Creating a Service Access Client

Function

This API is used to create service access clients. Restriction: By default, a maximum of 20 access clients can be created in an instance.

URI

POST /v1/{project_id}/instances/{instance_id}/access-clients

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For how to obtain the project ID, see Obtaining a Project ID (lakeformation_04_0026.xml).
instance_id	Yes	String	LakeFormation instance ID. The value is automatically generated when the instance is created, for example, 2180518f-42b8-4947-b20b-adfc53981a25.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Tenant token.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
name	Yes	String	Client name. Enter 4 to 32 characters. Only letters, numbers, hyphens (-), and underscores (_) are allowed.
access_mode	No	String	Access mode. SYSTEM: default mode, in which the system automatically creates a VPCEP connection. This mode is recommended. In this mode, vpc_id and subnet_id cannot be left empty. CUSTOM: custom mode, in which the VPCEP connection is created by an external service. This mode is applicable to cross-tenant scenarios. In this mode, access_connections cannot be left empty. This mode is not recommended. Use the APIs related to the access tenant instead. Enumeration values: SYSTEM CUSTOM
vpc_id	No	String	VPC ID. You can click Clients, click Create, and then click create one to create a VPC.
subnet_id	No	String	Subnet ID. The value is generated by the system when a subnet is created, for example, 8c6721b5-78d1-4c3c-97b1-8421da139ffc.
access_connections	No	Array of AccessConnectionRequestBody objects	Access connection list. This parameter is valid only when the access mode is CUSTOM.

**Table 4** AccessConnectionRequestBody
Parameter	Mandatory	Type	Description
vpcep_id	No	String	VPCEP ID. Click Clients, click Create, and click create one. On the displayed page, click VPC Endpoint to create or check a VPC endpoint.
vpcep_service_name	No	String	Name of a VPC endpoint service. Enter a maximum of 64 characters.
domain	No	String	Access domain name. When accessing LakeFormation APIs using an IP address, you need to add the HOST parameter to the request header and transfer the domain name.

Response Parameters

Status code: 202

**Table 5** Response body parameters
Parameter	Type	Description
id	String	Client ID.
name	String	Client name.
access_mode	String	Access mode. The options are SYSTEM, CUSTOM, or AUTO. Enumeration values: SYSTEM CUSTOM AUTO
status	String	Client status. The options are CREATING, RUNNING, DELETING, DELETED, CREATE_FAIL, and DELETE_FAIL. Enumeration values: CREATING RUNNING DELETING DELETED CREATE_FAIL DELETE_FAIL
vpc_id	String	VPC ID.
subnet_id	String	Subnet ID.
access_connections	Array of AccessConnectionInfo objects	Access connection list.
create_time	String	Timestamp when the instance is created.

**Table 6** AccessConnectionInfo
Parameter	Type	Description
vpcep_id	String	VPC endpoint ID. Click Clients, click Create, and click create one. On the displayed page, click VPC Endpoint to create or check a VPC endpoint.
ip	String	Access IP address.
owner	String	Owner.
domain	String	Access domain name. When accessing LakeFormation APIs using an IP address, you need to add the HOST parameter to the request header and transfer the domain name.

Example Requests

POST https://{endpoint}/v1/{project_id}/instances/{instance_id}/access-clients

{
  "name" : "name-example",
  "vpc_id" : "vpc-example",
  "subnet_id" : "subnet-example"
}

Example Responses

Status code: 202

Created

{
  "id" : "gs23xxxxxxxxxxxxxxxxxxxxxxxxxxxxfgs2",
  "name" : "lakeformation_client",
  "access_mode" : "SYSTEM",
  "vpc_id" : "d3fcxxxxxxxxxxxxxxxxxxxxxxxxxxxx8f1e",
  "subnet_id" : "d3fcxxxxxxxxxxxxxxxxxxxxxxxxxxxx8f1e",
  "status" : "CREATING"
}