Creating an Access Control Policy
Function
This API is used to create an access control policy to allow or deny API access from certain IP addresses or tenants. The acl_value value of a domain is a tenant name rather than a domain name (such as www.exampleDomain.com).
Calling Method
For details, see Calling APIs.
URI
POST /v2/{project_id}/apigw/instances/{instance_id}/acls
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
project_id |
Yes |
String |
Project ID. For details about how to obtain it, see Obtaining a Project ID. |
instance_id |
Yes |
String |
Gateway ID, which can be obtained from the gateway information on the APIG console. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
User token. It can be obtained by calling the IAM API used to obtain a user token. The value of X-Subject-Token in the response header is a token. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
acl_name |
Yes |
String |
Access control policy name. It can contain 3 to 64 characters, starting with a letter. Only letters, digits, and underscores (_) are allowed. |
acl_type |
Yes |
String |
Type.
|
acl_value |
Yes |
String |
One or more objects from which the access will be controlled. Separate multiple objects with commas.
|
entity_type |
Yes |
String |
Object type.
|
Response Parameters
Status code: 201
Parameter |
Type |
Description |
---|---|---|
acl_name |
String |
Name. |
acl_type |
String |
Type.
|
acl_value |
String |
Access control objects. |
entity_type |
String |
Object type.
|
id |
String |
ID. |
update_time |
String |
Update time. |
Status code: 400
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 401
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 403
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 404
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Status code: 500
Parameter |
Type |
Description |
---|---|---|
error_code |
String |
Error code. |
error_msg |
String |
Error message. |
Example Requests
Creating an access control policy to allow access from specified IP addresses
{ "acl_name" : "acl_demo", "acl_type" : "PERMIT", "acl_value" : "192.168.1.5,192.168.10.1", "entity_type" : "IP" }
Example Responses
Status code: 201
Created
{ "id" : "7eb619ecf2a24943b099833cd24a01ba", "acl_name" : "acl_demo", "entity_type" : "IP", "acl_type" : "PERMIT", "acl_value" : "192.168.1.5,192.168.10.1", "update_time" : "2020-08-04T08:42:43.461276217Z" }
Status code: 400
Bad Request
{ "error_code" : "APIG.2011", "error_msg" : "Invalid parameter value,parameterName:acl_type. Please refer to the support documentation" }
Status code: 401
Unauthorized
{ "error_code" : "APIG.1002", "error_msg" : "Incorrect token or token resolution failed" }
Status code: 403
Forbidden
{ "error_code" : "APIG.1005", "error_msg" : "No permissions to request this method" }
Status code: 404
Not Found
{ "error_code" : "APIG.3030", "error_msg" : "The instance does not exist;id:eddc4d25480b4cd6b512f270a1b8b341" }
Status code: 500
Internal Server Error
{ "error_code" : "APIG.9999", "error_msg" : "System error" }
Status Codes
Status Code |
Description |
---|---|
201 |
Created |
400 |
Bad Request |
401 |
Unauthorized |
403 |
Forbidden |
404 |
Not Found |
500 |
Internal Server Error |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot