> ## Documentation Index > Fetch the complete documentation index at: https://gcore.com/docs/llms.txt > Use this file to discover all available pages before exploring further. # Update security group > Updates the specified security group with the provided changes. **Behavior:** - Simple fields (name, description) will be updated if provided - Undefined fields will remain unchanged - If no change is detected for a specific field compared to the current security group state, that field will be skipped - If no changes are detected at all across all fields, no task will be created and an empty task list will be returned **Important - Security Group Rules:** - Rules must be specified completely as the desired final state - The system compares the provided rules against the current state - Rules that exist in the request but not in the current state will be added - Rules that exist in the current state but not in the request will be removed - To keep existing rules, they must be included in the request alongside any new rules ## OpenAPI ````yaml /api-reference/services_docs_mintlify/cloud_api.yaml patch /cloud/v2/security_groups/{project_id}/{region_id}/{group_id} openapi: 3.1.0 info: title: Gcore OpenAPI – Cloud API description: >- This OpenAPI is an aggregated OpenAPI specification that unifies all Gcore products into a single file. It covers Cloud, CDN, DNS, WAAP, DDoS Protection, Object Storage, Streaming, and FastEdge services. version: 2606518da447 servers: - url: https://api.gcore.com security: - APIKey: [] tags: - name: Bare Metal - name: Container as a Service - name: Cost Reports - name: DDoS Protection - name: Everywhere Inference - name: Everywhere Inference Apps - name: File Shares - name: Floating IPs - name: Function as a Service - name: GPU Bare Metal - name: GPU Virtual - name: IP Ranges - name: Images - name: Instances - name: Load Balancers - name: Logging - name: Managed Kubernetes - name: Managed PostgreSQL - name: Networks - name: Placement Groups - name: Ports - name: Projects - name: Quotas - name: Regions - name: Registry - name: Reservations - name: Reserved IPs - name: Routers - name: SSH Keys - name: Secrets - name: Security Groups - name: Snapshot Schedules - name: Snapshots - name: Tasks - name: User Actions - name: User Role Assignments - name: Volumes paths: /cloud/v2/security_groups/{project_id}/{region_id}/{group_id}: patch: tags: - Security Groups summary: Update security group description: >- Updates the specified security group with the provided changes. **Behavior:** - Simple fields (name, description) will be updated if provided - Undefined fields will remain unchanged - If no change is detected for a specific field compared to the current security group state, that field will be skipped - If no changes are detected at all across all fields, no task will be created and an empty task list will be returned **Important - Security Group Rules:** - Rules must be specified completely as the desired final state - The system compares the provided rules against the current state - Rules that exist in the request but not in the current state will be added - Rules that exist in the current state but not in the request will be removed - To keep existing rules, they must be included in the request alongside any new rules operationId: SecurityGroupInstanceViewSetV2.patch parameters: - in: path name: project_id required: true description: Project ID schema: description: Project ID example: 1 examples: - 1 title: Project Id type: integer - in: path name: region_id required: true description: Region ID schema: description: Region ID example: 1 examples: - 1 title: Region Id type: integer - in: path name: group_id required: true description: Security group ID schema: description: Security group ID example: 00000000-0000-4000-8000-000000000000 examples: - 00000000-0000-4000-8000-000000000000 format: uuid4 title: Group Id type: string requestBody: content: application/json: schema: $ref: '#/components/schemas/UpdateSecurityGroupSerializerV2' responses: '200': description: OK content: application/json: schema: $ref: '#/components/schemas/TaskIDsSerializer' components: schemas: UpdateSecurityGroupSerializerV2: properties: description: description: Security group description example: Some description examples: - Some description title: Description type: string name: description: Name example: some_name examples: - some_name pattern: ^[a-zA-Z0-9][a-zA-Z 0-9._\-]{1,61}[a-zA-Z0-9._]$ title: Name type: string rules: description: Security group rules items: $ref: '#/components/schemas/CreateSecurityGroupRuleSerializerV2' maxItems: 250 title: Rules type: array tags: anyOf: - $ref: '#/components/schemas/UpdateTagsSerializer' - type: 'null' description: >- Update key-value tags using JSON Merge Patch semantics (RFC 7386). Provide key-value pairs to add or update tags. Set tag values to `null` to remove tags. Unspecified tags remain unchanged. Read-only tags are always preserved and cannot be modified. **Examples:** - **Add/update tags:** `{'tags': {'environment': 'production', 'team': 'backend'}}` adds new tags or updates existing ones. - **Delete tags:** `{'tags': {'old_tag': null}}` removes specific tags. - **Remove all tags:** `{'tags': null}` removes all user-managed tags (read-only tags are preserved). - **Partial update:** `{'tags': {'environment': 'staging'}}` only updates specified tags. - **Mixed operations:** `{'tags': {'environment': 'production', 'cost_center': 'engineering', 'deprecated_tag': null}}` adds/updates 'environment' and 'cost_center' while removing 'deprecated_tag', preserving other existing tags. - **Replace all:** first delete existing tags with null values, then add new ones in the same request. examples: - my-tag: my-tag-value my-tag-to-remove: null title: UpdateSecurityGroupSerializerV2 type: object TaskIDsSerializer: properties: tasks: description: >- List of task IDs representing asynchronous operations. Use these IDs to monitor operation progress: - `GET /v1/tasks/{task_id}` - Check individual task status and details Poll task status until completion (`FINISHED`/`ERROR`) before proceeding with dependent operations. example: - d478ae29-dedc-4869-82f0-96104425f565 examples: - - d478ae29-dedc-4869-82f0-96104425f565 items: type: string title: Tasks type: array required: - tasks title: TaskIDsSerializer type: object CreateSecurityGroupRuleSerializerV2: properties: description: default: '' description: Rule description example: Some description examples: - Some description maxLength: 255 title: Description type: string direction: description: >- Ingress or egress, which is the direction in which the security group is applied enum: - egress - ingress example: ingress examples: - ingress title: Direction type: string ethertype: default: IPv4 description: Ether type enum: - IPv4 - IPv6 example: IPv4 examples: - IPv4 title: Ethertype type: string port_range_max: anyOf: - maximum: 65535 minimum: 0 type: integer - type: 'null' default: null description: >- The maximum port number in the range that is matched by the security group rule examples: - 80 title: Port Range Max port_range_min: anyOf: - maximum: 65535 minimum: 0 type: integer - type: 'null' default: null description: >- The minimum port number in the range that is matched by the security group rule examples: - 80 title: Port Range Min protocol: anyOf: - $ref: '#/components/schemas/SecurityGroupProtocolEnumV2' - type: 'null' default: null description: Protocol. Use null for all protocols. examples: - tcp remote_group_id: anyOf: - format: uuid4 type: string - type: 'null' default: null description: The remote group UUID to associate with this security group examples: - 00000000-0000-4000-8000-000000000000 title: Remote Group Id remote_ip_prefix: anyOf: - format: ipvanynetwork type: string - type: 'null' default: null description: The remote IP prefix that is matched by this security group rule examples: - 10.0.0.0/8 title: Remote Ip Prefix required: - direction title: CreateSecurityGroupRuleSerializerV2 type: object UpdateTagsSerializer: propertyNames: description: >- Tag key. Maximum 255 characters. Cannot contain spaces, tabs, newlines, empty string or '=' character. Trailing or leading whitespaces will be stripped. examples: - my-tag maxLength: 255 minLength: 1 pattern: ^[^\s=]+$ title: UpdateTagsSerializer type: object additionalProperties: anyOf: - maxLength: 255 minLength: 1 pattern: ^[^ \t\n\r\f\v]([^\t\n\r\f\v]*[^ \t\n\r\f\v])?$ type: string - type: 'null' description: >- Tag value. Maximum 255 characters. Cannot contain tabs, newlines, empty string or start/end with whitespace. Trailing or leading whitespaces will be stripped. Set to `null` in order to delete this tag. examples: - my-tag-value SecurityGroupProtocolEnumV2: description: V2 protocol enum without 'any'. Use null for all protocols instead. enum: - ah - dccp - egp - esp - gre - icmp - igmp - ipencap - ipip - ipv6-encap - ipv6-frag - ipv6-icmp - ipv6-nonxt - ipv6-opts - ipv6-route - ospf - pgm - rsvp - sctp - tcp - udp - udplite - vrrp title: SecurityGroupProtocolEnumV2 type: string securitySchemes: APIKey: description: >- API key for authentication. Make sure to include the word `apikey`, followed by a single space and then your token. Example: `apikey 1234$abcdef` type: apiKey in: header name: Authorization ````