Security Groups
A security group is a set of firewall rules on a set of instances. Security groups enable to create rules that either drop or allow incoming traffic from certain ports of your instances.
Security Group Schema
idString - A unique identifier for each security group. This is automatically generated.nameString - The human-readable name for the security group.descriptionString - The human-readable description for the security group.regionString - The identifier for the region this security group exists in (eg.ARC-IS-HAF-1).statusString - The security group status. Possible values arecreating,createdanddeleting.rulesArray - The security group rules.created_atString - A time value given in ISO8601 combined date and time format that represents when the security group was created.
For legacy projects and accounts there are additional statuses updating and error.
Create Security Group
To create a new security group, send a request to:
POST /compute/v1/security-groups (HTTP 201 - Created)
The attribute values that must be set to successfully create a security group are:
Body parameters
nameString Required - The human-readable name set for the security group. Please Note:defaultandstandardare not allowed names (reserved words).descriptionString Optional - The human-readable description set for the security group.regionString Required - The identifier for the region in which this security group should be created in, see Regions.rulesArray Required - The list of rules of the security group.
Rule object
protocolString Required - The protocol of the rule. Possible values areicmp,tcp,udpandall.directionString Required - The direction of the rule. Possible values areingressoregress.port_range_minInteger Required - The port_range_min of the rule (e.g.8080). Optional foricmpprotocol.port_range_maxInteger Required - The port_range_min of the rule (e.g.8085). Optional foricmpprotocol.
{
"name": "<security group name>",
"description": "<security group description>",
"region": "ARC-IS-HAF-1",
"rules": [
{
"protocol": "icmp",
"port_range_min": null,
"port_range_max": null,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 22,
"port_range_max": 22,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 8080,
"port_range_max": 8085,
"direction": "ingress"
},
{
"protocol": "all",
"port_range_min": null,
"port_range_max": null,
"direction": "egress"
}
]
}
Response body
The security group will be created using the provided information. The response body will contain a JSON object with standard attributes for your new security group, see Security Group Schema:
{
"security_group": {
"id": "<security group id>",
"name": "<security group name>",
"description": "<security group description>",
"region": "ARC-IS-HAF-1",
"status": "creating",
"rules": [
{
"protocol": "icmp",
"port_range_min": null,
"port_range_max": null,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 22,
"port_range_max": 22,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 8080,
"port_range_max": 8085,
"direction": "ingress"
},
{
"protocol": "all",
"port_range_min": null,
"port_range_max": null,
"direction": "egress"
}
],
"created_at": "2020-03-20T15:17:42.375Z"
}
}
Update Security Group
To update a security group, send a request to:
PUT /compute/v1/security-groups/<security_group_id> (HTTP 200)
The attribute values that must be set to successfully create a security group are:
Body parameters
nameString Required - The human-readable name set for the security group.descriptionString Optional - The human-readable description set for the security group.rulesArray Required - The list of rules of the security group.
Rule object
protocolString Required - The protocol of the rule. Possible values areicmp,tcp,udpandall.directionString Required - The direction of the rule. Possible values areingressoregress.port_range_minInteger Required - The port_range_min of the rule (e.g.8080). Optional foricmpprotocol andnullfor all ports.port_range_maxInteger Required - The port_range_min of the rule (e.g.8085). Optional foricmpprotocol andnullfor all ports.
{
"name": "<security group name>",
"description": "<security group description>",
"rules": [
{
"protocol": "icmp",
"port_range_min": null,
"port_range_max": null,
"direction": "ingress"
}
]
}
Response body
The security group will be updated using the provided information. The response body will contain a JSON object with standard attributes for your new security group, see Security Group Schema:
{
"security_group": {
"id": "<security group id>",
"name": "<security group name>",
"description": "<security group description>",
"region": "ARC-IS-HAF-1",
"status": "creating",
"rules": [
{
"protocol": "icmp",
"port_range_min": null,
"port_range_max": null,
"direction": "ingress"
}
],
"created_at": "2020-03-20T15:17:42.375Z"
}
}
List Security Groups
List all security groups available in an account.
