Create Firewall Group Rule
(Difference between revisions)
Mike.robski (Talk | contribs) |
|||
| Line 2: | Line 2: | ||
=='''POST''' /os-security-group-rules== | =='''POST''' /os-security-group-rules== | ||
| − | |||
=== Request === | === Request === | ||
Revision as of 20:40, 12 April 2013
This operation will create a new firewall group rule.
Contents |
POST /os-security-group-rules
Request
JSON
{
"security_group_rule" : {
"from_port": {start_port},
"to_port": {end_port},
"ip_protocol": "{ip_protocol}",
"cidr": "127.0.0.1/24",
"parent_group_id": "{parent_group_id}"
}
}
security_group_rule
- from_port - int
- Start port number.
- to_port - int
- End port number.
- ip_protocol - string
- IP protocol used.
- cidr - string
- CIDR notation IP address.
- parent_group_id - string
- Parent group identifier for this rule.
Response
JSON
{
"security_group_rule" : {
"from_port": {start_port},
"group": {
"display_name": "{firewall_group_display_name}",
"name": "{firewall_group_name}",
"links": [
{
"href": "http://{api_server}/os-security-groups/{firewall_group_name}/",
"rel": "self"
}
],
"description": "{firewall_group_description}",
"account_number": "{user_account_number}",
"servers": []
},
"ip_protocol": "{ip_protocol}",
"links": [
{
"href": "http://{api_server}/os-security-group-rules/{firewall_group_rule_id}/",
"rel": "self"
}
],
"to_port": {end_port},
"parent_group_id": "{parent_firewall_group_name}",
"ip_range": {
"cidr": "127.0.0.1/24"
},
"id": {firewall_group_rule_id}
}
}
security_group_rule
- from_port - int
- Start port number.
- group - dictionary
- Firewall group information.
- ip_protocol - string
- IP protocol used.
- links - list
- Hypermedia for this resource.
- to_port - int
- End port number.
- parent_group_id - string
- Parent group identifier for this rule.
- ip_range - dictionary
- IP range in CIDR notation.
- id - string
- Firewall group rule unique identifier.
Response Codes
- Success
- HTTP/1.1 201 Created
- Failure
- HTTP/1.1 400 Bad Request
- HTTP/1.1 401 Unauthorized : This server could not verify that you are authorized to access the document you requested. Either you supplied the wrong credentials (e.g., bad password), or your browser does not understand how to supply the credentials required.
Examples
Successfully create a new firewall group rule
- POST http(s)://{api_server}//os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"security_group_rule" : {
"from_port": 80,
"to_port": 80,
"ip_protocol": "tcp",
"cidr": "127.0.0.1/24",
"parent_group_id": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 201 Created
Response Body:
{
"security_group_rule" : {
"from_port": 80,
"group": {
"display_name": "Rules Test Group",
"name": "group2012May11_NpCpS3995",
"links": [
{
"href": "http://{api_server}/os-security-groups/group2012May11_NpCpS3995/",
"rel": "self"
}
],
"description": "A firewall group created from test",
"account_number": "test_account_718912",
"servers": []
},
"ip_protocol": "tcp",
"links": [
{
"href": "http://{api_server}/os-security-group-rules/214/",
"rel": "self"
}
],
"to_port": 80,
"parent_group_id": "group2012May11_NpCpS3995",
"ip_range": {
"cidr": "127.0.0.1/24"
},
"id": 214
}
}
Successfully create a new firewall group rule with an IP without a netmask
- POST http(s)://{api_server}//os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"security_group_rule" : {
"from_port": 80,
"to_port": 80,
"ip_protocol": "tcp",
"cidr": "127.0.0.1",
"parent_group_id": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 201 Created
Response Body:
{
"security_group_rule" : {
"from_port": 80,
"group": {
"display_name": "Rules Test Group",
"name": "group2012May11_NpCpS3995",
"links": [
{
"href": "http://{api_server}/os-security-groups/group2012May11_NpCpS3995/",
"rel": "self"
}
],
"description": "A firewall group created from test",
"account_number": "test_account_718912",
"servers": []
},
"ip_protocol": "tcp",
"links": [
{
"href": "http://{api_server}/os-security-group-rules/215/",
"rel": "self"
}
],
"to_port": 80,
"parent_group_id": "group2012May11_NpCpS3995",
"ip_range": {
"cidr": "127.0.0.1/32"
},
"id": 215
}
}
Failure while trying to create a new firewall group rule with invalid data
- POST http(s)://{api_server}/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
Empty
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{
"badRequest" : {
"message": "Invalid",
"code": 400,
"details": ""
}
}
Failure while trying to create a new rule with invalid from and to ports
- POST http(s)://{api_server}/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"security_group_rule" : {
"from_port": 81,
"to_port": 80,
"ip_protocol": "tcp",
"cidr": "127.0.0.1/24",
"parent_group_id": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{
"badRequest" : {
"message": "FirewallRuleError",
"code": 400,
"details": "Invalid ports"
}
}
Failure while trying to create a new rule rule with an invalid protocol
- POST http(s)://{api_server}/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"security_group_rule" : {
"from_port": 80,
"to_port": 80,
"ip_protocol": "proto",
"cidr": "127.0.0.1/24",
"parent_group_id": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{
"badRequest" : {
"message": "Invalid",
"code": 400,
"details": ""
}
}
Failure while trying to create a new firewall rule with an invalid IP address
- POST http(s)://{api_server}/os-security-group-rules
Request Headers:
Content-Type:application/json Charset=UTF-8 Authorization:Base64-encoded username & password string
Request Body:
{
"security_group_rule" : {
"from_port": 80,
"to_port": 80,
"ip_protocol": "tcp",
"cidr": "ip_address",
"parent_group_id": "group2012May11_NpCpS3995"
}
}
Response Code:
HTTP/1.1 400 Bad Request
Response Body:
{
"badRequest" : {
"message": "FirewallRuleError",
"code": 400,
"details": "Source IP address is invalid"
}
}
Failure while trying to make unauthorized access
- POST http(s)://{api_server}/os-security-groups
Request Headers:
Content-Type:application/json
Charset=UTF-8
Authorization:Base64-encoded fake_authentication_string
Response Code:
HTTP/1.1 401 Unauthorized
Response Body:
401 Unauthorized
This server could not verify that you are authorized to
access the document you requested. Either you supplied the
wrong credentials (e.g., bad password), or your browser
does not understand how to supply the credentials required.
