Create Firewall Group Rule
This operation will create a new firewall group rule.
Contents |
POST /accounts/{accountId}/flexcloud/os-security-group-rules
This operation will create a new firewall group rule.
Request
Parameters
- accountId - string
- The selected account Id.
JSON
{ "securityGroupRule" : { "fromPort": {start_port}, "toPort": {end_port}, "protocol": "{ip_protocol}", "cidr": "127.0.0.1/24", "parentGroupId": "{parent_group_id}" } }
securityGroupRule
- fromPort - int
- Start port number.
- toPort - int
- End port number.
- protocol - string
- IP protocol used. TCP or UDP
- cidr - string
- CIDR notation IP address.
- parentGroupId - string
- Parent group identifier for this rule.
Response
JSON
{ "securityGroupRule" : { "fromPort": {start_port}, "protocol": "{ip_protocol}", "links": [ { "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/{firewall_group_rule_id}/", "rel": "self" } ], "toPort": {end_port}, "parentGroupId": "{parent_firewall_group_name}", "cidr": "127.0.0.1/24" "id": {firewall_group_rule_id} } }
securityGroupRule
- fromPort - int
- Start port number.
- protocol - string
- IP protocol used.
- links - list
- Hypermedia for this resource.
- toPort - int
- End port number.
- parentGroupId - string
- Parent group identifier for this rule.
- cidr - string
- IP range in CIDR notation.
- id - string
- Firewall group rule unique identifier.
Response Codes
- Success
- HTTP/1.1 201 Created
- Failure
- HTTP/1.1 400 Bad Request
- HTTP/1.1 401 Unauthorized : This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.
- HTTP/1.1 404 Not Found - The resource does not exist.
Examples
Successfully create a new firewall group rule
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{ "security_group_rule" : { "from_port": 80, "to_port": 80, "ip_protocol": "tcp", "cidr": "127.0.0.1/24", "parent_group_id": "group2012May11_NpCpS3995" } }
Response Code:
HTTP/1.1 201 Created
Response Body:
{ "securityGroupRule" : { "fromPort": 80, "protocol": "tcp", "links": [ { "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/214/", "rel": "self" } ], "toPort": 80, "parentGroupId": "group2012May11_NpCpS3995", "cidr": "127.0.0.1/24", "id": 214 } }
Successfully create a new firewall group rule with an IP without a netmask
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{ "securityGroupRule" : { "fromPort": 80, "toPort": 80, "protocol": "TCP", "cidr": "127.0.0.1", "parentGroupId": "group2012May11_NpCpS3995" } }
Response Code:
HTTP/1.1 201 Created
Response Body:
{ "securityGroupRule" : { "fromPort": 80, "protocol": "tcp", "links": [ { "href": "http://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules/215/", "rel": "self" } ], "toPort": 80, "parentGroupId": "group2012May11_NpCpS3995", "cidr": "127.0.0.1/32", "id": 215 } }
Failure while trying to create a new firewall group rule with invalid data
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
Empty
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{ "badRequest" : { "message": "Invalid", "code": 400, "details": "", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Failure while trying to create a new rule with invalid from and to ports
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{ "securityGroupRule" : { "fromPort": 81, "toPort": 80, "protocol": "tcp", "cidr": "127.0.0.1/24", "parentGroupId": "group2012May11_NpCpS3995" } }
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{ "badRequest" : { "message": "FirewallRuleError", "code": 400, "details": "Invalid ports", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Failure while trying to create a new rule rule with an invalid protocol
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"securityGroupRule" : {
"fromPort": 80,
"toPort": 80,
"protocol": "proto",
"cidr": "127.0.0.1/24",
"parentGroupId": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{ "badRequest" : { "message": "Invalid", "code": 400, "details": "", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Failure while trying to create a new firewall rule with an invalid IP address
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"securityGroupRule" : {
"fromPort": 80,
"toPort": 80,
"protocol": "tcp",
"cidr": "ip_address",
"parentGroupId": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{ "badRequest" : { "message": "FirewallRuleError", "code": 400, "details": "Source IP address is invalid", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Failure while trying to make unauthorized access
- POST http(s)://{api_server}/accounts/{accountId}/flexcloud/os-security-groups
Request Headers:
Content-Type:application/json
Charset=UTF-8
Authorization:Base64-encoded fake_authentication_string
Response Code:
HTTP/1.1 401 Unauthorized
Response Body:
401 Unauthorized This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.
Failure while trying to pass invalid account number
- POST http(s)://{api_server}/accounts/fake/flexcloud/os-security-groups
Response Code:
HTTP/1.1 404 Not Found
Response Body:
{ "itemNotFound" : { "message": "Resource not found", "code": 404, "details": "", "errorid": "59e0b3dd-2173-432a-8ff5-60efe16e83bf" } }
Alternative URI /os-security-group-rules
An alternative way to execute this call is to omit the accountId portion of the URI. In this case the system assumes the request is executed for the account identified in the authorization header.
POST /os-security-group-rules