调用DescribeSecurityGroupAttribute查询一个安全组的安全组规则。
调试
您可以在OpenAPI Explorer中直接运行该接口,免去您计算签名的困扰。运行成功后,OpenAPI Explorer可以自动生成SDK代码示例。
请求参数
名称 | 类型 | 是否必选 | 示例值 | 描述 |
---|---|---|---|---|
Action | String | 是 | DescribeSecurityGroupAttribute | 系统规定参数。取值:DescribeSecurityGroupAttribute |
RegionId | String | 是 | cn-hangzhou | 安全组所属地域ID。您可以调用DescribeRegions查看最新的阿里云地域列表。 |
SecurityGroupId | String | 是 | sg-bp1gxw6bznjjvhu3**** | 安全组ID。 |
NicType | String | 否 | intranet | 安全组规则的网卡类型。
|
Direction | String | 否 | all | 安全组规则授权方向。取值范围:
默认值:all |
返回数据
名称 | 类型 | 示例值 | 描述 |
---|---|---|---|
Description | String | testDescription1 | 安全组描述信息。 |
InnerAccessPolicy | String | Accept | 安全组内网络连通策略。可能值:
|
Permissions | Array of Permission | 安全组权限规则集合。 |
|
Permission | |||
CreateTime | String | 2018-12-12T07:28:38Z | 创建时间,UTC时间。 |
Description | String | testDescription2 | 安全组描述信息。 |
DestCidrIp | String | 0.0.0.0/0 | 目标IP地址段,用于出方向授权。 |
DestGroupId | String | sg-bp1czdx84jd88i7v**** | 目标安全组,用于出方向授权。 |
DestGroupName | String | testDestGroupName | 目的端安全组名称。 |
DestGroupOwnerAccount | String | 1234567890 | 目标安全组所属阿里云账户ID。 |
Direction | String | ingress | 授权方向。 |
IpProtocol | String | TCP | IP协议。 |
Ipv6DestCidrIp | String | 2001:db8:1233:1a00::*** | 目的IPv6地址段。 |
Ipv6SourceCidrIp | String | 2001:db8:1234:1a00::*** | 源IPv6地址段。 |
NicType | String | intranet | 网络类型。 |
Policy | String | Accept | 授权策略。 |
PortRange | String | 80/80 | 端口范围。 |
Priority | String | 1 | 规则优先级。 |
SourceCidrIp | String | 0.0.0.0/0 | 源IP地址段,用于入方向授权。 |
SourceGroupId | String | sg-bp12kc4rqohaf2js**** | 源安全组,用于入方向授权。 |
SourceGroupName | String | testSourceGroupName1 | 源端安全组名称。 |
SourceGroupOwnerAccount | String | 1234567890 | 源安全组所属阿里云账户ID。 |
SourcePortRange | String | 80/80 | 源端端口范围。 |
RegionId | String | cn-hangzhou | 地域ID。 |
RequestId | String | 473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E | 请求ID。 |
SecurityGroupId | String | sg-bp1gxw6bznjjvhu3**** | 目标安全组ID。 |
SecurityGroupName | String | testSecurityGroupName2 | 目标安全组名称。 |
VpcId | String | vpc-bp1opxu1zkhn00gzv**** | VPC ID。如果返回VPC ID,表示该安全组网络类型为VPC。否则,表示是经典网络类型安全组。 |
示例
请求示例
https://ecs.aliyuncs.com/?RegionId=cn-hangzhou
&SecurityGroupId=sg-bp1gxw6bznjjvhu3****
&<公共请求参数>
正常返回示例
XML
格式
<DescribeSecurityGroupAttributeResponse>
<SecurityGroupId>sg-bp1gxw6bznjjvhu3****</SecurityGroupId>
<InnerAccessPolicy>Accept</InnerAccessPolicy>
<SecurityGroupName>FinanceJoshua</SecurityGroupName>
<Description>testDescription1</Description>
<RegionId>cn-hangzhou</RegionId>
<RequestId>A72322C1-47C0-491E-8088-8B17E4EA859F</RequestId>
<Permissions>
<Permission>
<SourceCidrIp>10.0.0.0/8</SourceCidrIp>
<Description></Description>
<DestCidrIp></DestCidrIp>
<NicType>intranet</NicType>
