Modifying the ACL for API Access
Function
This API is provided for the administrator to modify the ACL for API access. The change will be applied for all IAM users and federated users (SP initiated) of the account.
The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
Debugging
You can debug this API in API Explorer.
URI
PUT /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/api-acl-policy
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
domain_id |
Yes |
String |
Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
X-Auth-Token |
Yes |
String |
Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
Yes |
object |
ACL for API access. |
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
No |
Array of objects |
IP address CIDR blocks from which API access is allowed. Specify either allow_address_netmasks or allow_ip_ranges. |
|
|
No |
Array of objects |
IP address ranges from which API access is allowed. Specify either allow_address_netmasks or allow_ip_ranges. |
Response Parameters
|
Parameter |
Type |
Description |
|---|---|---|
|
object |
ACL for API access. |
|
Parameter |
Type |
Description |
|---|---|---|
|
objects |
IP address CIDR blocks from which API access is allowed. This parameter is only returned when an IP address range or CIDR block from which API access is allowed is specified. |
|
|
objects |
IP address ranges from which API access is allowed. This parameter is only returned when an IP address range from which API access is allowed is specified. |
|
Parameter |
Type |
Description |
|---|---|---|
|
address_netmask |
String |
IP address CIDR block, for example, 192.168.0.1/24. |
|
description |
String |
Description of an IP address CIDR block. |
|
Parameter |
Type |
Description |
|---|---|---|
|
description |
String |
Description of an IP address range. |
|
ip_range |
String |
IP address range, for example, 0.0.0.0-255.255.255.255. |
Example Request
Request for modifying the API access policy to only allow API access from IP address range 0.0.0.0-255.255.255.255
PUT https://iam.myhuaweicloud.com/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/api-acl-policy
{
"api_acl_policy": {
"allow_ip_ranges": [
{
"description": "2",
"ip_range": "0.0.0.0-255.255.255.255"
}
]
}
}
Example Response
Status code: 200
The request is successful.
{
"api_acl_policy": {
"allow_ip_ranges": [
{
"ip_range": "0.0.0.0-255.255.255.255",
"description": "2"
}
]
}
}
Status code: 400
The request body is abnormal.
- Example 1
{
"error_msg" : "'%(key)s' is a required property.",
"error_code" : "IAM.0072"
}
- Example 2
{
"error_msg" : "Invalid input for field '%(key)s'. The value is '%(value)s'.",
"error_code" : "IAM.0073"
}
Status code: 500
The system is abnormal.
{
"error_msg" : "An unexpected error prevented the server from fulfilling your request.",
"error_code" : "IAM.0006"
}
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
The request is successful. |
|
400 |
The request body is abnormal. |
|
401 |
Authentication failed. |
|
403 |
Access denied. |
|
500 |
The system is abnormal. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
