## 8.5.2 AddSecurityGroup Method

This Method is used to add a SecurityGroupType Object to the SecurityGroupFolderType Object.

The Client shall be authorized to modify the configuration for the SKS functionality and shall use at least a signed communication channel when invoking this Method on the Server.

Signature

AddSecurityGroup (
[in]	String	SecurityGroupName,
[in]	String	SecurityPolicyUri,
[in]	UInt32	MaxFutureKeyCount,
[in]	UInt32	MaxPastKeyCount,
[out]	String	SecurityGroupId,
[out]	NodeId	SecurityGroupNodeId
);


Argument Description
SecurityGroupName Name of the SecurityGroup to add.
KeyLifetime    The lifetime of a key in milliseconds.If 0 is passed in, the SKS sets the default KeyLifetime. If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the KeyLifetime of the created SecurityGroup.
SecurityPolicyUri    The SecurityPolicy used for the SecurityGroup. If a null or empty String is passed in, the SKS sets the default SecurityPolicyUri. If the SecurityPolicyUri is not known to the SKS, Bad_InvalidArgument shall be returned.
MaxFutureKeyCount    The maximum number of future keys returned by the Method GetSecurityKeys.If 0 is passed in, the SKS sets the default MaxFutureKeyCount. If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the MaxFutureKeyCount of the created SecurityGroup.
MaxPastKeyCount    The maximum number of historical keys stored by the SKS.If the requested value exceeds the limits defined by the SKS, the value is adjusted by the SKS. The caller should get the revised value by reading the MaxPastKeyCount of the created SecurityGroup.
SecurityGroupId The identifier for the SecurityGroup.
SecurityGroupNodeId The NodeId of the added SecurityGroupType Object.

Method Result Codes

ResultCode Description
Bad_NodeIdExists A SecurityGroup with the name already exists.
Bad_InvalidArgument The SecurityPolicyUri is not supported by the SKS.
Bad_UserAccessDenied The Session user is not allowed to configure the object.
Bad_SecurityModeInsufficient The communication channel is not using signing.