You can call the CreateSecurityGroup action to create a security group. Only instances within the security group are granted access permissions by default. If you want to allow requests from the Internet or requests from instances in other security groups, you can call AuthorizeSecurityGroup to grant access permissions to these instances or groups.

Description

When you call this operation, note that:

  • You can create up to 100 security groups in a region.
  • VpcId must be specified when you create a VPC-type security group.

Debugging

Alibaba Cloud provides OpenAPI Explorer to simplify API usage. You can use OpenAPI Explorer to search for APIs, call APIs, and dynamically generate SDK example code.

Request parameters

Parameter Type Required Example Description
RegionId String Yes cn-hangzhou-b

The region ID of the security group. You can call the DescribeRegions operation to query the latest region list.

Action String No CreateSecurityGroup

The operation that you want to perform. Set this value to CreateSecurityGroup.

ClientToken String No 123e4567-e89b-12d3-a456-426655440000

The client token that is used to ensure the idempotence of the request. You can use the client to generate this value, but you must ensure that it is unique among different requests.ClientToken can contain only ASCII characters, and cannot exceed 64 characters in length. For more information, see How to ensure idempotence.

Description String No FinanceDept

The description of the security group. It must be 2 to 256 characters in length and cannot start with http:// or https://. Default value: null

ResourceGroupId String No rg-resourcegrouid

The ID of the resource group to which the security group belongs.

SecurityGroupName String No FinanceJoshua

The name of the security group. It must be 2 to 128 characters in length. It must start with a letter but cannot start with http:// or https://. It can contain letters, digits, colons (:), underscores (_), and hyphens (-). Default value: null

SecurityGroupType String No enterprise

The type of the security group. Valid values:

Tag.N.Key String No FinanceDept

The tag key of the security group. Valid values of N: 1 to 20. The tag key cannot be an empty string. It can be up to 64 characters in length and cannot start with aliyun or acs:. It cannot contain http:// or https://.

Tag.N.Value String No FinanceDeptJoshua

The tag value of the security group. Valid values of N: 1 to 20. The tag value can be an empty string. It can be up to 128 characters in length and cannot start with aliyun or acs:. It cannot contain http:// or https://.

Tag.N.key String No FinanceDept

The tag key of the security group.

Note This parameter will be removed in the future. We recommend that you use Tag.N.Key to ensure future compatibility.
Tag.N.value String No FinanceDeptJoshua

The tag value of the security group.

Note This parameter will be removed in the future. We recommend that you use Tag.N.Value to ensure future compatibility.
VpcId String No vpc-vpcid1

The ID of the VPC to which the security group belongs.

Response parameters

Parameter Type Example Description
RequestId String 473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E

The ID of the request.

SecurityGroupId String sg-F876FF7BA

The ID of the security group.

Examples

Sample requests

https://ecs.aliyuncs.com/?Action=CreateSecurityGroup
&RegionId=cn-hangzhou
&Description=for_demo
&<Common request parameters>

Sample success responses

XML format

<CreateSecurityGroupResponse>
  <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
  <SecurityGroupId>sg-securitygroupid</SecurityGroupId>
</CreateSecurityGroupResponse>

JSON format

{
	"SecurityGroupId":"sg-securitygroupid",
	"RequestId":"CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

HTTP status code Error code Error message Description
400 InvalidDescription.Malformed The specified parameter "Description" is not valid. The error message returned because the specified description is invalid. It must be 2 to 256 characters in length and cannot start with http:// or https://.
403 QuotaExceed.SecurityGroup The maximum number of security groups is reached. The error message returned because the maximum number of security groups is reached. Submit a ticket to apply for a whitelist.
404 InvalidVpcId.NotFound Specified VPC does not exist. The error message returned because the specified VPC ID does not exist.
400 InvalidSecurityGroupName.Malformed Specified security group name is not valid. The error message returned because the specified security group name is invalid. The name is displayed in the console. By default, no name is specified for a security group. The name must be 2 to 128 characters in length. It must start with a letter and can contain letters, digits, colons (:), underscores (_), and hyphens (-). It cannot start with http:// or https://.
400 InvalidSecurityGroupDiscription.Malformed Specified security group description is not valid. The error message returned because the specified description is invalid.
500 InternalError The request processing has failed due to some unknown error. The error message returned because an internal error has occurred. Try again later. If the problem persists, submit a ticket.
403 InvalidVpcId.NotFound vpc id must not empty when only support vpc vm. The error message returned because the specified VPC ID is empty.
400 IncorrectVpcStatus Current VPC status does not support this operation. The error message returned because the operation is not supported while the VPC is in the current state.
400 InvalidTagKey.Malformed Specified key is not valid. The error message returned because the specified tag key is invalid.
400 InvalidTagValue.Malformed Specified end time is not valid. The error message returned because the specified tag value is invalid.
404 InvalidResourceGroup.NotFound The ResourceGroup provided does not exist in our records. The error message returned because the resource group does not exist in the records.
400 Duplicate.TagKey The Tag.N.Key contain duplicate key. The error message returned because the specified tag key is repeated.
400 InvalidTagKey.Malformed The specified Tag.N.Key is not valid. The error message returned because the specified Tag.N.Value is invalid.
400 InvalidTagValue.Malformed The specified Tag.N.Value is not valid. The error message returned because the specified Tag.N.Value is invalid.
403 IdempotentProcessing The previous idempotent request(s) is still processing. The error message returned because the previous idempotence request is being processed.

View error codes