DescribeSecurityGroupAttribute - ENS - Alibaba Cloud Documentation Center

Queries the rules of a security group.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
SecurityGroupId	string	Yes	The ID of the security group.	sg-bp67acfmxazb4ph***

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The request ID.	473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E
Description	string	The description of the security group.	testDescription1
SecurityGroupId	string	The ID of the destination security group.	sg-bp1gxw6bznjjvhu3****
SecurityGroupName	string	The name of the destination security group.	testSecurityGroupName2
Permissions	array<object>	Details about the rules.
Permission	object	Schema of Response
CreationTime	string	The time at which the security group rule was created. The time is displayed in UTC.	2018-12-12T07:28:38Z
Direction	string	The direction in which the security group rule is applied.	ingress
Policy	string	The policy.	Accept
PortRange	string	The source port range.	80/80
SourceCidrIp	string	The range of source IP addresses for inbound access control.	0.0.0.0/0
IpProtocol	string	The transport layer protocol.	TCP
DestCidrIp	string	The range of destination IP addresses for outbound access control.	0.0.0.0/0
Priority	integer	The priority of the rule.	1
SourcePortRange	string	The source port number range for the security group.	22/22
Description	string	The description.	testDescription1

Examples

Sample success responses

JSONformat

{
  "RequestId": "473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E",
  "Description": "testDescription1",
  "SecurityGroupId": "sg-bp1gxw6bznjjvhu3****",
  "SecurityGroupName": "testSecurityGroupName2",
  "Permissions": {
    "Permission": [
      {
        "CreationTime": "2018-12-12T07:28:38Z",
        "Direction": "ingress",
        "Policy": "Accept",
        "PortRange": "80/80",
        "SourceCidrIp": "0.0.0.0/0",
        "IpProtocol": "TCP",
        "DestCidrIp": "0.0.0.0/0",
        "Priority": 1,
        "SourcePortRange": "22/22",
        "Description": "testDescription1"
      }
    ]
  }
}

Error codes

HTTP status code	Error code	Error message	Description
400	MissingParameter	The input parameter that is mandatory for processing this request is not supplied.	-
400	NoPermission	Permission denied.	-
400	InvalidParameter.%s	The specified field %s invalid. Please check it again.	-
400	InvalidParameter	The errorMessage is %s. Please check it again.	-
400	InvalidSecurityGroupId.NotFound	The specified SecurityGroupId does not exist.	The specified security group ID does not exist.
400	SecurityGroupRuleConflict.Duplicated	The SecurityGroup rule already exists.	duplicate security group rules.
400	AuthorizationLimitExceed	The limit of authorization records in the security group reaches.	The number of security group rules exceeds the limit.
400	SecurityGroupRule.NotFound	The input security group rule does not exist.	-
400	IncorrectInstanceStatus	The current status of the resource does not support this operation.	The current operation is not supported. The disk is being reset.
400	InvalidInstanceId.NotFound	The specified InstanceId does not exist.	The specified instance does not exist.
400	DependencyViolation	There is still instance(s) in the specified security group.	-
400	ens.interface.error	An error occurred while calling the API.	-
400	CallInterface	Call Interface Happen Error.	An error occurred when you call the operation.

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation
2023-12-21	The Error code has changed	View Change Details