Creating an Access Control Policy
Function
This API is used to create an access control policy to allow or deny API access from certain IP addresses or tenants. The acl_value value of a domain is a tenant name rather than a domain name (such as www.exampleDomain.com).
URI
POST /v2/{project_id}/apigw/instances/{instance_id}/acls
Parameter | Mandatory | Type | Description |
|---|---|---|---|
project_id | Yes | String | Project ID. For details about how to obtain a project ID, see "Appendix" > "Obtaining a Project ID" in this document. |
instance_id | Yes | String | Gateway ID, which can be obtained from the gateway information on the APIG console. |
Request Parameters
Parameter | Mandatory | Type | Description |
|---|---|---|---|
X-Auth-Token | Yes | String | User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token. |
Parameter | Mandatory | Type | Description |
|---|---|---|---|
acl_name | Yes | String | Access control policy name. It can contain 3 to 64 characters, starting with a letter. Only letters, digits, and underscores (_) are allowed. |
acl_type | Yes | String | Type.
Enumeration values:
|
acl_value | Yes | String | One or more objects from which the access will be controlled. Separate multiple objects with commas. |
entity_type | Yes | String | Object type.
Enumeration values:
|
Response Parameters
Status code: 201
Parameter | Type | Description |
|---|---|---|
acl_name | String | Name. |
acl_type | String | Type.
|
acl_value | String | Access control objects. |
entity_type | String | Object type.
|
id | String | ID. |
update_time | String | Update time. |
Status code: 400
Parameter | Type | Description |
|---|---|---|
error_code | String | Error code. |
error_msg | String | Error message. |
Status code: 401
Parameter | Type | Description |
|---|---|---|
error_code | String | Error code. |
error_msg | String | Error message. |
Status code: 403
Parameter | Type | Description |
|---|---|---|
error_code | String | Error code. |
error_msg | String | Error message. |
Status code: 404
Parameter | Type | Description |
|---|---|---|
error_code | String | Error code. |
error_msg | String | Error message. |
Status code: 500
Parameter | Type | Description |
|---|---|---|
error_code | String | Error code. |
error_msg | String | Error message. |
Example Requests
{
"acl_name" : "acl_demo",
"acl_type" : "PERMIT",
"acl_value" : "192.168.1.5,192.168.10.1",
"entity_type" : "IP"
} Example Responses
Status code: 201
Created
{
"id" : "7eb619ecf2a24943b099833cd24a01ba",
"acl_name" : "acl_demo",
"entity_type" : "IP",
"acl_type" : "PERMIT",
"acl_value" : "192.168.1.5,192.168.10.1",
"update_time" : "2020-08-04T08:42:43.461276217Z"
} Status code: 400
Bad Request
{
"error_code" : "APIG.2011",
"error_msg" : "Invalid parameter value,parameterName:acl_type. Please refer to the support documentation"
} Status code: 401
Unauthorized
{
"error_code" : "APIG.1002",
"error_msg" : "Incorrect token or token resolution failed"
} Status code: 403
Forbidden
{
"error_code" : "APIG.1005",
"error_msg" : "No permissions to request this method"
} Status code: 404
Not Found
{
"error_code" : "APIG.3030",
"error_msg" : "The instance does not exist;id:eddc4d25480b4cd6b512f270a1b8b341"
} Status code: 500
Internal Server Error
{
"error_code" : "APIG.9999",
"error_msg" : "System error"
} Status Codes
Status Code | Description |
|---|---|
201 | Created |
400 | Bad Request |
401 | Unauthorized |
403 | Forbidden |
404 | Not Found |
500 | Internal Server Error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.
