Modifying the ACL for API Access
Function
This API is provided for the administrator to modify the ACL for API access.
The API can be called using both the global endpoint and region-specific endpoints.
URI
PUT /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/api-acl-policy
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
domain_id |
Yes |
String |
Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
Yes |
object |
ACL for API access. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
No |
Array of objects |
IPv4 CIDR blocks from which API access is allowed. Set either allow_address_netmasks or allow_ip_ranges. |
|
No |
Array of objects |
IP address ranges from which API access is allowed. Set either allow_address_netmasks or allow_ip_ranges. |
Response Parameters
Parameter |
Type |
Description |
---|---|---|
object |
ACL for API access. |
Parameter |
Type |
Description |
---|---|---|
objects |
IPv4 CIDR blocks from which API access is allowed. |
|
objects |
IP address ranges from which API access is allowed. |
Parameter |
Type |
Description |
---|---|---|
address_netmask |
String |
IPv4 CIDR block, for example, 192.168.0.1/24. |
description |
String |
Description about the IPv4 CIDR block. |
Parameter |
Type |
Description |
---|---|---|
description |
String |
Description about an IP address range. |
ip_range |
String |
IP address range, for example, 0.0.0.0-255.255.255.255. |
Example Request
Request for modifying the API access policy to only allow API access from IP address range 0.0.0.0-255.255.255.255
PUT https://iam.myhuaweicloud.eu/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/api-acl-policy
{
"api_acl_policy" : {
"allow_ip_ranges" : [ {
"ip_range" : "0.0.0.0-255.255.255.255",
"description" : "1"
}, {
"ip_range" : "0.0.0.0-255.255.255.253",
"description" : "12"
} ],
"allow_address_netmasks" : [ {
"address_netmask" : "192.168.0.1/24",
"description" : "3"
}, {
"address_netmask" : "192.168.0.2/23",
"description" : "4"
} ]
}
}
Example Response
Status code: 200
The request is successful.
{ "api_acl_policy" : { "allow_ip_ranges" : [ { "ip_range" : "0.0.0.0-255.255.255.255", "description" : "" }, { "ip_range" : "0.0.0.0-255.255.255.255", "description" : "" } ], "allow_address_netmasks" : [ { "address_netmask" : "192.168.0.1/24", "description" : "" }, { "address_netmask" : "192.168.0.1/24", "description" : "" } ] } }
Status code: 400
The request body is abnormal.
- Example 1
{ "error_msg" : "'%(key)s' is a required property.", "error_code" : "IAM.0072" }
- Example 2
{ "error_msg" : "Invalid input for field '%(key)s'. The value is '%(value)s'.", "error_code" : "IAM.0073" }
Status code: 500
The system is abnormal.
{ "error_msg" : "An unexpected error prevented the server from fulfilling your request.", "error_code" : "IAM.0006" }
Status Codes
Status Code |
Description |
---|---|
200 |
The request is successful. |
400 |
The request body is abnormal. |
401 |
Authentication failed. |
403 |
Access denied. |
500 |
The system is abnormal. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.