<DestGroupName></DestGroupName>
<PortRange>22/22</PortRange>
<DestGroupId></DestGroupId>
<Ipv6DestCidrIp></Ipv6DestCidrIp>
<Direction>ingress</Direction>
<Priority>1</Priority>
<IpProtocol>TCP</IpProtocol>
<SourcePortRange></SourcePortRange>
<SourceGroupOwnerAccount></SourceGroupOwnerAccount>
<Policy>Accept</Policy>
<CreateTime>2018-12-12T07:28:38Z</CreateTime>
<SourceGroupId></SourceGroupId>
<DestGroupOwnerAccount></DestGroupOwnerAccount>
<Ipv6SourceCidrIp></Ipv6SourceCidrIp>
<SourceGroupName></SourceGroupName>
</Permission>
<Permission>
<SourceCidrIp>0.0.0.0/0</SourceCidrIp>
<Description></Description>
<DestCidrIp></DestCidrIp>
<NicType>intranet</NicType>
<DestGroupName></DestGroupName>
<PortRange>443/443</PortRange>
<DestGroupId></DestGroupId>
<Ipv6DestCidrIp></Ipv6DestCidrIp>
<Direction>ingress</Direction>
<Priority>1</Priority>
<IpProtocol>TCP</IpProtocol>
<SourcePortRange></SourcePortRange>
<SourceGroupOwnerAccount></SourceGroupOwnerAccount>
<Policy>Accept</Policy>
<CreateTime>2018-12-12T07:28:38Z</CreateTime>
<SourceGroupId></SourceGroupId>
<DestGroupOwnerAccount></DestGroupOwnerAccount>
<Ipv6SourceCidrIp></Ipv6SourceCidrIp>
<SourceGroupName></SourceGroupName>
</Permission>
<Permission>
<SourceCidrIp>0.0.0.0/0</SourceCidrIp>
<Description></Description>
<DestCidrIp></DestCidrIp>
<NicType>intranet</NicType>
<DestGroupName></DestGroupName>
<PortRange>80/80</PortRange>
<DestGroupId></DestGroupId>
<Ipv6DestCidrIp></Ipv6DestCidrIp>
<Direction>ingress</Direction>
<Priority>1</Priority>
<IpProtocol>TCP</IpProtocol>
<SourcePortRange></SourcePortRange>
<SourceGroupOwnerAccount></SourceGroupOwnerAccount>
<Policy>Accept</Policy>
<CreateTime>2018-12-12T07:28:38Z</CreateTime>
<SourceGroupId></SourceGroupId>
<DestGroupOwnerAccount></DestGroupOwnerAccount>
<Ipv6SourceCidrIp></Ipv6SourceCidrIp>
<SourceGroupName></SourceGroupName>
</Permission>
<Permission>
<SourceCidrIp>10.0.0.0/8</SourceCidrIp>
<Description></Description>
<DestCidrIp></DestCidrIp>
<NicType>intranet</NicType>
<DestGroupName></DestGroupName>
<PortRange>-1/-1</PortRange>
<DestGroupId></DestGroupId>
<Ipv6DestCidrIp></Ipv6DestCidrIp>
<Direction>ingress</Direction>
<Priority>1</Priority>
<IpProtocol>ICMP</IpProtocol>
<SourcePortRange>-1/-1</SourcePortRange>
<SourceGroupOwnerAccount></SourceGroupOwnerAccount>
<Policy>Accept</Policy>
<CreateTime>2018-12-12T07:28:38Z</CreateTime>
<SourceGroupId></SourceGroupId>
<DestGroupOwnerAccount></DestGroupOwnerAccount>
<Ipv6SourceCidrIp></Ipv6SourceCidrIp>
<SourceGroupName></SourceGroupName>
</Permission>
</Permissions>
<VpcId>vpc-bp1opxu1zkhn00gzv****</VpcId>
</DescribeSecurityGroupAttributeResponse>
JSON
格式
{
"SecurityGroupId": "sg-bp1gxw6bznjjvhu3****",
"InnerAccessPolicy": "Accept",
