SecurityGroupService

Call	Description
Get
List
Create
Update
UpdateRules
UpdateRule	update rule description or labels
Delete
Move
ListOperations

Calls SecurityGroupService

Get

rpc Get (GetSecurityGroupRequest) returns (SecurityGroup)

GetSecurityGroupRequest

Field	Description
security_group_id	string Required.

SecurityGroup

Field	Description
id	string
folder_id	string
created_at	google.protobuf.Timestamp
name	string
description	string
labels	map<string,string>
network_id	string
status	enum Status UPDATING: updating is a long operation because we must update all instances in SG
rules[]	SecurityGroupRule
default_for_network	bool

SecurityGroupRule

Field	Description
id	string
description	string
labels	map<string,string>
direction	enum Direction Required.
ports	PortRange
protocol_name	string null value means any protocol values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
protocol_number	int64
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

List

rpc List (ListSecurityGroupsRequest) returns (ListSecurityGroupsResponse)

ListSecurityGroupsRequest

Field	Description
folder_id	string Required.
page_size	int64
page_token	string
filter	string

ListSecurityGroupsResponse

Field	Description
security_groups[]	SecurityGroup
next_page_token	string

SecurityGroup

Field	Description
id	string
folder_id	string
created_at	google.protobuf.Timestamp
name	string
description	string
labels	map<string,string>
network_id	string
status	enum Status UPDATING: updating is a long operation because we must update all instances in SG
rules[]	SecurityGroupRule
default_for_network	bool

SecurityGroupRule

Field	Description
id	string
description	string
labels	map<string,string>
direction	enum Direction Required.
ports	PortRange
protocol_name	string null value means any protocol values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
protocol_number	int64
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

Create

rpc Create (CreateSecurityGroupRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:CreateSecurityGroupMetadata

    Operation.response:SecurityGroup

CreateSecurityGroupRequest

Field	Description
folder_id	string Required.
name	string
description	string
labels	map<string,string>
network_id	string Required.
rule_specs[]	SecurityGroupRuleSpec

SecurityGroupRuleSpec

Field	Description
description	string
labels	map<string,string>
direction	SecurityGroupRule.Direction Required.
ports	PortRange
protocol	oneof: protocol_name or protocol_number values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
protocol_name	string values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
protocol_number	int64 values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata	google.protobuf.Any<CreateSecurityGroupMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<SecurityGroup> if operation finished successfully.

CreateSecurityGroupMetadata

Field	Description
security_group_id	string

SecurityGroup

Field	Description
id	string
folder_id	string
created_at	google.protobuf.Timestamp
name	string
description	string
labels	map<string,string>
network_id	string
status	enum Status UPDATING: updating is a long operation because we must update all instances in SG
rules[]	SecurityGroupRule
default_for_network	bool

SecurityGroupRule

Field	Description
id	string
description	string
labels	map<string,string>
direction	enum Direction Required.
ports	PortRange
protocol_name	string null value means any protocol values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
protocol_number	int64
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

Update

rpc Update (UpdateSecurityGroupRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:UpdateSecurityGroupMetadata

    Operation.response:SecurityGroup

UpdateSecurityGroupRequest

Field	Description
security_group_id	string Required.
update_mask	google.protobuf.FieldMask
name	string
description	string
labels	map<string,string>
rule_specs[]	SecurityGroupRuleSpec all existing rules will be replaced with given list

SecurityGroupRuleSpec

Field	Description
description	string
labels	map<string,string>
direction	SecurityGroupRule.Direction Required.
ports	PortRange
protocol	oneof: protocol_name or protocol_number values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
protocol_name	string values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
protocol_number	int64 values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata	google.protobuf.Any<UpdateSecurityGroupMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<SecurityGroup> if operation finished successfully.

UpdateSecurityGroupMetadata

Field	Description
security_group_id	string
added_rule_ids[]	string

SecurityGroup

Field	Description
id	string
folder_id	string
created_at	google.protobuf.Timestamp
name	string
description	string
labels	map<string,string>
network_id	string
status	enum Status UPDATING: updating is a long operation because we must update all instances in SG
rules[]	SecurityGroupRule
default_for_network	bool

SecurityGroupRule

Field	Description
id	string
description	string
labels	map<string,string>
direction	enum Direction Required.
ports	PortRange
protocol_name	string null value means any protocol values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
protocol_number	int64
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

UpdateRules

rpc UpdateRules (UpdateSecurityGroupRulesRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:UpdateSecurityGroupMetadata

    Operation.response:SecurityGroup

UpdateSecurityGroupRulesRequest

Field	Description
security_group_id	string Required.
deletion_rule_ids[]	string
addition_rule_specs[]	SecurityGroupRuleSpec

SecurityGroupRuleSpec

Field	Description
description	string
labels	map<string,string>
direction	SecurityGroupRule.Direction Required.
ports	PortRange
protocol	oneof: protocol_name or protocol_number values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
protocol_name	string values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
protocol_number	int64 values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml null value means any protocol
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata	google.protobuf.Any<UpdateSecurityGroupMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<SecurityGroup> if operation finished successfully.

