Creating an ACL Account

Function

This API is used to create an account with read/write or read-only permissions for a DCS Redis 4.0 or 5.0 instance. If the default user has enabled password-free access, normal users cannot use the instance. To allow normal users to use the instance, disable password-free access. The password of the default user of a single-node or master/standby instance cannot contain colons (:). Otherwise, normal users cannot be created.

This function is available on a whitelist basis and is disabled by default. To use this function, contact your administrator.

Calling Method

For details, see Calling APIs.

URI

POST /v2/{project_id}/instances/{instance_id}/accounts

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For details, see Obtaining a Project ID.
instance_id	Yes	String	Instance ID.

Request Parameters

**Table 2** Request body parameters
Parameter	Mandatory	Type	Description
account_name	Yes	String	Account name. Starts with a letter. Can contain only letters, digits, hyphens (-), and underscores (_). Can contain 1 to 64 characters.
account_role	Yes	String	Account permission. Options: read (read-only) and write (read/write). Enumeration values: read write
account_password	Yes	String	Account password. Can contain 8 to 64 characters. Cannot contain the username or the username spelled backwards. Must contain at least three of the following character types (colons are not allowed): Lowercase letters Uppercase letters Digits Special characters (`~!@#$%^&*()-_=+\|{},<.>/?)
description	No	String	Account description.

Response Parameters

Status code: 400

**Table 3** Response body parameters
Parameter	Type	Description
error_msg	String	Error message. Maximum: 1024
error_code	String	Error code. Maximum: 9
error_ext_msg	String	Extended error information. This parameter is not used currently and is set to null. Maximum: 1024

Status code: 401

**Table 4** Response body parameters
Parameter	Type	Description
error_msg	String	Error message. Maximum: 1024
error_code	String	Error code. Maximum: 9
error_ext_msg	String	Extended error information. This parameter is not used currently and is set to null. Maximum: 1024

Status code: 403

**Table 5** Response body parameters
Parameter	Type	Description
error_msg	String	Error message. Maximum: 1024
error_code	String	Error code. Maximum: 9
error_ext_msg	String	Extended error information. This parameter is not used currently and is set to null. Maximum: 1024

Status code: 404

**Table 6** Response body parameters
Parameter	Type	Description
error_msg	String	Error message. Maximum: 1024
error_code	String	Error code. Maximum: 9
error_ext_msg	String	Extended error information. This parameter is not used currently and is set to null. Maximum: 1024

Status code: 500

**Table 7** Response body parameters
Parameter	Type	Description
error_msg	String	Error message. Maximum: 1024
error_code	String	Error code. Maximum: 9
error_ext_msg	String	Extended error information. This parameter is not used currently and is set to null. Maximum: 1024

Example Requests

Creating a read-only ACL account named user.

POST https:///{dcs_endpoint}/v2/{project_id}/instances/{instance_id}/accounts

{
  "account_name" : "user",
  "account_role" : "read",
  "account_password" : "xxxxx"
}

Example Responses

Status code: 400

Invalid request.

{
  "error_code" : "DCS.4961",
  "error_msg" : "Acl account request param invalid."
}

SDK Sample Code

The SDK sample code is as follows.

Creating a read-only ACL account named user.

      
       
         
         
           package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.dcs.v2.region.DcsRegion;
import com.huaweicloud.sdk.dcs.v2.*;
import com.huaweicloud.sdk.dcs.v2.model.*;


public class CreateAclAccountSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        DcsClient client = DcsClient.newBuilder()
                .withCredential(auth)
                .withRegion(DcsRegion.valueOf("<YOUR REGION>"))
                .build();
        CreateAclAccountRequest request = new CreateAclAccountRequest();
        CreateAclAccountRequestBody body = new CreateAclAccountRequestBody();
        body.withAccountPassword("xxxxx");
        body.withAccountRole(CreateAclAccountRequestBody.AccountRoleEnum.fromValue("read"));
        body.withAccountName("user");
        request.withBody(body);
        try {
            CreateAclAccountResponse response = client.createAclAccount(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

          

        

      
     

Creating a read-only ACL account named user.

      
       
         
         
           # coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkdcs.v2.region.dcs_region import DcsRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkdcs.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \

    client = DcsClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(DcsRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreateAclAccountRequest()
        request.body = CreateAclAccountRequestBody(
            account_password="xxxxx",
            account_role="read",
            account_name="user"
        )
        response = client.create_acl_account(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

          

        

      
     

Creating a read-only ACL account named user.

      
       
         
         
           package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    dcs "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dcs/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dcs/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dcs/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := dcs.NewDcsClient(
        dcs.DcsClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreateAclAccountRequest{}
	request.Body = &model.CreateAclAccountRequestBody{
		AccountPassword: "xxxxx",
		AccountRole: model.GetCreateAclAccountRequestBodyAccountRoleEnum().READ,
		AccountName: "user",
	}
	response, err := client.CreateAclAccount(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

          

        

      
     

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code	Description
200	The ACL account creation task is successfully delivered.
400	Invalid request.
401	Invalid authentication information.
403	Request rejected.
404	The requested resource could not be found.
500	Internal service error.