"SecurityGroupName": "FinanceJoshua",
"Description": "testDescription1",
"RegionId": "cn-hangzhou",
"RequestId": "A72322C1-47C0-491E-8088-8B17E4EA859F",
"Permissions": {
"Permission": [
{
"SourceCidrIp": "10.0.0.0/8",
"Description": "",
"DestCidrIp": "",
"NicType": "intranet",
"DestGroupName": "",
"PortRange": "22/22",
"DestGroupId": "",
"Ipv6DestCidrIp": "",
"Direction": "ingress",
"Priority": 1,
"IpProtocol": "TCP",
"SourcePortRange": "",
"SourceGroupOwnerAccount": "",
"Policy": "Accept",
"CreateTime": "2018-12-12T07:28:38Z",
"SourceGroupId": "",
"DestGroupOwnerAccount": "",
"Ipv6SourceCidrIp": "",
"SourceGroupName": ""
},
{
"SourceCidrIp": "0.0.0.0/0",
"Description": "",
"DestCidrIp": "",
"NicType": "intranet",
"DestGroupName": "",
"PortRange": "443/443",
"DestGroupId": "",
"Ipv6DestCidrIp": "",
"Direction": "ingress",
"Priority": 1,
"IpProtocol": "TCP",
"SourcePortRange": "",
"SourceGroupOwnerAccount": "",
"Policy": "Accept",
"CreateTime": "2018-12-12T07:28:38Z",
"SourceGroupId": "",
"DestGroupOwnerAccount": "",
"Ipv6SourceCidrIp": "",
"SourceGroupName": ""
},
{
"SourceCidrIp": "0.0.0.0/0",
"Description": "",
"DestCidrIp": "",
"NicType": "intranet",
"DestGroupName": "",
"PortRange": "80/80",
"DestGroupId": "",
"Ipv6DestCidrIp": "",
"Direction": "ingress",
"Priority": 1,
"IpProtocol": "TCP",
"SourcePortRange": "",
"SourceGroupOwnerAccount": "",
"Policy": "Accept",
"CreateTime": "2018-12-12T07:28:38Z",
"SourceGroupId": "",
"DestGroupOwnerAccount": "",
"Ipv6SourceCidrIp": "",
"SourceGroupName": ""
},
{
"SourceCidrIp": "10.0.0.0/8",
"Description": "",
"DestCidrIp": "",
"NicType": "intranet",
"DestGroupName": "",
"PortRange": "-1/-1",
"DestGroupId": "",
"Ipv6DestCidrIp": "",
"Direction": "ingress",
"Priority": 1,
"IpProtocol": "ICMP",
"SourcePortRange": "-1/-1",
"SourceGroupOwnerAccount": "",
"Policy": "Accept",
"CreateTime": "2018-12-12T07:28:38Z",
"SourceGroupId": "",
"DestGroupOwnerAccount": "",
"Ipv6SourceCidrIp": "",
"SourceGroupName": ""
}
]
},
"VpcId": "vpc-bp1opxu1zkhn00gzv****"
}
错误码
HttpCode | 错误码 | 错误信息 | 描述 |
---|---|---|---|
404 | InvalidRegionId.NotFound | The specified RegionId does not exist. | 指定的地域ID不存在。 |
404 | InvalidSecurityGroupId.NotFound | The specified SecurityGroupId does not exist. | 指定的安全组在该用户账号下不存在,请您检查安全组ID是否正确。 |
400 | InvalidNicType.ValueNotSupported | The specified NicType does not exist. | 指定的网络类型不存在,请您检查网络类型是否正确。 |
500 | InternalError | The request processing has failed due to some unknown error. | 内部错误,请重试。如果多次尝试失败,请提交工单。 |
400 | InvalidParamter | Invalid Parameter | 指定的参数不合法。 |
400 | InvalidSecurityGroupId.Malformed | The specified parameter "SecurityGroupId" is not valid. | 指定的参数SecurityGroupId无效。 |
访问错误中心查看更多错误码。