创建企业安全组
更新时间:2023-12-11
该接口用于创建企业安全组以及安全组规则。
- 单次创建的企业安全组规则数目不得大于20
请求结构
POST /v{version}/enterprise/security?clientToken={clientToken} HTTP/1.1
Host: bcc.bj.baidubce.com
Authorization: authorization string请求头域
除公共头域外,无其它特殊头域。
请求参数
| 参数名称 | 类型 | 是否必选 | 参数位置 | 描述 |
|---|---|---|---|---|
| version | String | 是 | URL参数 | API版本号 |
| clientToken | String | 是 | Query参数 | 幂等性Token,是一个长度不超过64位的ASCII字符串,详见ClientToken幂等性。 |
| name | String | 是 | RequestBody参数 | 创建的企业安全组的名字,支持大小写字母、数字、中文以及-_ /.特殊字符,必须以字母开头,长度1-65。 |
| desc | String | 否 | RequestBody参数 | 对所创建的企业安全组的描述信息 |
| rules | List<EnterpriseSecurityGroupRuleModel> | 否 | RequestBody参数 | 创建企业安全组时绑定的安全组规则列表 |
| tags | List<Tag> | 否 | RequestBody参数 | 创建企业安全组时绑定的标签列表 |
返回头域
除公共头域,无其它特殊头域。
返回参数
| 参数名称 | 类型 | 描述 |
|---|---|---|
| enterpriseSecurityGroupId | String | 已创建的企业安全组的ID |
错误码
| 错误码 | 错误描述 | HTTP状态码 | 中文解释 |
|---|---|---|---|
| Esg.EsgExceedQuota | Enterprise security group number over limited. | 400 | 企业安全组数量已达配额 |
| Esg.EsgNameEmpty | Enterprise security group name is required. | 400 | 企业安全组名称不允许为空 |
| Esg.EsgNameTooLong | Enterprise security group name length over limit. | 400 | 企业安全组名称过长 |
| Esg.EsgNameInvalid | Enterprise security group name is incorrect. | 400 | 企业安全组名称不符合规则 |
| Esg.EsgNameDuplicate | Enterprise security group name exist already. | 400 | 企业安全组名称重复 |
| Esg.EsgDescTooLong | Enterprise security group description is too long. | 400 | 企业安全组描述过长 |
| Esg.EsgRuleActionEmpty | Enterprise security group rule action(allow or deny) is required. | 400 | 企业安全组规则action不允许为空 |
| Esg.EsgRuleActionInvalid | Enterprise security group rule action(allow or deny) is invalid. | 400 | 企业安全组规则action不合法 |
| Esg.EsgRuleRemarkTooLong | Enterprise security group rule remark is too long. | 400 | 企业安全组规则备注过长 |
| Esg.EsgRuleProtocolEmpty | Enterprise security group rule protocol is required. | 400 | 企业安全组规则协议类型不允许为空 |
| Esg.EsgRuleProtocolInvalid | Enterprise security group rule protocol is invalid. | 400 | 企业安全组规则协议类型不合法 |
| Esg.EsgRulePortEmpty | Enterprise security group rule portRange is required. | 400 | 企业安全组规则端口范围不允许为空 |
| Esg.EsgRulePortFormatInvalid | Enterprise security group rule portRange is invalid. | 400 | 企业安全组规则端口范围格式不正确 |
| Esg.EsgRulePortDuplicate | Enterprise security group rule ports in portRange is duplicate. | 400 | 企业安全组规则端口值重复,比如80-80或80,80,7000 |
| Esg.EsgRulePortOrderError | Enterprise security group rule portRange order is wrong. | 400 | 企业安全组规则端口范围顺序不正确,比如400-80 |
| Esg.EsgRuleDispersedPortSizeExceed | Enterprise security group rule dispersed ports in portRange is limited 15 . | 400 | 企业安全组规则端口范围离散值数量超限 |
| Esg.EsgRulePortValueExceed | Enterprise security group rule port value is not in range 1-65535 | 400 | 企业安全组规则端口值超出范围 |
| Esg.EsgRulePriorityEmpty | Enterprise security group rule priority is required. | 400 | 企业安全组规则优先级不允许为空 |
| Esg.EsgRulePriorityInvalid | Enterprise security group rule priority is not in range 1-1000. | 400 | 企业安全组规则优先级取值超出范围 |
| Esg.EsgRuleEthertypeEmpty | Enterprise security group rule ethertype is required. | 400 | 企业安全组规则网络类型不允许为空 |
| Esg.EsgRuleEthertypeInvalid | Enterprise security group rule ethertype is invalid. | 400 | 企业安全组规则网络类型不合法 |
| Esg.EsgRuleIpAddressEmpty | Enterprise security group rule ip(cidr) address is required. | 400 | 企业安全组规则源IP/目的IP不允许为空 |
| Esg.EsgRuleIpAddressError | Enterprise security group rule ip(cidr) address is incorrect. | 400 | 企业安全组规则源IP/目的IP格式错误 |
| Esg.EsgRuleDirectionEmpty | Enterprise security group rule direction is required. | 400 | 企业安全组规则方向不允许为空 |
| Esg.EsgRuleDirectionInvalid | Enterprise security group rule direction is invalid. | 400 | 企业安全组规则方向不合法 |
| Esg.EsgRuleDuplicated | Enterprise security group rule exist already. | 400 | 企业安全组规则重复 |
| Esg.EsgRuleExceedQuota | Enterprise security group rule number over limited. | 400 | 企业安全组规则数量已达配额 |
请求示例
POST /v1/enterprise/security?clientToken=be31b98c-5e41-4838-9830-9be700de5a20 HTTP/1.1
Host: bcc.bj.baidubce.com
Authorization: bce-auth-v1/f81d3b34e48048fbb2634dc7882d7e21/2015-08-11T04:17:29Z/3600/host/74c506f68c65e26c633bfa104c863fffac5190fdec1ec24b7c03eb5d67d2e1de
{
"name": "test-enterprise-security-group",
"desc": "create a enterprise security group for api doc",
"rules": [
{
"remark": "备注",
"protocol": "tcp",
"portRange": "1-65535",
"sourcePortRange": "1-65535",
"direction": "ingress",
"sourceIp": "all",
"localIp": "all",
"ethertype": "IPv4",
"action": "allow",
"priority": "1000"
}
]
}返回示例
HTTP/1.1 200 OK
x-bce-request-id: 1214cca7-4ad5-451d-9215-71cb844c0a50
Date: Wed, 03 Dec 2014 06:42:19 GMT
Content-Type: application/json;charset=UTF-8
Server: BWS
{
"enterpriseSecurityGroupId": "esg-nky7qeom"
}