Modifying the ACL for Console Access
Function
This API is used by the administrator to modify the ACL for console access. The change will be applied to all IAM users and federated users (SP initiated) of the account.
The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
Debugging
You can debug this API in API Explorer.
URI
PUT /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/console-acl-policy
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
domain_id |
Yes |
String |
Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
Yes |
object |
ACL for console access. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
No |
Array of objects |
IPv4 address or CIDR block from which access is allowed. Specify either allow_address_netmasks or allow_ip_ranges. |
|
No |
Array of objects |
IPv4 address range from which access is allowed. Specify either allow_address_netmasks or allow_ip_ranges. |
|
No |
Array of objects |
IPv6 address or CIDR block from which access is allowed. Specify either allow_address_netmasks_ipv6 and allow_ip_ranges_ipv6. |
|
No |
Array of objects |
IPv6 address range from which API access is allowed. Specify either allow_address_netmasks_ipv6 or allow_ip_ranges_ipv6. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
address_netmask |
Yes |
String |
IPv4 address or CIDR block, for example, 192.168.0.1/24. |
description |
No |
String |
Description of an IP address or CIDR block. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
description |
No |
String |
Description of an IP address range. |
ip_range |
Yes |
String |
IPv4 address range, for example, 0.0.0.0-255.255.255.255. |
Response Parameters
Parameter |
Type |
Description |
---|---|---|
object |
ACL for console access. |
Parameter |
Type |
Description |
---|---|---|
Array of objects |
IPv4 address or CIDR block from which access is allowed. This parameter is only returned when an IPv4 address range or CIDR block from which access is allowed is specified. |
|
Array of objects |
IPv4 address range from which access is allowed. This parameter is only returned when an IPv4 address range from which access is allowed is specified. |
|
Array of objects |
IPv6 address or CIDR block from which access is allowed. This parameter is only returned when an IPv6 address range or CIDR block from which access is allowed is specified. |
|
Array of objects |
IPv6 address range from which access is allowed. This parameter is only returned when an IPv6 address range from which access is allowed is specified. |
Parameter |
Type |
Description |
---|---|---|
address_netmask |
String |
IPv4 address or CIDR block, for example, 192.168.0.1/24. |
description |
String |
Description of an IPv4 address or CIDR block. |
Parameter |
Type |
Description |
---|---|---|
description |
String |
Description of an IPv4 address range. |
ip_range |
String |
IPv4 address range, for example, 0.0.0.0-255.255.255.255. |
Parameter |
Type |
Description |
---|---|---|
address_netmask |
String |
IPv6 address or CIDR block, for example, 0000:0000:0000:0000:0000:0000:0000:0000/100. |
description |
String |
Description of an IP address or CIDR block. |
Parameter |
Type |
Description |
---|---|---|
description |
String |
Description |
ip_range |
String |
IPv6 address range, for example, 0000:0000:0000:0000:0000:0000:0000:0000-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF. |
Example Request
PUT https://iam.myhuaweicloud.com/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/console-acl-policy
{
"console_acl_policy": {
"allow_ip_ranges": [{
"ip_range": "0.0.0.0-255.255.255.255",
"description": "IPv4 address range"
}],
"allow_ip_ranges_ipv6": [{
"ip_range": "0000:0000:0000:0000:0000:0000:0000:0000-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF",
"description": "IPv6 address range"
}],
"allow_address_netmasks": [{
"address_netmask": "192.168.0.1/24",
"description": "IPv4 address or CIDR block"
}],
"allow_address_netmasks_ipv6": [{
"address_netmask": "0000:0000:0000:0000:0000:0000:0000:0000/100",
"description": "IPv6 address or CIDR block"
}]
}
}
Example Response
Status code: 200
The request is successful.
"console_acl_policy": { "allow_ip_ranges": [{ "ip_range": "0.0.0.0-255.255.255.255", "description": "IPv4 address range" }], "allow_ip_ranges_ipv6": [{ "ip_range": "0000:0000:0000:0000:0000:0000:0000:0000-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF", "description": "IPv6 address range" }], "allow_address_netmasks": [{ "address_netmask": "192.168.0.1/24", "description": "IPv4 address or CIDR block" }], "allow_address_netmasks_ipv6": [{ "address_netmask": "0000:0000:0000:0000:0000:0000:0000:0000/100", "description": "IPv6 address or CIDR block" }] }
Status code: 400
The request body is abnormal.
- Example 1
{ "error_msg" : "'%(key)s' is a required property.", "error_code" : "IAM.0072" }
- Example 2
{ "error_msg" : "Invalid input for field '%(key)s'. The value is '%(value)s'.", "error_code" : "IAM.0073" }
Status code: 500
The system is abnormal.
{ "error_msg" : "An unexpected error prevented the server from fulfilling your request.", "error_code" : "IAM.0006" }
Status Codes
Status Code |
Description |
---|---|
200 |
The request is successful. |
400 |
The request body is abnormal. |
401 |
Authentication failed. |
403 |
Access denied. |
500 |
The system is abnormal. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot