CreateSecurityGroup - API Reference| Alibaba Cloud Documentation Center

Description

Creates a security group. For a new security group, only the access permission for instances within the security group is allowed by default, and access permission to other instances outside the group is restricted. If you want to accept requests from the Internet or requests of instances from other security groups, you can call AuthorizeSecurityGroup to allow the requests.

When you call this interface, consider the following:

You can create 100 security groups at most.
VpcId must be specified if you are creating a VPC-Connected security group.

Request parameters

Name	Type	Required	Description
Action	String	Yes	The name of this interface. Value: CreateSecurityGroup.
RegionId	String	Yes	The region ID to which the security group belongs. For more information, see Regions and zones, or call DescribeRegions to obtain the latest region list.
SecurityGroupName	String	No	The security group name. It can be [2,128] characters in length. Must begin with an uppercase or lowercase English letter, or a Chinese character. Can contain digits, periods (.), underscores (_), and hyphens (-). Cannot begin with http:// or https://. Default value: null.
Description	String	No	The description of the security group. It can be [2,256] characters in length. Cannot begin with http:// or https://. Default value: null.
VpcId	String	No	The VPC ID to which the security group belongs.
ClientToken	String	No	To guarantee the idempotence of the request. The value is generated by a client. It must be unique among all requests and contains a maximum of 64 ASCII characters. For more information, see How to ensure idempotence.

Response parameters

Name	Type	Description
SecurityGroupId	String	The ID of the security group.

Examples

Request example

https://ecs.aliyuncs.com/?Action=CreateSecurityGroup
&RegionId=cn-hangzhou
&Description=for_demo
&<Common Request Parameters>

Response example

XML format

<CreateSecurityGroupResponse>
    <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
    <SecurityGroupId>sg-F876FF7BA</SecurityGroupId>
</CreateSecurityGroupResponse>

JSON format

{
    "RequestId":"CEF72CEB-54B6-4AE8-B225-F876FF7BA984",
    "SecurityGroupId":"sg-F876FF7BA"
}

Error codes

Error code	Error message	HTTP status code	Meaning
IncorrectVpcStatus	Current VPC status does not support this operation.	400	The specified VPC is either being created, edited, or deleted. Please try again later.
InvalidDescription.Malformed	The specified parameter “Description” is not valid.	400	The format of the specified `Description` is incorrect.
InvalidSecurityGroupDiscription.Malformed	Specified security group description is not valid.	400	The specified `Description` is invalid.
InvalidSecurityGroupName.Malformed	Specified security group name is not valid.	400	The format of the specified `SecurityGroupName` is incorrect.
InvalidVpcId.NotFound	vpc id must not empty when only support vpc vm.	403	The `VpcId` must be specified if you are creating a VPC-Connected security group.
QuotaExceed.SecurityGroup	The maximum number of security groups is reached.	403	You can create 100 security groups at most.
InvalidRegionId.NotFound	The specified RegionId does not exist.	404	The specified `RegionId` does not exist.
InvalidVpcId.NotFound	Specified VPC does not exist.	404	The specified VPC does not exist.