CreateSecurityGroup

Last Updated: Mar 28, 2018

Description

Creates a security group. For a new security group, only the access permission for instances within the security group is allowed by default, and access permission to other instances outside the group is restricted. If you want to accept requests from the Internet or requests of instances from other security groups, you can call AuthorizeSecurityGroup to allow the requests.

When you call this interface, consider the following:

  • You can create 100 security groups at most.

  • VpcId must be specified if you are creating a VPC-Connected security group.

Request parameters

Name Type Required Description
Action String Yes The name of this interface. Value: CreateSecurityGroup.
RegionId String Yes The region ID to which the security group belongs. For more information, see Regions and zones, or call DescribeRegions to obtain the latest region list.
SecurityGroupName String No The security group name.
  • It can be [2,128] characters in length.
  • Must begin with an uppercase or lowercase English letter, or a Chinese character.
  • Can contain digits, periods (.), underscores (_), and hyphens (-).
  • Cannot begin with http:// or https://.
Default value: null.
Description String No The description of the security group.
  • It can be [2,256] characters in length.
  • Cannot begin with http:// or https://.
Default value: null.
VpcId String No The VPC ID to which the security group belongs.
ClientToken String No To guarantee the idempotence of the request. The value is generated by a client. It must be unique among all requests and contains a maximum of 64 ASCII characters.
For more information, see How to ensure idempotence.

Response parameters

Name Type Description
SecurityGroupId String The ID of the security group.

Examples

Request example

  1. https://ecs.aliyuncs.com/?Action=CreateSecurityGroup
  2. &RegionId=cn-hangzhou
  3. &Description=for_demo
  4. &<Common Request Parameters>

Response example

XML format

  1. <CreateSecurityGroupResponse>
  2. <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
  3. <SecurityGroupId>sg-F876FF7BA</SecurityGroupId>
  4. </CreateSecurityGroupResponse>

JSON format

  1. {
  2. "RequestId":"CEF72CEB-54B6-4AE8-B225-F876FF7BA984",
  3. "SecurityGroupId":"sg-F876FF7BA"
  4. }

Error codes

Error code Error message HTTP status code Meaning
IncorrectVpcStatus Current VPC status does not support this operation. 400 The specified VPC is either being created, edited, or deleted. Please try again later.
InvalidDescription.Malformed The specified parameter “Description” is not valid. 400 The format of the specified Description is incorrect.
InvalidSecurityGroupDiscription.Malformed Specified security group description is not valid. 400 The specified Description is invalid.
InvalidSecurityGroupName.Malformed Specified security group name is not valid. 400 The format of the specified SecurityGroupName is incorrect.
InvalidVpcId.NotFound vpc id must not empty when only support vpc vm. 403 The VpcId must be specified if you are creating a VPC-Connected security group.
QuotaExceed.SecurityGroup The maximum number of security groups is reached. 403 You can create 100 security groups at most.
InvalidRegionId.NotFound The specified RegionId does not exist. 404 The specified RegionId does not exist.
InvalidVpcId.NotFound Specified VPC does not exist. 404 The specified VPC does not exist.
Thank you! We've received your feedback.