Creating an Access Control Policy
Function
This API is used to create an access control policy to allow or deny API access from certain IP addresses or tenants. The acl_value value of a domain is a tenant name rather than a domain name (such as www.exampleDomain.com).
URI
POST /v2/{project_id}/apigw/instances/{instance_id}/acls
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID. For details about how to obtain a project ID, see "Appendix" > "Obtaining a Project ID" in this document. |
instance_id |
Yes |
String |
Gateway ID, which can be obtained from the gateway information on the APIG console. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
acl_name |
Yes |
String |
Access control policy name. It can contain 3 to 64 characters, starting with a letter. Only letters, digits, and underscores (_) are allowed. |
acl_type |
Yes |
String |
Type.
Enumeration values:
|
acl_value |
Yes |
String |
One or more objects from which the access will be controlled. Separate multiple objects with commas. |
entity_type |
Yes |
String |
Object type.
Enumeration values:
|
Response Parameters
Status code: 201
Parameter |
Type |
Description |
---|---|---|
acl_name |
String |
Name. |
acl_type |
String |
Type.
|
acl_value |
String |
Access control objects. |
entity_type |
String |
Object type.
|
id |
String |
ID. |
update_time |
String |
Update time. |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 401
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 403
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 404
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 500
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Example Requests
{ "acl_name" : "acl_demo", "acl_type" : "PERMIT", "acl_value" : "192.168.1.5,192.168.10.1", "entity_type" : "IP" }
Example Responses
Status code: 201
Created
{ "id" : "7eb619ecf2a24943b099833cd24a01ba", "acl_name" : "acl_demo", "entity_type" : "IP", "acl_type" : "PERMIT", "acl_value" : "192.168.1.5,192.168.10.1", "update_time" : "2020-08-04T08:42:43.461276217Z" }
Status code: 400
Bad Request
{ "error_code" : "APIG.2011", "error_msg" : "Invalid parameter value,parameterName:acl_type. Please refer to the support documentation" }
Status code: 401
Unauthorized
{ "error_code" : "APIG.1002", "error_msg" : "Incorrect token or token resolution failed" }
Status code: 403
Forbidden
{ "error_code" : "APIG.1005", "error_msg" : "No permissions to request this method" }
Status code: 404
Not Found
{ "error_code" : "APIG.3030", "error_msg" : "The instance does not exist;id:eddc4d25480b4cd6b512f270a1b8b341" }
Status code: 500
Internal Server Error
{ "error_code" : "APIG.9999", "error_msg" : "System error" }
Status Codes
Status Code |
Description |
---|---|
201 |
Created |
400 |
Bad Request |
401 |
Unauthorized |
403 |
Forbidden |
404 |
Not Found |
500 |
Internal Server Error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.