Modifying Kafka Access Modes
Function
This API is used to modify private or public access for Kafka.
Calling Method
For details, see Calling APIs.
URI
POST /v2/{project_id}/{engine}/instances/{instance_id}/plain-ssl-switch
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
project_id |
Yes |
String |
Project ID. For details, see Obtaining a Project ID. |
|
engine |
Yes |
String |
Message engine. |
|
instance_id |
Yes |
String |
Instance ID. |
Request Parameters
|
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
|
protocol |
No |
String |
Access modes to be enabled or disabled. |
|
enable |
No |
Boolean |
|
|
user_name |
No |
String |
Username is required when SASL is enabled for the first time. After an instance is created, disabling SASL does not delete the created user. Enabling SASL again does not require the username and an entered username will be invalid. |
|
pass_word |
No |
String |
Password is required when SASL is enabled for the first time. |
|
sasl_enabled_mechanisms |
No |
Array of strings |
Authentication mechanism used after SASL is enabled. Validated only when SASL is enabled for the first time. Reuses are invalid.
|
Response Parameters
Status code: 200
|
Parameter |
Type |
Description |
|---|---|---|
|
job_id |
String |
Background task ID. |
|
protocol |
String |
Enabling or disabling the Kafka access mode. |
|
enable |
Boolean |
Enablement or disablement. |
Example Requests
Requiring the username and password when SASL_SSL is enabled for the first time
POST https://{endpoint}/v2/{project_id}/{engine}/instances/{instance_id}/plain-ssl-switch
{
"protocol" : "private_sasl_ssl_enable",
"enable" : true,
"user_name" : "root",
"pass_word" : "password",
"sasl_enabled_mechanisms" : [ "SCRAM-SHA-512", "PLAIN" ]
}
Example Responses
Status code: 200
Successful
{
"job_id" : "ff8080828bdc0f64018bdcadfd8f00d7",
"protocol" : "private_plain_enable",
"enable" : true
}
SDK Sample Code
The SDK sample code is as follows.
Requiring the username and password when SASL_SSL is enabled for the first time
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.kafka.v2.region.KafkaRegion; import com.huaweicloud.sdk.kafka.v2.*; import com.huaweicloud.sdk.kafka.v2.model.*; import java.util.List; import java.util.ArrayList; public class UpdateKafkaPortProtocolSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); KafkaClient client = KafkaClient.newBuilder() .withCredential(auth) .withRegion(KafkaRegion.valueOf("<YOUR REGION>")) .build(); UpdateKafkaPortProtocolRequest request = new UpdateKafkaPortProtocolRequest(); request.withEngine(UpdateKafkaPortProtocolRequest.EngineEnum.fromValue("{engine}")); request.withInstanceId("{instance_id}"); PlainSslEnableRequest body = new PlainSslEnableRequest(); List<PlainSslEnableRequest.SaslEnabledMechanismsEnum> listbodySaslEnabledMechanisms = new ArrayList<>(); listbodySaslEnabledMechanisms.add(PlainSslEnableRequest.SaslEnabledMechanismsEnum.fromValue("SCRAM-SHA-512")); listbodySaslEnabledMechanisms.add(PlainSslEnableRequest.SaslEnabledMechanismsEnum.fromValue("PLAIN")); body.withSaslEnabledMechanisms(listbodySaslEnabledMechanisms); body.withPassWord("password"); body.withUserName("root"); body.withEnable(true); body.withProtocol(PlainSslEnableRequest.ProtocolEnum.fromValue("private_sasl_ssl_enable")); request.withBody(body); try { UpdateKafkaPortProtocolResponse response = client.updateKafkaPortProtocol(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Requiring the username and password when SASL_SSL is enabled for the first time
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkkafka.v2.region.kafka_region import KafkaRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkkafka.v2 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = KafkaClient.new_builder() \ .with_credentials(credentials) \ .with_region(KafkaRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateKafkaPortProtocolRequest() request.engine = "{engine}" request.instance_id = "{instance_id}" listSaslEnabledMechanismsbody = [ "SCRAM-SHA-512", "PLAIN" ] request.body = PlainSslEnableRequest( sasl_enabled_mechanisms=listSaslEnabledMechanismsbody, pass_word="password", user_name="root", enable=True, protocol="private_sasl_ssl_enable" ) response = client.update_kafka_port_protocol(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Requiring the username and password when SASL_SSL is enabled for the first time
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" kafka "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/kafka/v2" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/kafka/v2/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/kafka/v2/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := kafka.NewKafkaClient( kafka.KafkaClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateKafkaPortProtocolRequest{} request.Engine = model.GetUpdateKafkaPortProtocolRequestEngineEnum().ENGINE request.InstanceId = "{instance_id}" var listSaslEnabledMechanismsbody = []model.PlainSslEnableRequestSaslEnabledMechanisms{ model.GetPlainSslEnableRequestSaslEnabledMechanismsEnum().SCRAM_SHA_512, model.GetPlainSslEnableRequestSaslEnabledMechanismsEnum().PLAIN, } passWordPlainSslEnableRequest:= "password" userNamePlainSslEnableRequest:= "root" enablePlainSslEnableRequest:= true protocolPlainSslEnableRequest:= model.GetPlainSslEnableRequestProtocolEnum().PRIVATE_SASL_SSL_ENABLE request.Body = &model.PlainSslEnableRequest{ SaslEnabledMechanisms: &listSaslEnabledMechanismsbody, PassWord: &passWordPlainSslEnableRequest, UserName: &userNamePlainSslEnableRequest, Enable: &enablePlainSslEnableRequest, Protocol: &protocolPlainSslEnableRequest, } response, err := client.UpdateKafkaPortProtocol(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
|
Status Code |
Description |
|---|---|
|
200 |
Successful |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
