Security Group
Security Groups are groups of firewall rules that regulate network traffic to and from your Compute instances.
create-security-group
Create a Security Group
POST /security-groupRequest body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
name | string | yes | Security Group name Min length: 1. Max length: 255. |
description | string | no | Security Group description Max length: 255. |
Example
{
"description": "string",
"name": "string"
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID Must be a valid UUID. |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for create-security-group: golang | Python | Java
CLI: exo api create-security-group
get-security-group
Retrieve Security Group details
GET /security-group/{id}Path parameters
| Name | In | Description |
|---|---|---|
id | path | Must be a valid UUID. |
Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
description | string | Security Group description Max length: 255. |
external-sources | array[string] | Security Group external sources |
id | string | Security Group ID Must be a valid UUID. |
name | string | Security Group name Min length: 1. Max length: 255. |
rules | array of Security Group rule | Security Group rules |
Example output
{
"description": "string",
"external-sources": [
"string"
],
"id": "string",
"name": "string",
"rules": [
{
"description": "string",
"end-port": 0,
"flow-direction": "ingress",
"icmp": {
"code": 0,
"type": 0
},
"id": "string",
"network": "string",
"protocol": "tcp",
"security-group": {
"id": "string",
"name": "string",
"visibility": "private"
},
"start-port": 0
}
]
}SDK reference for get-security-group: golang | Python | Java
CLI: exo api get-security-group
delete-security-group
Delete a Security Group
DELETE /security-group/{id}Path parameters
| Name | In | Description |
|---|---|---|
id | path | Must be a valid UUID. |
Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID Must be a valid UUID. |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for delete-security-group: golang | Python | Java
CLI: exo api delete-security-group
Other Operations
remove-external-source-from-security-group
Remove an external source from a Security Group
PUT /security-group/{id}:remove-sourcePath parameters
| Name | In | Description |
|---|---|---|
id | path | Must be a valid UUID. |
Request body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
cidr | string | yes | CIDR-formatted network to remove |
Example
{
"cidr": "string"
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID Must be a valid UUID. |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for remove-external-source-from-security-group: golang | Python | Java
CLI: exo api remove-external-source-from-security-group
add-external-source-to-security-group
Add an external source as a member of a Security Group
PUT /security-group/{id}:add-sourcePath parameters
| Name | In | Description |
|---|---|---|
id | path | Must be a valid UUID. |
Request body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
cidr | string | yes | CIDR-formatted network to add |
Example
{
"cidr": "string"
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID Must be a valid UUID. |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for add-external-source-to-security-group: golang | Python | Java
CLI: exo api add-external-source-to-security-group
detach-instance-from-security-group
Detach a Compute instance from a Security Group
PUT /security-group/{id}:detachPath parameters
| Name | In | Description |
|---|---|---|
id | path | Must be a valid UUID. |
Request body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
instance | Instance | yes | Compute instance |
Example
{
"instance": {
"anti-affinity-groups": [
{
"id": "string"
}
],
"application-consistent-snapshot-enabled": true,
"created-at": "2024-01-01T12:00:00Z",
"deploy-target": {
"id": "string"
},
"disk-encrypted": true,
"disk-size": 0,
"elastic-ips": [
{
"id": "string"
}
],
"id": "string",
"instance-type": {
"authorized": true,
"cpus": 0,
"family": "gpu3",
"gpus": 0,
"id": "string",
"memory": 0,
"size": "large",
"zones": [
"ch-dk-2"
]
},
"ipv6-address": "string",
"labels": {},
"mac-address": "string",
"manager": {
"id": "string",
"type": "sks-nodepool"
},
"name": "string",
"private-networks": [
{
"id": "string",
"mac-address": "string"
}
],
"public-ip": "string",
"public-ip-assignment": "inet4",
"secureboot-enabled": true,
"security-groups": [
{
"id": "string"
}
],
"snapshots": [
{
"id": "string"
}
],
"ssh-key": {
"fingerprint": "string",
"name": "string"
},
"ssh-keys": [
{
"fingerprint": "string",
"name": "string"
}
],
"state": "expunging",
"template": {
"application-consistent-snapshot-enabled": true,
"boot-mode": "legacy",
"build": "string",
"checksum": "string",
"created-at": "2024-01-01T12:00:00Z",
"default-user": "string",
"description": "string",
"family": "string",
"id": "string",
"maintainer": "string",
"name": "string",
"password-enabled": true,
"size": 0,
"ssh-key-enabled": true,
"url": "string",
"version": "string",
"visibility": "private",
"zones": [
"ch-dk-2"
]
},
"tpm-enabled": true,
"user-data": "string"
}
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID Must be a valid UUID. |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for detach-instance-from-security-group: golang | Python | Java
CLI: exo api detach-instance-from-security-group
attach-instance-to-security-group
Attach a Compute instance to a Security Group
PUT /security-group/{id}:attachPath parameters
| Name | In | Description |
