Help Center> Identity and Access Management> API Reference> API> Security Settings> Querying the ACL for Console Access

Querying the ACL for Console Access

Function

This API is used to query the ACL for console access.

The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.

URI

GET /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/console-acl-policy

**Table 1** URI parameters
Parameter	Mandatory	Type	Description
domain_id	Yes	String	Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information.

Request Parameters

**Table 2** Parameters in the request header
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Token with Security Administrator permissions.

Response Parameters

**Table 3** Parameters in the response body
Parameter	Type	Description
console_acl_policy	object	ACL for console access.

**Table 4** console_acl_policy
Parameter	Type	Description
allow_address_netmasks	Array of objects	IPv4 CIDR blocks from which console access is allowed.
allow_ip_ranges	Array of objects	IP address ranges from which console access is allowed.

**Table 5** allow_address_netmasks
Parameter	Type	Description
address_netmask	String	IPv4 CIDR block, for example, 192.168.0.1/24.
description	String	Description about the IPv4 CIDR block.

**Table 6** allow_ip_ranges
Parameter	Type	Description
description	String	Description about an IP address range.
ip_range	String	IP address range, for example, 0.0.0.0-255.255.255.255.

Example Request

GET https://iam.myhuaweicloud.com/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/console-acl-policy

Example Response

Status code: 200

The request is successful.

{ 
  "console_acl_policy" : { 
    "allow_ip_ranges" : [ { 
      "ip_range" : "0.0.0.0-255.255.255.255", 
      "description" : "" 
    }, { 
      "ip_range" : "0.0.0.0-255.255.255.255", 
      "description" : "" 
    } ], 
    "allow_address_netmasks" : [ { 
      "address_netmask" : "192.168.0.1/24", 
      "description" : "" 
    }, { 
      "address_netmask" : "192.168.0.1/24", 
      "description" : "" 
    } ] 
  } 
}

Status code: 403

Access denied.

Example 1

{ 
   "error_msg" : "You are not authorized to perform the requested action.", 
   "error_code" : "IAM.0002" 
 }

Example 2

{ 
   "error_msg" : "Policy doesn't allow %(actions)s to be performed.", 
   "error_code" : "IAM.0003" 
 }

Status code: 404

The requested resource cannot be found.

{ 
  "error_msg" : "Could not find %(target)s: %(target_id)s.", 
  "error_code" : "IAM.0004" 
}

Status code: 500

Internal server error.

{ 
  "error_msg" : "An unexpected error prevented the server from fulfilling your request.", 
  "error_code" : "IAM.0006" 
}

Status Codes

Status Code	Description
200	The request is successful.
401	Authentication failed.
403	Access denied.
404	The requested resource cannot be found.
500	Internal server error.

Error Codes

For details, see Error Codes.

Parent topic: Security Settings

Last Article: Modifying the ACL for Console Access

Next Article: Modifying the ACL for API Access

Did this article solve your problem?

Thank you for your score！Your feedback would help us improve the website.

Products

Compute

Application

Dedicated Cloud

Storage

Management & Deployment

Migration

Network

Enterprise Intelligence

Video

Database

Edge Cloud Services

DevCloud

Security

Cloud Communications

Internet of Things

Solutions

Industry-Specific Solutions

General-Purpose Solutions

Security

DevOps

Enterprise Intelligence

Essential Platform

Big Data

Visual Cognition

Speech and Semantics

Support

Help Center

Customer Services

Developers

Console

语言 - Language

中国站 - 简体中文

中国站 - English

International - 简体中文

International - English