | Line 263: | ||
"message": "Invalid", | "message": "Invalid", | ||
"code": 400, | "code": 400, | ||
− | "details": "" | + | "details": "", |
+ | "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" | ||
} | } | ||
}</nowiki> | }</nowiki> | ||
'''Failure while trying to create a new firewall rule with an invalid IP address''' | '''Failure while trying to create a new firewall rule with an invalid IP address''' | ||
− | :'''POST''' http(s)://{api_server}/os-security-group-rules | + | :'''POST''' http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules |
''Request Headers:'' | ''Request Headers:'' | ||
Line 321: | Line 278: | ||
''Request Body:'' | ''Request Body:'' | ||
{ | { | ||
− | " | + | "securityGroupRule" : { |
− | " | + | "fromPort": 80, |
− | " | + | "toPort": 80, |
− | " | + | "protocol": "tcp", |
"cidr": "<span style="color:red">ip_address</span>", | "cidr": "<span style="color:red">ip_address</span>", | ||
− | " | + | "parentGroupId": "group2012May11_NpCpS3995" |
} | } | ||
} | } | ||
Line 339: | Line 296: | ||
"message": "FirewallRuleError", | "message": "FirewallRuleError", | ||
"code": 400, | "code": 400, | ||
− | "details": "Source IP address is invalid" | + | "details": "Source IP address is invalid", |
+ | "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" | ||
} | } | ||
}</nowiki> | }</nowiki> | ||
'''Failure while trying to make unauthorized access''' | '''Failure while trying to make unauthorized access''' | ||
− | :'''POST''' http(s)://{api_server}/os-security-groups | + | :'''POST''' http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-groups |
''Request Headers:'' | ''Request Headers:'' | ||
Line 361: | Line 319: | ||
does not understand how to supply the credentials required. | does not understand how to supply the credentials required. | ||
− | + | '''Failure while trying to pass invalid account number''' | |
+ | :'''POST''' http(s)://{api_server}/accounts/fake/flexcloud/os-security-groups | ||
+ | |||
+ | ''Response Code:'' | ||
+ | <pre>HTTP/1.1 404 Not Found</pre> | ||
+ | |||
+ | ''Response Body:'' | ||
+ | <nowiki> | ||
+ | { | ||
+ | "itemNotFound" : { | ||
+ | "message": "Resource not found", | ||
+ | "code": 404, | ||
+ | "details": "", | ||
+ | "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" | ||
+ | } | ||
+ | }</nowiki> | ||
− | + | == Alternative URI /os-security-group-rules == | |
+ | An alternative way to execute this call is to omit the ''accountId'' portion of the URI. In this case the system assumes the request is executed for the account identified in the [[Authentication|authorization header]]. | ||
− | + | <code>POST /os-security-group-rules</code> | |
− | + | ||
− | + | ||
− | + | ||
− | + | ||
− | + | [[Category:Hostway API]] | |
+ | [[Category:FlexCloud Server API]] |
Latest revision as of 11:00, 11 October 2013
This operation will create a new firewall group rule.
Contents |
POST /accounts/{accountId}/flexcloud/os-security-group-rules
This operation will create a new firewall group rule.
Request
Parameters
- accountId - string
- The selected account Id.
JSON
{ "securityGroupRule" : { "fromPort": {start_port}, "toPort": {end_port}, "protocol": "{ip_protocol}", "cidr": "127.0.0.1/24", "parentGroupId": "{parent_group_id}" } }
securityGroupRule
- fromPort - int
- Start port number.
- toPort - int
- End port number.
- protocol - string
- IP protocol used. TCP or UDP
- cidr - string
- CIDR notation IP address.
- parentGroupId - string
- Parent group identifier for this rule.
