Queries the details of a specified security group, including the list of security group rules.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
ecs:DescribeSecurityGroupAttribute |
get |
*SecurityGroup
|
|
None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| SecurityGroupId |
string |
Yes |
The security group ID. |
sg-bp1gxw6bznjjvhu3**** |
| RegionId |
string |
Yes |
The region ID of the security group. You can call DescribeRegions to query the most recent region list. |
cn-hangzhou |
| NicType |
string |
No |
The network type of the security group rule.
|
intranet |
| Direction |
string |
No |
The direction of the security group rule. Valid values:
Default value: all. |
all |
| NextToken |
string |
No |
The pagination token. Set this parameter to the NextToken value returned in the previous call. You do not need to set this parameter for the first request. |
AAAAAdDWBF2**** |
| MaxResults |
integer |
No |
The maximum number of entries per page for a paged query.
Default value: 500. |
500 |
| Attribute |
string |
No |
The security group attribute. Valid values:
|
snapshotPolicyIds |
Response elements
|
Element |
Type |
Description |
Example |
|
object |
|||
| VpcId |
string |
The VPC ID. If a VPC ID is returned, the network type of the security group is VPC. Otherwise, the security group belongs to the classic network. Note
The classic network feature has been offline. For details, see Retirement announcement. |
vpc-bp1opxu1zkhn00gzv**** |
| RequestId |
string |
The request ID. |
473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E |
| InnerAccessPolicy |
string |
The internal network connectivity policy of the security group. Valid values:
|
Accept |
| Description |
string |
The description of the security group. |
This is description. |
| SecurityGroupId |
string |
The security group ID. |
sg-bp1gxw6bznjjvhu3**** |
| SecurityGroupName |
string |
The name of the security group. |
SecurityGroupName Sample |
| RegionId |
string |
The region ID. |
cn-hangzhou |
| Permissions |
object |
||
| Permission |
array<object> |
The collection of security group rules. |
|
|
object |
|||
| SecurityGroupRuleId |
string |
The ID of the security group rule. |
sgr-bp12kewq32dfwrdi**** |
| Direction |
string |
The direction in which the security group rule is applied. |
ingress |
| SourceGroupId |
string |
The source security group for inbound access control. |
sg-bp12kc4rqohaf2js**** |
| DestGroupOwnerAccount |
string |
The ID of the Alibaba Cloud account to which the destination security group belongs. |
1234567890 |
| DestPrefixListId |
string |
The ID of the destination prefix list for outbound access control. |
pl-x1j1k5ykzqlixabc**** |
| DestPrefixListName |
string |
The name of the destination prefix list. |
DestPrefixListName Sample |
| SourceCidrIp |
string |
The source CIDR block for inbound access control. |
0.0.0.0/0 |
| Ipv6DestCidrIp |
string |
The destination IPv6 CIDR block. |
2001:db8:1233:1a00::*** |
| CreateTime |
string |
The time when the security group rule was created. The time is displayed in UTC. |
2018-12-12T07:28:38Z |
| Ipv6SourceCidrIp |
string |
The source IPv6 CIDR block. |
2001:db8:1234:1a00::*** |
| DestGroupId |
string |
The ID of the destination security group for outbound access control. |
sg-bp1czdx84jd88i7v**** |
| DestCidrIp |
string |
The destination CIDR block for outbound access control. |
0.0.0.0/0 |
| IpProtocol |
string |
The transport layer protocol. |
TCP |
| Priority |
string |
The priority of the rule. |
1 |
| DestGroupName |
string |
The name of the destination security group. |
testDestGroupName |
| NicType |
string |
The network type. |
intranet |
| Policy |
string |
The access control policy. |
Accept |
| Description |
string |
The description of the security group. |
Description Sample 01 |
| PortRange |
