You can call this operation to create a security group. For a new security group, only ECS instances in the security group can access each other by default. Access requests to the security group from outside are denied. If you want to accept requests from the Internet or requests from instances of other security groups, you can call the AuthorizeSecurityGroup operation to allow the requests.
Description
When you call this operation, take note of the following items:
- You can create a maximum of 100 security groups within a single Alibaba Cloud region.
- If you are creating a security group of the VPC type, you must specify the VpcId parameter.
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
Action | String | Yes | CreateSecurityGroup |
The operation that you want to perform. Set the value to CreateSecurityGroup. |
RegionId | String | Yes | cn-hangzhou |
The region ID of the security group. You can call the DescribeRegions operation to query the most recent region list. |
VpcId | String | No | vpc-bp1opxu1zkhn00gzv**** |
The ID of the VPC in which to create the security group. |
Description | String | No | testDescription |
The description of the security group. The description must be 2 to 256 characters in length and cannot start with http:// or https://. This parameter is empty by default. |
ClientToken | String | No | 123e4567-e89b-12d3-a456-426655440000 |
The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must ensure that it is unique among different requests. The ClientToken value must contain only ASCII characters and cannot exceed 64 characters in length. For more information, see How to ensure idempotence. |
SecurityGroupName | String | No | testSecurityGroupName |
The name of the security group. The name must be 2 to 128 characters in length. It must start with a letter and cannot start with http:// or https://. It can contain letters, digits, colons (:), underscores (_), and hyphens (-). This parameter is empty by default. |
SecurityGroupType | String | No | enterprise |
The type of the security group. Valid values:
|
Tag.N.value | String | No | null |
The value of tag N of the security group. Note We recommend that you use the Tag.N.Value parameter to ensure compatibility.
|
Tag.N.key | String | No | null |
The key of tag N of the security group. Note We recommend that you use the Tag.N.Key parameter to ensure compatibility.
|
Tag.N.Key | String | No | TestKey |
The key of tag N of the security group. Valid values of N: 1 to 20. It cannot be an empty string. The tag key can be up to 128 characters in length. It cannot start with aliyun or acs:, or contain http:// or https://. |
Tag.N.Value | String | No | TestValue |
The value of tag N of the security group. Valid values of N: 1 to 20. It can be an empty string. The tag value can be up to 128 characters in length and cannot contain http:// or https://. It cannot start with acs:. |
ResourceGroupId | String | No | rg-bp67acfmxazb4p**** |
The ID of the resource group to which the security group belongs. |
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
RequestId | String | 473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E |
The ID of the request. |
SecurityGroupId | String | sg-bp1fg655nh68xyz9**** |
The ID of the security group. |
Examples
Sample requests
https://ecs.aliyuncs.com/?Action=CreateSecurityGroup
&RegionId=cn-hangzhou
&Description=testDescription
&VpcId=vpc-bp1opxu1zkhn00gzv****
&<Common request parameters>
Sample success responses
XML
format
<CreateSecurityGroupResponse>
<RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
<SecurityGroupId>sg-bp1fg655nh68xyz9****</SecurityGroupId>
</CreateSecurityGroupResponse>
JSON
format
{
"RequestId": "CEF72CEB-54B6-4AE8-B225-F876FF7BA984",
"SecurityGroupId": "sg-bp1fg655nh68xyz9****"
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
400 | InvalidDescription.Malformed | The specified parameter "Description" is not valid. | The error message returned because the specified Description parameter is invalid. The description must be 2 to 256 characters in length and cannot start with http:// or https://. |
403 | QuotaExceed.SecurityGroup | The maximum number of security groups is reached. | The error message returned because the maximum number of security groups has been reached. Submit a ticket to request a quota increase. |
404 | InvalidVpcId.NotFound | Specified VPC does not exist. | The error message returned because the specified VpcId parameter does not exist. |
400 | InvalidSecurityGroupName.Malformed | Specified security group name is not valid. | The error message returned because the specified SecurityGroupName parameter is invalid. By default, the SecurityGroupName parameter is empty. If this parameter is specified, the specified name is displayed on the console. The name must be 2 to 128 characters in length. It must start with a letter and can contain letters, digits, colons (:), underscores (_), and hyphens (-). It cannot start with http:// or https://. |
400 | InvalidSecurityGroupDiscription.Malformed | Specified security group description is not valid. | The error message returned because the specified Description parameter is invalid. |
500 | InternalError | The request processing has failed due to some unknown error. | The error message returned because an internal error has occurred. Try again later. If the problem persists, submit a ticket. |
403 | InvalidVpcId.NotFound | vpc id must not empty when only support vpc vm. | The error message returned because the VpcId parameter is not specified. |
400 | IncorrectVpcStatus | Current VPC status does not support this operation. | The error message returned because the operation is not supported while the VPC is in the current state. |
400 | InvalidTagKey.Malformed | Specified tag key is not valid. | The error message returned because the specified tag key is invalid. |
400 | InvalidTagValue.Malformed | Specified tag value is not valid. | The error message returned because the specified tag value is invalid. |
404 | InvalidResourceGroup.NotFound | The ResourceGroup provided does not exist in our records. | The error message returned because the specified ResourceGroupId parameter does not exist. |
400 | Duplicate.TagKey | The Tag.N.Key contain duplicate key. | The error message returned because the specified tag key already exists. Tag keys must be unique. |
400 | InvalidTagKey.Malformed | The specified Tag.n.Key is not valid. | The error message returned because the specified Tag.N.Key parameter is invalid. |
400 | InvalidTagValue.Malformed | The specified Tag.n.Value is not valid. | The error message returned because the specified Tag.N.Value parameter is invalid. |
403 | IdempotentProcessing | The previous idempotent request(s) is still processing. | The error message returned because the previous idempotent request is being processed. Try again later. |
403 | QuotaExceed.Tags | %s | The error message returned because the maximum number of tags has been reached. |
500 | InternalError | The request processing has failed due to some unknown error, exception or failure. | The error message returned because an internal error has occurred. Try again later. If the problem persists, submit a ticket. |
For a list of error codes, visit the API Error Center.