UpdateRules
Updates the rules of the specified security group.
- TypeScript
- Python
import {
cloudApi,
decodeMessage,
serviceClients,
Session,
waitForOperation,
} from "@yandex-cloud/nodejs-sdk";
const SecurityGroup = cloudApi.vpc.security_group.SecurityGroup;
const SecurityGroupRule_Direction =
cloudApi.vpc.security_group.SecurityGroupRule_Direction;
const UpdateSecurityGroupRulesRequest =
cloudApi.vpc.security_group_service.UpdateSecurityGroupRulesRequest;
(async () => {
const authToken = process.env["YC_OAUTH_TOKEN"];
const session = new Session({ oauthToken: authToken });
const client = session.client(serviceClients.SecurityGroupServiceClient);
const operation = await client.updateRules(
UpdateSecurityGroupRulesRequest.fromPartial({
securityGroupId: "securityGroupId",
// deletionRuleIds: ["deletionRuleIds"],
// additionRuleSpecs: [{
// description: "description",
// labels: {"key": "labels"},
// direction: SecurityGroupRule_Direction.INGRESS,
// ports: {
// fromPort: 0,
// toPort: 0
// },
// protocolName: "protocolName",
// protocolNumber: 0,
// cidrBlocks: {
// v4CidrBlocks: ["v4CidrBlocks"],
// v6CidrBlocks: ["v6CidrBlocks"]
// },
// securityGroupId: "securityGroupId",
// predefinedTarget: "predefinedTarget"
// }]
})
);
const finishedOp = await waitForOperation(operation, session);
if (finishedOp.response) {
const result = decodeMessage<typeof SecurityGroup>(finishedOp.response);
console.log(result);
}
})();
import os
import grpc
import yandexcloud
from yandex.cloud.vpc.v1.security_group_pb2 import CidrBlocks
from yandex.cloud.vpc.v1.security_group_pb2 import PortRange
from yandex.cloud.vpc.v1.security_group_pb2 import SecurityGroup
from yandex.cloud.vpc.v1.security_group_service_pb2 import SecurityGroupRuleSpec
from yandex.cloud.vpc.v1.security_group_service_pb2_grpc import SecurityGroupServiceStub
from yandex.cloud.vpc.v1.security_group_service_pb2 import UpdateSecurityGroupMetadata
from yandex.cloud.vpc.v1.security_group_service_pb2 import UpdateSecurityGroupRulesRequest
token = os.getenv("YC_OAUTH_TOKEN")
sdk = yandexcloud.SDK(token=token)
service = sdk.client(SecurityGroupServiceStub)
operation = service.UpdateRules(
UpdateSecurityGroupRulesRequest(
security_group_id="securityGroupId",
# deletion_rule_ids = ["deletionRuleIds"],
# addition_rule_specs = [SecurityGroupRuleSpec(
# description = "description",
# labels = {"key": "labels"},
# direction = SecurityGroupRule.Direction.INGRESS,
# ports = PortRange(
# from_port = 0,
# to_port = 0
# ),
# protocol_name = "protocolName",
# protocol_number = 0,
# cidr_blocks = CidrBlocks(
# v_4_cidr_blocks = ["v4CidrBlocks"],
# v_6_cidr_blocks = ["v6CidrBlocks"]
# ),
# security_group_id = "securityGroupId",
# predefined_target = "predefinedTarget"
# )]
)
)
operation_result = sdk.wait_operation_and_get_result(
operation,
response_type=SecurityGroup,
meta_type=UpdateSecurityGroupMetadata,
)
print(operation_result)
UpdateSecurityGroupRulesRequest
securityGroupId : string
ID of the SecurityGroup that is being updated with new rules.
deletionRuleIds : string
List of rules IDs to delete.
additionRuleSpecs : SecurityGroupRuleSpec
Security rules specifications.
SecurityGroupRuleSpec
description : string
Description of the security rule.
labels : string
Rule labels as key:value pairs.
direction : SecurityGroupRule.Direction
The direction of network traffic allowed by this rule.
ports : PortRange
The range of ports that allow traffic to pass through. Null value means any port.
One of protocol
Values from IANA protocol numbers. Null value means any protocol.
protocolName: stringProtocol name.
protocolNumber: int64Protocol number from IANA protocol numbers.
One of target
cidrBlocks: CidrBlocksCIDR blocks to allow to recieve or send traffic.
securityGroupId: stringID of the security group to add rule to.
predefinedTarget: stringPredefined target. See security groups rules for more information.
PortRange
fromPort : int64
The lowest port in the range.
toPort : int64
The highest port in the range.
CidrBlocks
v4CidrBlocks : string
IPv4 CIDR blocks to allow traffic to.
v6CidrBlocks : string
IPv6 CIDR blocks to allow traffic to.
Operation
An Operation resource. For more information, see Operation.
id : string
ID of the operation.
description : string
Description of the operation. 0-256 characters long.
createdAt : google.protobuf.Timestamp
Creation timestamp.
createdBy : string
ID of the user or service account who initiated the operation.
modifiedAt : google.protobuf.Timestamp
The time when the Operation resource was last modified.
done : bool
If the value is false, it means the operation is still in progress.
If true, the operation is completed, and either error or response is available.
metadata : google.protobuf.Any
Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
One of result
The operation result.
If done == false and there was no failure detected, neither error nor response is set.
If done == false and there was a failure detected, error is set.
If done == true, exactly one of error or response is set.
error: google.rpc.StatusThe error result of the operation in case of failure or cancellation.
response: google.protobuf.AnyThe normal response of the operation in case of success.If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.