A security group is a set of firewall rules on a set of Instances. Security groups enable you to create rules that either drop or allow incoming traffic from certain ports of your Instances.
Security groups are stateful by default which means return traffic is automatically allowed, regardless of any rules. As a contrary, you have to switch in a stateless mode to define explicitly allowed.
List security groups
List all existing security groups.
path Parameters
zoneThe zone you want to target
query Parameters
nameName of the security group.
organizationSecurity group Organization ID.
projectSecurity group Project ID.
tagsList security groups with these exact tags (to filter with several tags, use commas to separate them).
project_defaultFilter security groups with this value for project_default.
per_pageA positive integer lower or equal to 100 to select the number of items to return.
pageA positive integer to choose the page to return.
List security groups › Responses
List of security groups.
Create a security group
Create a security group with a specified name and description.
path Parameters
zoneThe zone you want to target
Create a security group › Request Body
nameName of the security group.
descriptionDescription of the security group.
projectProject ID the security group belong to.
tagsTags of the security group.
project_defaultWhether this security group becomes the default security group for new Instances.
statefulWhether the security group is stateful or not.
inbound_default_policyDefault policy for inbound rules.
outbound_default_policyDefault policy for outbound rules.
enable_default_securityTrue to block SMTP on IPv4 and IPv6. This feature is read only, please open a support ticket if you need to make it configurable.
organizationOrganization ID the security group belongs to.
organization_defaultDefines whether this security group becomes the default security group for new Instances.
Create a security group › Responses
Update a security group
Replace all security group properties with a security group message.
path Parameters
zoneThe zone you want to target
idUUID of the security group.
Update a security group › Request Body
nameName of the security group.
tagsTags of the security group.
creation_dateCreation date of the security group (will be ignored). (RFC 3339 format)
modification_dateModification date of the security group (will be ignored). (RFC 3339 format)
descriptionDescription of the security group.
enable_default_securityTrue to block SMTP on IPv4 and IPv6. This feature is read only, please open a support ticket if you need to make it configurable.
inbound_default_policyDefault inbound policy.
outbound_default_policyDefault outbound policy.
organizationSecurity groups Organization ID.
projectSecurity group Project ID.
project_defaultTrue use this security group for future Instances created in this project.
Instances attached to this security group.
statefulTrue to set the security group as stateful.
organization_defaultPlease use project_default instead.
Update a security group › Responses
Get a security group
Get the details of a security group with the specified ID.
path Parameters
zoneThe zone you want to target
security_group_idUUID of the security group you want to get.
Get a security group › Responses
Delete a security group
Delete a security group with the specified ID.
path Parameters
zoneThe zone you want to target
security_group_idUUID of the security group you want to delete.
Delete a security group › Responses
Update a security group
Update the properties of security group.
path Parameters
zoneThe zone you want to target
security_group_idUUID of the security group. (UUID format)
Update a security group › Request Body
nameName of the security group.
descriptionDescription of the security group.
enable_default_securityTrue to block SMTP on IPv4 and IPv6. This feature is read only, please open a support ticket if you need to make it configurable.
inbound_default_policyDefault inbound policy.
tagsTags of the security group.
project_defaultTrue use this security group for future Instances created in this project.
outbound_default_policyDefault outbound policy.
statefulTrue to set the security group as stateful.
organization_defaultPlease use project_default instead.
Update a security group › Responses
List rules
List the rules of the a specified security group ID.
path Parameters
zoneThe zone you want to target
security_group_idUUID of the security group.
query Parameters
per_pageA positive integer lower or equal to 100 to select the number of items to return.
pageA positive integer to choose the page to return.
List rules › Responses
List of security rules.
Update all the rules of a security group
Replaces the existing rules of the security group with the rules provided. This endpoint supports the update of existing rules, creation of new rules and deletion of existing rules when they are not passed in the request.
path Parameters
zoneThe zone you want to target
security_group_idUUID of the security group to update the rules on.
Update all the rules of a security group › Request Body
List of rules to update in the security group.
Update all the rules of a security group › Responses
Create rule
Create a rule in the specified security group ID.
path Parameters
zoneThe zone you want to target
security_group_idUUID of the security group.
Create rule › Request Body
protocoldirectionactionip_range(IP network)
dest_port_fromBeginning of the range of ports to apply this rule to (inclusive).
dest_port_toEnd of the range of ports to apply this rule to (inclusive).
positionPosition of this rule in the security group rules list.
editableIndicates if this rule is editable (will be ignored).
Create rule › Responses
Get rule
Get details of a security group rule with the specified ID.
path Parameters
zoneThe zone you want to target
security_group_idsecurity_group_rule_idGet rule › Responses
Set security group rule
Replace all the properties of a rule from a specified security group.
path Parameters
zoneThe zone you want to target
security_group_idsecurity_group_rule_idSet security group rule › Request Body
idprotocoldirectionactionip_range(IP network)
dest_port_fromdest_port_topositioneditableSet security group rule › Responses
Delete rule
Delete a security group rule with the specified ID.
path Parameters
zoneThe zone you want to target
security_group_idsecurity_group_rule_idDelete rule › Responses
Update security group rule
Update the properties of a rule from a specified security group.
path Parameters
zoneThe zone you want to target
security_group_idUUID of the security group. (UUID format)
security_group_rule_idUUID of the rule. (UUID format)
Update security group rule › Request Body
protocolProtocol family this rule applies to.
directionDirection the rule applies to.
actionAction to apply when the rule matches a packet.
ip_rangeRange of IP addresses these rules apply to. (IP network)
dest_port_fromBeginning of the range of ports this rule applies to (inclusive). If 0 is provided, unset the parameter.
dest_port_toEnd of the range of ports this rule applies to (inclusive). If 0 is provided, unset the parameter.
positionPosition of this rule in the security group rules list.