GET /compute/v1/security-groups (HTTP 200 - OK)
Query parameters
per_pageInteger Optional - A positive integer lower than or equal to 100 to select the number of items to return (default: 50).pageInteger Optional - A positive integer to choose the page to return.
Response body
The response will be a JSON object with pagination details and a key called security_groups. This will be set to an array of security group objects, each of which will contain the security group object, see Security Group Schema:
{
"security_groups": [
{
"id": "string",
"name": "string",
"description": "string",
"region": "ARC-IS-HAF-1",
"rules": [
{
"protocol": "icmp",
"port_range_min": null,
"port_range_max": null,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 22,
"port_range_max": 22,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 8080,
"port_range_max": 8085,
"direction": "ingress"
},
{
"protocol": "all",
"port_range_min": null,
"port_range_max": null,
"direction": "egress"
}
],
"created_at": "2020-03-20T15:17:42.375Z"
}
],
"total_count": 1,
"page": 1,
"per_page": 10
}
Get Security Group
Get details of an security group with the given ID
GET /compute/v1/security-groups/<security_group_id> (HTTP 200 - OK)
Path parameters:
security_group_idString - Security group id
Response body
The response will be a JSON object that contains the security group attributes, see Security Group Schema:
{
"security_group": {
"id": "string",
"name": "string",
"description": "string",
"region": "ARC-IS-HAF-1",
"rules": [
{
"protocol": "icmp",
"port_range_min": null,
"port_range_max": null,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 22,
"port_range_max": 22,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 8080,
"port_range_max": 8085,
"direction": "ingress"
},
{
"protocol": "all",
"port_range_min": null,
"port_range_max": null,
"direction": "egress"
}
],
"created_at": "2020-03-20T15:17:42.375Z"
}
}
Delete a Security Group
Delete a security group with the given ID
DELETE /compute/v1/security-groups/<security_group_id> (HTTP 204 - No content)
Path parameters:
security_group_idString - security group id
Examples (cURL)
# Create a new security group (egress all ports)
curl -H "Authorization: Bearer $TOKEN" \
-X POST "https://api.genesiscloud.com/compute/v1/security-groups" \
-H "Content-Type: application/json" \
--data-raw '{
"name": "name",
"description": "description",
"region": "ARC-IS-HAF-1",
"rules": [
{
"protocol": "icmp",
"port_range_min": null,
"port_range_max": null,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 22,
"port_range_max": 22,
"direction": "ingress"
},
{
"protocol": "tcp",
"port_range_min": 8080,
"port_range_max": 8085,
"direction": "ingress"
},
{
"protocol": "all",
"port_range_min": null,
"port_range_max": null,
"direction": "egress"
}
]
}'
# Update a security group
curl -H "Authorization: Bearer $TOKEN" \
-X PUT "https://api.genesiscloud.com/compute/v1/security-groups/<security_group_id>" \
-H "Content-Type: application/json" \
--data-raw '{
"name": "name",
"description": "description",
"rules": [
{
"protocol": "tcp",
"port_range_min": 8080,
"port_range_max": 8085,
"direction": "ingress"
},
{
"protocol": "all",
"port_range_min": null,
"port_range_max": null,
"direction": "egress"
}
]
}'
# List security groups
curl -H "Authorization: Bearer $TOKEN" \
"https://api.genesiscloud.com/compute/v1/security-groups"
# Get security group by id
curl -H "Authorization: Bearer $TOKEN" \
"https://api.genesiscloud.com/compute/v1/security-groups/<security_group_id>"
# Destroy a security group
curl -H "Authorization: Bearer $TOKEN" \
-X DELETE "https://api.genesiscloud.com/compute/v1/security-groups/<security_group_id>"