Response
JSON
{ "securityGroupRule" : { "fromPort": {start_port}, "protocol": "{ip_protocol}", "links": [ { "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/{firewall_group_rule_id}/", "rel": "self" } ], "toPort": {end_port}, "parentGroupId": "{parent_firewall_group_name}", "cidr": "127.0.0.1/24" "id": {firewall_group_rule_id} } }
securityGroupRule
- fromPort - int
- Start port number.
- protocol - string
- IP protocol used.
- links - list
- Hypermedia for this resource.
- toPort - int
- End port number.
- parentGroupId - string
- Parent group identifier for this rule.
- cidr - string
- IP range in CIDR notation.
- id - string
- Firewall group rule unique identifier.
Response Codes
- Success
- HTTP/1.1 201 Created
- Failure
- HTTP/1.1 400 Bad Request
- HTTP/1.1 401 Unauthorized : This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.
- HTTP/1.1 404 Not Found - The resource does not exist.
Examples
Successfully create a new firewall group rule
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{ "security_group_rule" : { "from_port": 80, "to_port": 80, "ip_protocol": "tcp", "cidr": "127.0.0.1/24", "parent_group_id": "group2012May11_NpCpS3995" } }
Response Code:
HTTP/1.1 201 Created
Response Body:
{ "securityGroupRule" : { "fromPort": 80, "protocol": "tcp", "links": [ { "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/214/", "rel": "self" } ], "toPort": 80, "parentGroupId": "group2012May11_NpCpS3995", "cidr": "127.0.0.1/24", "id": 214 } }
Successfully create a new firewall group rule with an IP without a netmask
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{ "securityGroupRule" : { "fromPort": 80, "toPort": 80, "protocol": "TCP", "cidr": "127.0.0.1", "parentGroupId": "group2012May11_NpCpS3995" } }
Response Code:
HTTP/1.1 201 Created
Response Body:
{ "securityGroupRule" : { "fromPort": 80, "protocol": "tcp", "links": [ { "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/215/", "rel": "self" } ], "toPort": 80, "parentGroupId": "group2012May11_NpCpS3995", "cidr": "127.0.0.1/32", "id": 215 } }
Failure while trying to create a new firewall group rule with invalid data
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
Empty
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{ "badRequest" : { "message": "Invalid", "code": 400, "details": "", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Failure while trying to create a new rule with invalid from and to ports
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{ "securityGroupRule" : { "fromPort": 81, "toPort": 80, "protocol": "tcp", "cidr": "127.0.0.1/24", "parentGroupId": "group2012May11_NpCpS3995" } }
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{ "badRequest" : { "message": "FirewallRuleError", "code": 400, "details": "Invalid ports", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Failure while trying to create a new rule rule with an invalid protocol
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"securityGroupRule" : {
"fromPort": 80,
"toPort": 80,
"protocol": "proto",
"cidr": "127.0.0.1/24",
"parentGroupId": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{ "badRequest" : { "message": "Invalid", "code": 400, "details": "", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Failure while trying to create a new firewall rule with an invalid IP address
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"securityGroupRule" : {
"fromPort": 80,
"toPort": 80,
"protocol": "tcp",
"cidr": "ip_address",
"parentGroupId": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{ "badRequest" : { "message": "FirewallRuleError", "code": 400, "details": "Source IP address is invalid", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Failure while trying to make unauthorized access
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-groups
Request Headers:
Content-Type:application/json
Charset=UTF-8
Authorization:Base64-encoded fake_authentication_string
Response Code:
HTTP/1.1 401 Unauthorized
Response Body:
401 Unauthorized This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.
Failure while trying to pass invalid account number
- POST http(s)://{api_server}/accounts/fake/flexcloud/os-security-groups
Response Code:
HTTP/1.1 404 Not Found
Response Body:
{ "itemNotFound" : { "message": "Resource not found", "code": 404, "details": "", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Alternative URI /os-security-group-rules
An alternative way to execute this call is to omit the accountId portion of the URI. In this case the system assumes the request is executed for the account identified in the authorization header.
POST /os-security-group-rules