> ## Documentation Index > Fetch the complete documentation index at: https://gcore.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Create security group rule > Add a new rule to an existing security group. Returns a task ID for tracking the asynchronous operation. ## OpenAPI ````yaml /api-reference/services_documented/cloud_api.yaml post /cloud/v2/security_groups/{project_id}/{region_id}/{group_id}/rules openapi: 3.1.0 info: title: Gcore OpenAPI – Cloud API description: >- This OpenAPI is an aggregated OpenAPI specification that unifies all Gcore products into a single file. It covers Cloud, CDN, DNS, WAAP, DDoS Protection, Object Storage, Streaming, and FastEdge services. version: '2026-05-15T06:37:28.230198+00:00' servers: - url: https://api.gcore.com security: - APIKey: [] tags: - name: Bare Metal x-displayName: Bare Metal - name: Container as a Service x-displayName: Container as a Service - name: Cost Reports x-displayName: Cost Reports - name: DDoS Protection x-displayName: DDoS Protection - name: Everywhere Inference x-displayName: Everywhere Inference - name: Everywhere Inference Apps x-displayName: Everywhere Inference Apps - name: File Shares x-displayName: File Shares - name: Floating IPs x-displayName: Floating IPs - name: Function as a Service x-displayName: Function as a Service - name: GPU Bare Metal x-displayName: GPU Bare Metal - name: GPU Virtual x-displayName: GPU Virtual - name: IP Ranges x-displayName: IP Ranges - name: Images x-displayName: Images - name: Instances x-displayName: Instances - name: Load Balancers x-displayName: Load Balancers - name: Logging x-displayName: Logging - name: Managed Kubernetes x-displayName: Managed Kubernetes - name: Managed PostgreSQL x-displayName: Managed PostgreSQL - name: Networks x-displayName: Networks - name: Placement Groups x-displayName: Placement Groups - name: Projects x-displayName: Projects - name: Quotas x-displayName: Quotas - name: Regions x-displayName: Regions - name: Registry x-displayName: Registry - name: Reservations x-displayName: Reservations - name: Reserved IPs x-displayName: Reserved IPs - name: Routers x-displayName: Routers - name: SSH Keys x-displayName: SSH Keys - name: Secrets x-displayName: Secrets - name: Security Groups x-displayName: Security Groups - name: Snapshot Schedules x-displayName: Snapshot Schedules - name: Snapshots x-displayName: Snapshots - name: Tasks x-displayName: Tasks - name: User Actions x-displayName: User Actions - name: User Role Assignments x-displayName: User Role Assignments - name: Volumes x-displayName: Volumes paths: /cloud/v2/security_groups/{project_id}/{region_id}/{group_id}/rules: post: tags: - Security Groups summary: Create security group rule description: |- Add a new rule to an existing security group. Returns a task ID for tracking the asynchronous operation. operationId: SecurityGroupRulesViewSetV2.post parameters: - in: path name: project_id required: true description: Project ID schema: description: Project ID example: 1 examples: - 1 title: Project Id type: integer - in: path name: region_id required: true description: Region ID schema: description: Region ID example: 1 examples: - 1 title: Region Id type: integer - in: path name: group_id required: true description: Security group ID schema: description: Security group ID example: 00000000-0000-4000-8000-000000000000 examples: - 00000000-0000-4000-8000-000000000000 format: uuid4 title: Group Id type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/CreateSecurityGroupRuleSerializerV2' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/TaskIDsSerializer' x-codeSamples: - lang: Python source: |- import os from gcore import Gcore client = Gcore( api_key=os.environ.get("GCORE_API_KEY"), # This is the default and can be omitted ) task_id_list = client.cloud.security_groups.rules.create( group_id="00000000-0000-4000-8000-000000000000", project_id=1, region_id=1, direction="ingress", ) print(task_id_list.tasks) - lang: Go source: "package main\n\nimport (\n\t\"context\"\n\t\"fmt\"\n\n\t\"github.com/G-Core/gcore-go\"\n\t\"github.com/G-Core/gcore-go/cloud\"\n\t\"github.com/G-Core/gcore-go/option\"\n)\n\nfunc main() {\n\tclient := gcore.NewClient(\n\t\toption.WithAPIKey(\"My API Key\"),\n\t)\n\ttaskIDList, err := client.Cloud.SecurityGroups.Rules.New(\n\t\tcontext.TODO(),\n\t\t\"00000000-0000-4000-8000-000000000000\",\n\t\tcloud.SecurityGroupRuleNewParams{\n\t\t\tProjectID: gcore.Int(1),\n\t\t\tRegionID: gcore.Int(1),\n\t\t\tDirection: cloud.SecurityGroupRuleNewParamsDirectionIngress,\n\t\t},\n\t)\n\tif err != nil {\n\t\tpanic(err.Error())\n\t}\n\tfmt.Printf(\"%+v\\n\", taskIDList.Tasks)\n}\n" components: schemas: CreateSecurityGroupRuleSerializerV2: properties: description: description: Rule description example: Some description examples: - Some description maxLength: 255 title: Description type: string direction: description: >- Ingress or egress, which is the direction in which the security group is applied enum: - egress - ingress example: ingress examples: - ingress title: Direction type: string ethertype: description: Ether type enum: - IPv4 - IPv6 example: IPv4 examples: - IPv4 title: Ethertype type: string port_range_max: anyOf: - maximum: 65535 minimum: 0 type: integer - type: 'null' description: >- The maximum port number in the range that is matched by the security group rule examples: - 80 title: Port Range Max port_range_min: anyOf: - maximum: 65535 minimum: 0 type: integer - type: 'null' description: >- The minimum port number in the range that is matched by the security group rule examples: - 80 title: Port Range Min protocol: anyOf: - $ref: '#/components/schemas/SecurityGroupProtocolEnumV2' - type: 'null' description: Protocol. Use null for all protocols. examples: - tcp remote_group_id: description: The remote group UUID to associate with this security group example: 00000000-0000-4000-8000-000000000000 examples: - 00000000-0000-4000-8000-000000000000 format: uuid4 title: Remote Group Id type: string remote_ip_prefix: anyOf: - format: ipvanynetwork type: string - type: 'null' description: The remote IP prefix that is matched by this security group rule examples: - 10.0.0.0/8 title: Remote Ip Prefix required: - direction title: CreateSecurityGroupRuleSerializerV2 type: object TaskIDsSerializer: properties: tasks: description: >- List of task IDs representing asynchronous operations. Use these IDs to monitor operation progress: - `GET /v1/tasks/{task_id}` - Check individual task status and details Poll task status until completion (`FINISHED`/`ERROR`) before proceeding with dependent operations. example: - d478ae29-dedc-4869-82f0-96104425f565 examples: - - d478ae29-dedc-4869-82f0-96104425f565 items: type: string title: Tasks type: array required: - tasks title: TaskIDsSerializer type: object SecurityGroupProtocolEnumV2: description: V2 protocol enum without 'any'. Use null for all protocols instead. enum: - ah - dccp - egp - esp - gre - icmp - igmp - ipencap - ipip - ipv6-encap - ipv6-frag - ipv6-icmp - ipv6-nonxt - ipv6-opts - ipv6-route - ospf - pgm - rsvp - sctp - tcp - udp - udplite - vrrp title: SecurityGroupProtocolEnumV2 type: string securitySchemes: APIKey: description: >- API key for authentication. Make sure to include the word `apikey`, followed by a single space and then your token. Example: `apikey 1234$abcdef` type: apiKey in: header name: Authorization ````