# Create a Custom Network Security Group

{% hint style="info" %}
**Note:** Only contract administrators, owners, and users with both permissions to the VDC concerned and `createNetworkSecurityGroups` privilege can create NSGs via API.
{% endhint %}

{% hint style="info" %}
**Prerequisite:** You need an <code class="expression">space.vars.ionos\_cloud</code> account with API credentials configured with the appropriate permissions.
{% endhint %}

{% hint style="info" %}
**Note:** The Custom NSGs can have user-created Virtual Machines (VMs) or NICs as their members, but you cannot add nodes from the Managed Kubernetes node pools or suspended Cubes.
{% endhint %}

To create a Custom NSG, you must use the following [<mark style="color:blue;">Cloud API</mark>](https://api.ionos.com/docs/cloud/v6/#tag/Data-centers) `POST` request providing the `datacenterId`and the required properties:

`POST /datacenters/{datacenterId}/securitygroups`

## Request

```bash
curl --location 'https://api.ionos.com/cloudapi/v6/datacenters/5a88aa8b-8aa1-51f6-XXd1-XXXXXe9f31/securitygroups' \
--header 'Content-Type: application/json' \
--header 'Authorization: Basic YYXabCDeFmLMO0c2hyYUBpb25vcy5jb206I1Bha2lzdGFuXzE=' \
--data '{
    "properties": {
        "name": "NSG-1",
        "description": "Description for NSG-1"
    }
}'
```

## Response

**202 Accepted**

```json
{
    "id": "bxxxx-axXX-0008-8888-99k0444e5555",
    "type": "security-group",
    "href": "https://api.ionos.com/cloudapi/v6/datacenters/5a88aa8b-8aa1-51f6-XXd1-XXXXXe9f31/securitygroups/bxxxx-axXX-0008-8888-99k0444e5555",
    "metadata": {
        "etag": "64c593ebd78b0d9da52baba4079e119d",
        "createdDate": "2024-05-17T15:11:09Z",
        "createdBy": "test.test@ionos.com",
        "createdByUserId": "XYaf0375-1c1d-4387-9ef1-6ee95d30e54a",
        "lastModifiedDate": "2024-05-17T15:11:09Z",
        "lastModifiedBy": "test.test@ionos.com",
        "lastModifiedByUserId": "XYaf0375-1c1d-4387-9ef1-6ee95d30e54a",
        "state": "BUSY"
    },
    "properties": {
        "name": "NSG-1",
        "description": "Description for NSG-1"
    }
}
```

{% hint style="info" %}
**Note:** For Cloud API, some resources are created asynchronously. You can check for the progress via the **Status URL** that is returned in the response header of the **POST** or **PUT** call.
{% endhint %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.ionos.com/cloud/security/network-security-groups/api-how-tos/create-custom-nsg.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.