UpdateSecurityGroupMetadata

Field	Description
security_group_id	string
added_rule_ids[]	string

SecurityGroup

Field	Description
id	string
folder_id	string
created_at	google.protobuf.Timestamp
name	string
description	string
labels	map<string,string>
network_id	string
status	enum Status UPDATING: updating is a long operation because we must update all instances in SG
rules[]	SecurityGroupRule
default_for_network	bool

SecurityGroupRule

Field	Description
id	string
description	string
labels	map<string,string>
direction	enum Direction Required.
ports	PortRange
protocol_name	string null value means any protocol values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
protocol_number	int64
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

UpdateRule

update rule description or labels

rpc UpdateRule (UpdateSecurityGroupRuleRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:UpdateSecurityGroupRuleMetadata

    Operation.response:SecurityGroupRule

UpdateSecurityGroupRuleRequest

Field	Description
security_group_id	string Required.
rule_id	string Required.
update_mask	google.protobuf.FieldMask
description	string
labels	map<string,string>

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata	google.protobuf.Any<UpdateSecurityGroupRuleMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<SecurityGroupRule> if operation finished successfully.

UpdateSecurityGroupRuleMetadata

Field	Description
security_group_id	string
rule_id	string

SecurityGroupRule

Field	Description
id	string
description	string
labels	map<string,string>
direction	enum Direction Required.
ports	PortRange
protocol_name	string null value means any protocol values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
protocol_number	int64
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

Delete

rpc Delete (DeleteSecurityGroupRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:DeleteSecurityGroupMetadata

    Operation.response:google.protobuf.Empty

DeleteSecurityGroupRequest

Field	Description
security_group_id	string Required.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata	google.protobuf.Any<DeleteSecurityGroupMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<google.protobuf.Empty> if operation finished successfully.

DeleteSecurityGroupMetadata

Field	Description
security_group_id	string

Move

rpc Move (MoveSecurityGroupRequest) returns (operation.Operation)

Metadata and response of Operation:

    Operation.metadata:MoveSecurityGroupMetadata

    Operation.response:SecurityGroup

MoveSecurityGroupRequest

Field	Description
security_group_id	string Required.
destination_folder_id	string Required.

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata	google.protobuf.Any<MoveSecurityGroupMetadata> Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any<SecurityGroup> if operation finished successfully.

MoveSecurityGroupMetadata

Field	Description
security_group_id	string

SecurityGroup

Field	Description
id	string
folder_id	string
created_at	google.protobuf.Timestamp
name	string
description	string
labels	map<string,string>
network_id	string
status	enum Status UPDATING: updating is a long operation because we must update all instances in SG
rules[]	SecurityGroupRule
default_for_network	bool

SecurityGroupRule

Field	Description
id	string
description	string
labels	map<string,string>
direction	enum Direction Required.
ports	PortRange
protocol_name	string null value means any protocol values from https://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml
protocol_number	int64
target	oneof: cidr_blocks, security_group_id or predefined_target
cidr_blocks	CidrBlocks
security_group_id	string
predefined_target	string

PortRange

Field	Description
from_port	int64 Acceptable values are 0 to 65535, inclusive.
to_port	int64 Acceptable values are 0 to 65535, inclusive.

CidrBlocks

Field	Description
v4_cidr_blocks[]	string
v6_cidr_blocks[]	string

ListOperations

rpc ListOperations (ListSecurityGroupOperationsRequest) returns (ListSecurityGroupOperationsResponse)

ListSecurityGroupOperationsRequest

Field	Description
security_group_id	string Required.
page_size	int64
page_token	string

ListSecurityGroupOperationsResponse

Field	Description
operations[]	operation.Operation
next_page_token	string

Operation

Field	Description
id	string ID of the operation.
description	string Description of the operation. 0-256 characters long.
created_at	google.protobuf.Timestamp Creation timestamp.
created_by	string ID of the user or service account who initiated the operation.
modified_at	google.protobuf.Timestamp The time when the Operation resource was last modified.
done	bool If the value is false, it means the operation is still in progress. If true, the operation is completed, and either error or response is available.
metadata	google.protobuf.Any Service-specific metadata associated with the operation. It typically contains the ID of the target resource that the operation is performed on. Any method that returns a long-running operation should document the metadata type, if any.
result	oneof: error or response The operation result. If done == false and there was no failure detected, neither error nor response is set. If done == false and there was a failure detected, error is set. If done == true, exactly one of error or response is set.
error	google.rpc.Status The error result of the operation in case of failure or cancellation.
response	google.protobuf.Any The normal response of the operation in case of success. If the original method returns no data on success, such as Delete, the response is google.protobuf.Empty. If the original method is the standard Create/Update, the response should be the target resource of the operation. Any method that returns a long-running operation should document the response type, if any.