|---|---|---|
id | path | Must be a valid UUID. |
Request body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
instance | Instance | yes | Compute instance |
Example
{
"instance": {
"anti-affinity-groups": [
{
"id": "string"
}
],
"application-consistent-snapshot-enabled": true,
"created-at": "2024-01-01T12:00:00Z",
"deploy-target": {
"id": "string"
},
"disk-encrypted": true,
"disk-size": 0,
"elastic-ips": [
{
"id": "string"
}
],
"id": "string",
"instance-type": {
"authorized": true,
"cpus": 0,
"family": "gpu3",
"gpus": 0,
"id": "string",
"memory": 0,
"size": "large",
"zones": [
"ch-dk-2"
]
},
"ipv6-address": "string",
"labels": {},
"mac-address": "string",
"manager": {
"id": "string",
"type": "sks-nodepool"
},
"name": "string",
"private-networks": [
{
"id": "string",
"mac-address": "string"
}
],
"public-ip": "string",
"public-ip-assignment": "inet4",
"secureboot-enabled": true,
"security-groups": [
{
"id": "string"
}
],
"snapshots": [
{
"id": "string"
}
],
"ssh-key": {
"fingerprint": "string",
"name": "string"
},
"ssh-keys": [
{
"fingerprint": "string",
"name": "string"
}
],
"state": "expunging",
"template": {
"application-consistent-snapshot-enabled": true,
"boot-mode": "legacy",
"build": "string",
"checksum": "string",
"created-at": "2024-01-01T12:00:00Z",
"default-user": "string",
"description": "string",
"family": "string",
"id": "string",
"maintainer": "string",
"name": "string",
"password-enabled": true,
"size": 0,
"ssh-key-enabled": true,
"url": "string",
"version": "string",
"visibility": "private",
"zones": [
"ch-dk-2"
]
},
"tpm-enabled": true,
"user-data": "string"
}
}Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID Must be a valid UUID. |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for attach-instance-to-security-group: golang | Python | Java
CLI: exo api attach-instance-to-security-group
delete-rule-from-security-group
Delete a Security Group rule
DELETE /security-group/{id}/rules/{rule-id}Path parameters
| Name | In | Description |
|---|---|---|
id | path | Must be a valid UUID. |
rule-id | path | Must be a valid UUID. |
Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID Must be a valid UUID. |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for delete-rule-from-security-group: golang | Python | Java
CLI: exo api delete-rule-from-security-group
add-rule-to-security-group
Create a Security Group rule
POST /security-group/{id}/rulesPath parameters
| Name | In | Description |
|---|---|---|
id | path | Must be a valid UUID. |
Request body
Content-Type: application/json
| Property | Type | Required | Description |
|---|---|---|---|
flow-direction | string | yes | Network flow direction to match Allowed values: ingress, egress. |
protocol | string | yes | Network protocol Allowed values: tcp, esp, icmp, udp, gre, ah, ipip, icmpv6. |
description | string | no | Security Group rule description Max length: 255. |
end-port | integer | no | End port of the range Min: 1. Max: 65535. |
icmp | ICMP | no | ICMP details (default: -1 (ANY)) |
network | string | no | CIDR-formatted network allowed |
security-group | Security Group | no | Security Group allowed |
start-port | integer | no | Start port of the range Min: 1. Max: 65535. |
Example
{
"description": "string",
"end-port": 0,
"flow-direction": "ingress",
"icmp": {
"code": 0,
"type": 0
},
"network": "string",
"protocol": "tcp",
"security-group": {
"id": "string",
"name": "string",
"visibility": "private"
},
"start-port": 0
}ICMP
ICMP details (default: -1 (ANY))
| Property | Type | Required | Description |
|---|---|---|---|
code | integer | no | Min: -1. Max: 254. |
type | integer | no | Min: -1. Max: 254. |
Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
id | string | Operation ID Must be a valid UUID. |
message | string | Operation message |
reason | string | Operation failure reason Allowed values: incorrect, unknown, unavailable, forbidden, busy, fault, partial, not-found, interrupted, unsupported, conflict. |
reference | Reference | Related resource reference |
state | string | Operation status Allowed values: failure, pending, success, timeout. |
Example output
{
"id": "string",
"message": "string",
"reason": "incorrect",
"reference": {
"command": "string",
"id": "string",
"link": "string"
},
"state": "failure"
}SDK reference for add-rule-to-security-group: golang | Python | Java
CLI: exo api add-rule-to-security-group
list-security-groups
List Security Groups.
GET /security-groupLists security groups. When visibility is set to public, lists public security groups. Public security groups are objects maintained by Exoscale which contain source addresses for relevant services hosted by Exoscale. They can be used a source in ingress rules and as a destination in egress rules.
Query parameters
| Name | In | Required | Description |
|---|---|---|---|
visibility | query | no |
Responses
Status: 200 - 200
Content-Type: application/json
| Property | Type | Description |
|---|---|---|
security-groups | array of Security Group |
Example output
{
"security-groups": [
{
"description": "string",
"external-sources": [
"string"
],
"id": "string",
"name": "string",
"rules": [
{
"description": "string",
"end-port": 0,
"flow-direction": "ingress",
"icmp": {
"code": null,
"type": null
},
"id": "string",
"network": "string",
"protocol": "tcp",
"security-group": {
"id": null,
"name": null,
"visibility": null
},
"start-port": 0
}
]
}
]
}SDK reference for list-security-groups: golang | Python | Java
CLI: exo api list-security-groups
Last updated on