Create Firewall Group Rule

(Difference between revisions)
Jump to: navigation, search
Administrator (Talk | contribs)
(Created page with "This operation will create a new firewall group rule. ='''POST''' /os-security-group-rules= This operation will create a new firewall group rule. == Request == === JSON === ...")
Newer edit →

Revision as of 15:35, 4 July 2012

This operation will create a new firewall group rule.

Contents

POST /os-security-group-rules

This operation will create a new firewall group rule.

Request

JSON

 {
    "security_group_rule" : {
       "from_port": {start_port}, 
       "to_port": {end_port}, 
       "ip_protocol": "{ip_protocol}", 
       "cidr": "127.0.0.1/24", 
       "parent_group_id": "{parent_group_id}"
    }
 }

security_group_rule

from_port - int
Start port number.
to_port - int
End port number.
ip_protocol - string
IP protocol used.
cidr - string
CIDR notation IP address.
parent_group_id - string
Parent group identifier for this rule.

Response

JSON

 {
    "security_group_rule" : {
       "from_port": {start_port}, 
       "group": {
          "display_name": "{firewall_group_display_name}", 
          "name": "{firewall_group_name}",
          "links": [
             {
                "href": "http://{api_server}/os-security-groups/{firewall_group_name}/", 
                "rel": "self"
             }
          ], 
          "description": "{firewall_group_description}", 
          "account_number": "{user_account_number}",
          "servers": []
       }, 
       "ip_protocol": "{ip_protocol}", 
       "links": [
          {
             "href": "http://{api_server}/os-security-group-rules/{firewall_group_rule_id}/", 
             "rel": "self"
          }
       ], 
       "to_port": {end_port}, 
       "parent_group_id": "{parent_firewall_group_name}", 
       "ip_range": {
          "cidr": "127.0.0.1/24"
       }, 
       "id": {firewall_group_rule_id}
    }
 }

security_group_rule

from_port - int
Start port number.
group - dictionary
Firewall group information.
ip_protocol - string
IP protocol used.
links - list
Hypermedia for this resource.
to_port - int
End port number.
parent_group_id - string
Parent group identifier for this rule.
ip_range - dictionary
IP range in CIDR notation.
id - string
Firewall group rule unique identifier.

Response Codes

Success
HTTP/1.1 201 Created
Failure
HTTP/1.1 400 Bad Request
HTTP/1.1 401 Unauthorized : This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.

Examples

Successfully create a new firewall group rule

POST http(s)://{api_server}//os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

 {
    "security_group_rule" : {
       "from_port": 80, 
       "to_port": 80, 
       "ip_protocol": "tcp", 
       "cidr": "127.0.0.1/24", 
       "parent_group_id": "group2012May11_NpCpS3995"
    }
 }
 

Response Code:

HTTP/1.1 201 Created

Response Body:

 {
    "security_group_rule" : {
       "from_port": 80, 
       "group": {
          "display_name": "Rules Test Group", 
          "name": "group2012May11_NpCpS3995", 
          "links": [
             {
                "href": "http://{api_server}/os-security-groups/group2012May11_NpCpS3995/", 
                "rel": "self"
             }
          ], 
          "description": "A firewall group created from test", 
          "account_number": "test_account_718912", 
          "servers": []
       }, 
       "ip_protocol": "tcp", 
       "links": [
          {
             "href": "http://{api_server}/os-security-group-rules/214/", 
             "rel": "self"
          }
       ], 
       "to_port": 80, 
       "parent_group_id": "group2012May11_NpCpS3995", 
       "ip_range": {
           "cidr": "127.0.0.1/24"
       }, 
       "id": 214
    }
 }
 

Successfully create a new firewall group rule with an IP without a netmask

POST http(s)://{api_server}//os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

 {
    "security_group_rule" : {
       "from_port": 80, 
       "to_port": 80, 
       "ip_protocol": "tcp", 
       "cidr": "127.0.0.1", 
       "parent_group_id": "group2012May11_NpCpS3995"
    }
 }
 

Response Code:

HTTP/1.1 201 Created

Response Body:

 {
    "security_group_rule" : {
       "from_port": 80, 
       "group": {
          "display_name": "Rules Test Group", 
          "name": "group2012May11_NpCpS3995", 
          "links": [
             {
                "href": "http://{api_server}/os-security-groups/group2012May11_NpCpS3995/", 
                "rel": "self"
             }
          ], 
          "description": "A firewall group created from test", 
          "account_number": "test_account_718912", 
          "servers": []
       }, 
       "ip_protocol": "tcp", 
       "links": [
          {
             "href": "http://{api_server}/os-security-group-rules/215/", 
             "rel": "self"
          }
       ], 
       "to_port": 80, 
       "parent_group_id": "group2012May11_NpCpS3995", 
       "ip_range": {
           "cidr": "127.0.0.1/32"
       }, 
       "id": 215
    }
 }
 

Failure while trying to create a new firewall group rule with invalid data

POST http(s)://{api_server}/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

{
   Empty
}

Response Code:

HTTP/1.1 400 Bad Request

Response Body:

 {
    "badRequest" : {
       "message": "Invalid", 
       "code": 400, 
       "details": ""
    }
 }

Failure while trying to create a new rule with invalid from and to ports

POST http(s)://{api_server}/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

{
   "security_group_rule" : {
      "from_port": 81, 
      "to_port": 80, 
      "ip_protocol": "tcp", 
      "cidr": "127.0.0.1/24", 
      "parent_group_id": "group2012May11_NpCpS3995"
   }
}

Response Code:

HTTP/1.1 400 Bad Request

Response Body:

 {
    "badRequest" : { 
       "message": "FirewallRuleError", 
       "code": 400, 
       "details": "Invalid ports"
    }
 }

Failure while trying to create a new rule rule with an invalid protocol

POST http(s)://{api_server}/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

{
   "security_group_rule" : {
      "from_port": 80, 
      "to_port": 80, 
      "ip_protocol": "proto", 
      "cidr": "127.0.0.1/24", 
      "parent_group_id": "group2012May11_NpCpS3995"
   }
}

Response Code:

HTTP/1.1 400 Bad Request

Response Body:

 {
    "badRequest" : {
       "message": "Invalid", 
       "code": 400, 
       "details": ""
    }
 }

Failure while trying to create a new firewall rule with an invalid IP address

POST http(s)://{api_server}/os-security-group-rules

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded username & password string

Request Body:

{
   "security_group_rule" : {
      "from_port": 80, 
      "to_port": 80, 
      "ip_protocol": "tcp", 
      "cidr": "ip_address", 
      "parent_group_id": "group2012May11_NpCpS3995"
   }
}

Response Code:

HTTP/1.1 400 Bad Request

Response Body:

 {
    "badRequest" : {
       "message": "FirewallRuleError", 
       "code": 400, 
       "details": "Source IP address is invalid"
    }
 }

Failure while trying to make unauthorized access

POST http(s)://{api_server}/os-security-groups

Request Headers:

   Content-Type:application/json
   Charset=UTF-8
   Authorization:Base64-encoded fake_authentication_string

Response Code:

HTTP/1.1 401 Unauthorized

Response Body:

    401 Unauthorized
    This server could not verify that you are authorized to
    access the document you requested.  Either you supplied the
    wrong credentials (e.g., bad password), or your browser
    does not understand how to supply the credentials required.


blog comments powered by Disqus


Personal tools
Namespaces
Variants
Actions
APIs
Navigation
Toolbox