Creating a Security Group Policy
Function
This API is used to create a security group policy (for the cloud native network model).
Authorization Information
Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.
- If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.
- If you are using identity policy-based authorization, no identity policy-based permission required for calling this API.
URI
POST /v5/{project_id}/container-network/{cluster_id}/{namespace}/security-group-policy
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Definition Project ID, which is used to specify the project that an asset belongs to. After the project ID is configured, you can query assets in the project using the project ID. For details about how to obtain it, see Obtaining a Project ID. Constraints N/A Range The value can contain 1 to 256 characters. Default Value N/A |
|
cluster_id |
Yes |
String |
Cluster ID |
|
namespace |
Yes |
String |
Namespaces |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
enterprise_project_id |
No |
String |
Definition Enterprise project ID, which is used to filter assets in different enterprise projects. For details, see Obtaining an Enterprise Project ID. To query assets in all enterprise projects, set this parameter to all_granted_eps. Constraints You need to set this parameter only after the enterprise project function is enabled. Range The value can contain 1 to 256 characters. Default Value 0: default enterprise project. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Definition User token, which contains user identity and permissions. The token can be used for identity authentication when an API is called. For details about how to obtain the token, see Obtaining a User Token. Constraints N/A Range The value can contain 1 to 32,768 characters. Default Value N/A |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
policy_name |
Yes |
String |
Policy Name |
|
workload_id |
Yes |
String |
Workload ID |
|
workload_name |
Yes |
String |
Workload name |
|
workload_type |
Yes |
String |
Definition Workload type. Range |
|
security_groups |
Yes |
Array of SecurityGroup objects |
Security group list |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
security_group_id |
Yes |
String |
Definition Unique ID of a security group in the cloud native network model, which is used to associate a specific security group with a policy. Constraints The security group must be in the same VPC network as the cluster. Otherwise, the association fails. Range The value can contain 1 to 64 characters, including letters, numbers, hyphens (-), and underscores (_). Default Value None |
|
security_group_name |
No |
String |
Definition Name of a security group. Constraints If this parameter is specified, its value must be the same as the name of the security group corresponding to security_group_id. Otherwise, the display may be abnormal. (Functions are not affected.) Range The value can contain 1 to 64 characters, including letters, numbers, hyphens (-), and underscores (_). Default Value None. By default, the system name corresponding to the security group ID is used. |
|
security_group_description |
No |
String |
Definition Description of the security group, which is used to record the purpose and permission scope of the security group. Constraints The description cannot contain special characters such as HTML tags. Range The value can contain 0 to 256 characters, including Chinese characters, letters, numbers, common punctuations, and spaces. Default Value None. Do not modify the security group description. (If the original description is empty, keep it empty). |
Response Parameters
Status code: 200
Request succeeded.
None
Example Requests
This API is used to create a security group policy (for the cloud native network model).
POST https://{endpoint}/v5/{project_id}/container-network/{cluster_id}/{namespace}/security-group-policy?enterprise_project_id=all_granted_eps
{
"policy_name" : "ywk-test",
"workload_id" : "27f3d7af-e947-4731-a3d2-8a561ae33069",
"workload_name" : "kube-state-metrics",
"workload_type" : "deployments",
"security_groups" : [ {
"security_group_id" : "03b46bce-b0b7-42d3-992d-ddfb567106f0",
"security_group_name" : "sg-4a7d"
} ]
}
Example Responses
None
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Request succeeded. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
