CreateSecurityGroup - API Reference| Alibaba Cloud Documentation Center

You can call this operation to create a security group. For a new security group, only ECS instances in the security group can access each other by default. Access requests to the security group from outside are denied. If you want to accept requests from the Internet or requests from instances of other security groups, you can call the AuthorizeSecurityGroup operation to allow the requests.

Description

When you call this operation, take note of the following items:

You can create a maximum of 100 security groups within a single Alibaba Cloud region.
If you are creating a security group of the VPC type, you must specify the VpcId parameter.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	CreateSecurityGroup	The operation that you want to perform. Set the value to CreateSecurityGroup.
RegionId	String	Yes	cn-hangzhou	The region ID of the security group. You can call the DescribeRegions operation to query the most recent region list.
VpcId	String	No	vpc-bp1opxu1zkhn00gzv****	The ID of the VPC in which to create the security group.
Description	String	No	testDescription	The description of the security group. The description must be 2 to 256 characters in length and cannot start with http:// or https://. This parameter is empty by default.
ClientToken	String	No	123e4567-e89b-12d3-a456-426655440000	The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must ensure that it is unique among different requests. The ClientToken value must contain only ASCII characters and cannot exceed 64 characters in length. For more information, see How to ensure idempotence.
SecurityGroupName	String	No	testSecurityGroupName	The name of the security group. The name must be 2 to 128 characters in length. It must start with a letter and cannot start with http:// or https://. It can contain letters, digits, colons (:), underscores (_), and hyphens (-). This parameter is empty by default.
SecurityGroupType	String	No	enterprise	The type of the security group. Valid values: normal: basic security group. enterprise: advanced security group. For more information, see Advanced security groups.
Tag.N.value	String	No	null	The value of tag N of the security group. Note We recommend that you use the Tag.N.Value parameter to ensure compatibility.
Tag.N.key	String	No	null	The key of tag N of the security group. Note We recommend that you use the Tag.N.Key parameter to ensure compatibility.
Tag.N.Key	String	No	TestKey	The key of tag N of the security group. Valid values of N: 1 to 20. It cannot be an empty string. The tag key can be up to 128 characters in length. It cannot start with aliyun or acs:, or contain http:// or https://.
Tag.N.Value	String	No	TestValue	The value of tag N of the security group. Valid values of N: 1 to 20. It can be an empty string. The tag value can be up to 128 characters in length and cannot contain http:// or https://. It cannot start with acs:.
ResourceGroupId	String	No	rg-bp67acfmxazb4p****	The ID of the resource group to which the security group belongs.

Response parameters


Parameter	Type	Example	Description
RequestId	String	473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E	The ID of the request.
SecurityGroupId	String	sg-bp1fg655nh68xyz9****	The ID of the security group.

Examples

Sample requests

https://ecs.aliyuncs.com/?Action=CreateSecurityGroup
&RegionId=cn-hangzhou
&Description=testDescription
&VpcId=vpc-bp1opxu1zkhn00gzv****
&<Common request parameters>

Sample success responses

XML format

<CreateSecurityGroupResponse>
      <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
      <SecurityGroupId>sg-bp1fg655nh68xyz9****</SecurityGroupId>
</CreateSecurityGroupResponse>

JSON format

{
    "RequestId": "CEF72CEB-54B6-4AE8-B225-F876FF7BA984",
    "SecurityGroupId": "sg-bp1fg655nh68xyz9****"
}

Error codes


HTTP status code	Error code	Error message	Description
400	InvalidDescription.Malformed	The specified parameter "Description" is not valid.	The error message returned because the specified Description parameter is invalid. The description must be 2 to 256 characters in length and cannot start with http:// or https://.
403	QuotaExceed.SecurityGroup	The maximum number of security groups is reached.	The error message returned because the maximum number of security groups has been reached. Submit a ticket to request a quota increase.
404	InvalidVpcId.NotFound	Specified VPC does not exist.	The error message returned because the specified VpcId parameter does not exist.
400	InvalidSecurityGroupName.Malformed	Specified security group name is not valid.	The error message returned because the specified SecurityGroupName parameter is invalid. By default, the SecurityGroupName parameter is empty. If this parameter is specified, the specified name is displayed on the console. The name must be 2 to 128 characters in length. It must start with a letter and can contain letters, digits, colons (:), underscores (_), and hyphens (-). It cannot start with http:// or https://.
400	InvalidSecurityGroupDiscription.Malformed	Specified security group description is not valid.	The error message returned because the specified Description parameter is invalid.
500	InternalError	The request processing has failed due to some unknown error.	The error message returned because an internal error has occurred. Try again later. If the problem persists, submit a ticket.
403	InvalidVpcId.NotFound	vpc id must not empty when only support vpc vm.	The error message returned because the VpcId parameter is not specified.
400	IncorrectVpcStatus	Current VPC status does not support this operation.	The error message returned because the operation is not supported while the VPC is in the current state.
400	InvalidTagKey.Malformed	Specified tag key is not valid.	The error message returned because the specified tag key is invalid.
400	InvalidTagValue.Malformed	Specified tag value is not valid.	The error message returned because the specified tag value is invalid.
404	InvalidResourceGroup.NotFound	The ResourceGroup provided does not exist in our records.	The error message returned because the specified ResourceGroupId parameter does not exist.
400	Duplicate.TagKey	The Tag.N.Key contain duplicate key.	The error message returned because the specified tag key already exists. Tag keys must be unique.
400	InvalidTagKey.Malformed	The specified Tag.n.Key is not valid.	The error message returned because the specified Tag.N.Key parameter is invalid.
400	InvalidTagValue.Malformed	The specified Tag.n.Value is not valid.	The error message returned because the specified Tag.N.Value parameter is invalid.
403	IdempotentProcessing	The previous idempotent request(s) is still processing.	The error message returned because the previous idempotent request is being processed. Try again later.
403	QuotaExceed.Tags	%s	The error message returned because the maximum number of tags has been reached.
500	InternalError	The request processing has failed due to some unknown error, exception or failure.	The error message returned because an internal error has occurred. Try again later. If the problem persists, submit a ticket.

For a list of error codes, visit the API Error Center.