Latest revision as of 11:00, 11 October 2013

This operation will create a new firewall group rule.

POST /accounts/{accountId}/flexcloud/os-security-group-rules

This operation will create a new firewall group rule.

Request

Parameters

accountId - string

The selected account Id.

JSON

 {
    "securityGroupRule" : {
       "fromPort": {start_port}, 
       "toPort": {end_port}, 
       "protocol": "{ip_protocol}", 
       "cidr": "127.0.0.1/24", 
       "parentGroupId": "{parent_group_id}"
    }
 }

securityGroupRule

fromPort - int

Start port number.

toPort - int

End port number.

protocol - string

IP protocol used. TCP or UDP

cidr - string

CIDR notation IP address.

parentGroupId - string

Parent group identifier for this rule.

Response

JSON

 {
    "securityGroupRule" : {
       "fromPort": {start_port}, 
       "protocol": "{ip_protocol}", 
       "links": [
          {
             "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/{firewall_group_rule_id}/", 
             "rel": "self"
          }
       ], 
       "toPort": {end_port}, 
       "parentGroupId": "{parent_firewall_group_name}", 
       "cidr": "127.0.0.1/24"
       "id": {firewall_group_rule_id}
    }
 }

securityGroupRule

fromPort - int

Start port number.

protocol - string

IP protocol used.

links - list

Hypermedia for this resource.

toPort - int

End port number.

parentGroupId - string

Parent group identifier for this rule.

cidr - string

IP range in CIDR notation.

id - string

Firewall group rule unique identifier.

Response Codes

Success

HTTP/1.1 201 Created

Failure

HTTP/1.1 400 Bad Request

HTTP/1.1 401 Unauthorized : This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.

HTTP/1.1 404 Not Found - The resource does not exist.

Examples

Successfully create a new firewall group rule

POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

 {
    "security_group_rule" : {
       "from_port": 80, 
       "to_port": 80, 
       "ip_protocol": "tcp", 
       "cidr": "127.0.0.1/24", 
       "parent_group_id": "group2012May11_NpCpS3995"
    }
 } 

Response Code:

HTTP/1.1 201 Created

Response Body:

 {
    "securityGroupRule" : {
       "fromPort": 80, 
       "protocol": "tcp", 
       "links": [
          {
             "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/214/", 
             "rel": "self"
          }
       ], 
       "toPort": 80, 
       "parentGroupId": "group2012May11_NpCpS3995", 
       "cidr": "127.0.0.1/24",
       "id": 214
    }
 } 

Successfully create a new firewall group rule with an IP without a netmask

POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

 {
    "securityGroupRule" : {
       "fromPort": 80, 
       "toPort": 80, 
       "protocol": "TCP", 
       "cidr": "127.0.0.1", 
       "parentGroupId": "group2012May11_NpCpS3995"
    }
 } 

Response Code:

HTTP/1.1 201 Created

Response Body:

 {
    "securityGroupRule" : {
       "fromPort": 80, 
       "protocol": "tcp", 
       "links": [
          {
             "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/215/", 
             "rel": "self"
          }
       ], 
       "toPort": 80, 
       "parentGroupId": "group2012May11_NpCpS3995", 
       "cidr": "127.0.0.1/32",
       "id": 215
    }
 } 

Failure while trying to create a new firewall group rule with invalid data

POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

{
   Empty
}

Response Code:

HTTP/1.1 400 Bad Request

Response Body:

 {
    "badRequest" : {
       "message": "Invalid", 
       "code": 400, 
       "details": "",
       "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf"
    }
 }

Failure while trying to create a new rule with invalid from and to ports

POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

 {
    "securityGroupRule" : {
       "fromPort": 81, 
       "toPort": 80, 
       "protocol": "tcp", 
       "cidr": "127.0.0.1/24", 
       "parentGroupId": "group2012May11_NpCpS3995"
    }
 }

Response Code:

HTTP/1.1 400 Bad Request

Response Body:

 {
    "badRequest" : { 
       "message": "FirewallRuleError", 
       "code": 400, 
       "details": "Invalid ports",
       "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf"
    }
 }

Failure while trying to create a new rule rule with an invalid protocol

POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

{
   "securityGroupRule" : {
      "fromPort": 80, 
      "toPort": 80, 
      "protocol": "proto", 
      "cidr": "127.0.0.1/24", 
      "parentGroupId": "group2012May11_NpCpS3995"
   }
}

Response Code:

HTTP/1.1 400 Bad Request

Response Body:

 {
    "badRequest" : {
       "message": "Invalid", 
       "code": 400, 
       "details": "",
       "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf"
    }
 }

Failure while trying to create a new firewall rule with an invalid IP address

POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

{
   "securityGroupRule" : {
      "fromPort": 80, 
      "toPort": 80, 
      "protocol": "tcp", 
      "cidr": "ip_address", 
      "parentGroupId": "group2012May11_NpCpS3995"
   }
}

Response Code:

HTTP/1.1 400 Bad Request

Response Body:

 {
    "badRequest" : {
       "message": "FirewallRuleError", 
       "code": 400, 
       "details": "Source IP address is invalid",
       "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf"
    }
 }

Failure while trying to make unauthorized access

POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-groups

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded fake_authentication_string

Response Code:

HTTP/1.1 401 Unauthorized

Response Body:

    401 Unauthorized
    This server could not verify that you are authorized to
    access the document you requested.  Either you supplied the
    wrong credentials (e.g., bad password), or your browser
    does not understand how to supply the credentials required.

Failure while trying to pass invalid account number

POST http(s)://{api_server}/accounts/fake/flexcloud/os-security-groups

Response Code:

HTTP/1.1 404 Not Found

Response Body:

 {
    "itemNotFound" : {
       "message": "Resource not found", 
       "code": 404, 
       "details": "",
       "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf"
    }
 }

Alternative URI /os-security-group-rules

An alternative way to execute this call is to omit the accountId portion of the URI. In this case the system assumes the request is executed for the account identified in the authorization header.

POST /os-security-group-rules