string |
The port range. |
80/80 |
| SourcePrefixListName |
string |
The name of the source prefix list. |
SourcePrefixListName Sample |
| SourcePrefixListId |
string |
The ID of the source prefix list for inbound access control. |
pl-x1j1k5ykzqlixdcy**** |
| SourceGroupOwnerAccount |
string |
The ID of the Alibaba Cloud account to which the source security group belongs. |
1234567890 |
| SourceGroupName |
string |
The name of the source security group. |
testSourceGroupName1 |
| SourcePortRange |
string |
The source port range. |
80/80 |
| PortRangeListId |
string |
The ID of the port list. |
prl-2ze9743**** |
| PortRangeListName |
string |
The name of the port list. |
PortRangeListNameSample |
| NextToken |
string |
The paging token returned in this call. When you use |
AAAAAdDWBF2**** |
| SnapshotPolicyIds |
object |
||
| SnapshotPolicyId |
array |
The list of snapshot policy IDs associated with the security group. |
|
|
string |
The snapshot policy ID associated with the security group. |
sgsp-mj74**** |
Examples
Success response
JSON format
{
"VpcId": "vpc-bp1opxu1zkhn00gzv****",
"RequestId": "473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E",
"InnerAccessPolicy": "Accept",
"Description": "This is description.",
"SecurityGroupId": "sg-bp1gxw6bznjjvhu3****",
"SecurityGroupName": "SecurityGroupName Sample",
"RegionId": "cn-hangzhou",
"Permissions": {
"Permission": [
{
"SecurityGroupRuleId": "sgr-bp12kewq32dfwrdi****",
"Direction": "ingress",
"SourceGroupId": "sg-bp12kc4rqohaf2js****",
"DestGroupOwnerAccount": "1234567890",
"DestPrefixListId": "pl-x1j1k5ykzqlixabc****",
"DestPrefixListName": "DestPrefixListName Sample",
"SourceCidrIp": "0.0.0.0/0",
"Ipv6DestCidrIp": "2001:db8:1233:1a00::***",
"CreateTime": "2018-12-12T07:28:38Z",
"Ipv6SourceCidrIp": "2001:db8:1234:1a00::***",
"DestGroupId": "sg-bp1czdx84jd88i7v****",
"DestCidrIp": "0.0.0.0/0",
"IpProtocol": "TCP",
"Priority": "1",
"DestGroupName": "testDestGroupName",
"NicType": "intranet",
"Policy": "Accept",
"Description": "Description Sample 01",
"PortRange": "80/80",
"SourcePrefixListName": "SourcePrefixListName Sample",
"SourcePrefixListId": "pl-x1j1k5ykzqlixdcy****",
"SourceGroupOwnerAccount": "1234567890",
"SourceGroupName": "testSourceGroupName1",
"SourcePortRange": "80/80",
"PortRangeListId": "prl-2ze9743****",
"PortRangeListName": "PortRangeListNameSample"
}
]
},
"NextToken": "AAAAAdDWBF2****",
"SnapshotPolicyIds": {
"SnapshotPolicyId": [
"sgsp-mj74****"
]
}
}
Error codes
|
HTTP status code |
Error code |
Error message |
Description |
|---|---|---|---|
| 400 | InvalidNicType.ValueNotSupported | The specified NicType does not exist. | The specified NicType parameter does not exist. |
| 400 | InvalidParamter | Invalid Parameter. | The specified parameter is invalid. |
| 400 | InvalidSecurityGroupId.Malformed | The specified parameter "SecurityGroupId" is not valid. | The specified parameter SecurityGroupId is illegal. |
| 400 | MissingParameter.RegionId | The parameter RegionId is missing. | |
| 400 | InvalidParameter.AttributeNotSupported | The specified value for parameter Attribute is not supported. Valid values: snapshotPolicyIds. | The specified value for the parameter Attribute is not supported. Valid values are: snapshotPolicyIds. |
| 500 | InternalError | The request processing has failed due to some unknown error. | |
| 500 | ServiceUnavailable | The service is unavailable, please try again later. | |
| 404 | InvalidRegionId.NotFound | The specified RegionId does not exist. | The specified region ID does not exist. |
| 404 | InvalidSecurityGroupId.NotFound | The specified SecurityGroupId does not exist. | The specified security group does not exist in this account. Check whether the security group ID is correct. |
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.