Creates a security group. By default, newly created security groups are only allowed permission to other instances within the security group. Access permission to other instances outside the group is restricted. If you want to accept requests from the Internet or requests from instances of other security groups, you can call AuthorizeSecurityGroup to allow the requests.

Description

When you call this operation, note that:

  • You can create a maximum of 100 security groups within a single Alibaba Cloud region.
  • If you are creating a security group of the VPC type, you must specify the VpcId parameter.

Debugging

You can use API Explorer to perform debugging. API Explorer allows you to perform various operations to simplify API usage. For example, you can retrieve APIs, call APIs, and dynamically generate SDK example code.

Request parameters

Name Type Required Example Description
RegionId String Yes cn-hangzhou

The ID of the region to which the security group belongs. You can call DescribeRegions to view the latest regions of Alibaba Cloud.

Action String No CreateSecurityGroup

The operation that you want to perform. Set the value to CreateSecurityGroup.

ClientToken String No 123e4567-e89b-12d3-a456-426655440000

A client token. It is used to ensure the idempotency of requests. The value of this parameter is generated by the client and is unique among different requests. The ClientToken parameter must be no more than 64 ASCII characters in length. For more information, see How to ensure idempotency.

Description String No FinanceDept

The description of the security group. The description must be 2 to 256 characters in length and cannot start with http:// or https://. Default value: null.

ResourceGroupId String No rg-resourcegrouid

The ID of the resource group to which the security group belongs.

SecurityGroupName String No FinanceJoshua

The name of the security group. The name must be 2 to 128 characters in length. It must start with a letter and cannot start with http:// or https://. It can contain letters, digits, colons (:), underscores (_), and hyphens (-). Default value: null.

Tag.N.Key String No FinanceDept

The tag key of the security group. Valid values of N: 1 to 20. It cannot be a null string. It can be a maximum of 64 characters in length. It cannot start with aliyun or acs:. It cannot contain http:// or https://.

Tag.N.Value String No FinanceDeptJoshua

The tag value of the security group. Valid values of N: 1 to 20. It can be a null string. It can be a maximum of 128 characters in length. It cannot start with aliyun or acs:. It cannot contain http:// or https://.

Tag.N.key String No FinanceDept

The tag key of the security group.

Note This parameter will be removed in the future. We recommend that you use the Tag.N.Key parameter to ensure compatibility.
Tag.N.value String No FinanceDeptJoshua

The tag value of the security group.

Note This parameter will be removed in the future. We recommend that you use the Tag.N.Key parameter to ensure compatibility.
VpcId String No v-vpcid1

The ID of the VPC to which the security group belongs.

Response parameters

Name Type Example Description
RequestId String 473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E

The ID of the request.

SecurityGroupId String sg-F876FF7BA

The ID of the security group.

Examples

Sample requests

https://ecs.aliyuncs.com/?Action=CreateSecurityGroup
&RegionId=cn-hangzhou
&Description=for_demo
&<Common request parameters>

Successful response examples

XML format

<CreateSecurityGroupResponse>
  <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
  <SecurityGroupId>sg-F876FF7BA</SecurityGroupId>
</CreateSecurityGroupResponse>

JSON format

{
	"SecurityGroupId": "sg-F876FF7BA",
	"RequestId":" CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

HTTP status code Error code Error message Description
404 InvalidVpcId.NotFound Specified VPC does not exist. The error message returned when the specified VPC does not belong to the specified region.
403 InvalidVpcId.NotFound vpc id must not empty when only support vpc vm. The error message returned when the VPC ID is not specified.
400 InvalidTagKey.Malformed Specified tag key is not valid. The error message returned when the specified tag key is invalid.
400 InvalidTagValue.Malformed Specified tag value is not valid. The error message returned when the specified tag value is invalid.

View error codes