Updating a Network ACL Rule
Function
This API is used to update a network ACL rule.
Calling Method
For details, see Calling APIs.
URI
PUT /v3/{project_id}/vpc/firewalls/{firewall_id}/update-rules
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
firewall_id |
Yes |
String |
Unique ID of a network ACL. |
project_id |
Yes |
String |
Project ID. For details about how to obtain a project ID, see Obtaining a Project ID. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
firewall |
Yes |
FirewallUpdateRuleOption object |
Inbound or outbound network ACL rules to be updated. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
ingress_rules |
No |
Array of FirewallUpdateRuleItemOption objects |
|
egress_rules |
No |
Array of FirewallUpdateRuleItemOption objects |
|
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
id |
Yes |
String |
|
name |
No |
String |
|
description |
No |
String |
|
action |
No |
String |
|
protocol |
No |
String |
|
ip_version |
No |
Integer |
|
source_ip_address |
No |
String |
|
destination_ip_address |
No |
String |
|
source_port |
No |
String |
|
destination_port |
No |
String |
|
source_address_group_id |
No |
String |
|
destination_address_group_id |
No |
String |
|
enabled |
No |
Boolean |
|
Response Parameters
Status code: 200
Parameter |
Type |
Description |
---|---|---|
firewall |
FirewallDetail object |
Details after a network ACL rule is updated. |
request_id |
String |
Request ID. |
Parameter |
Type |
Description |
---|---|---|
id |
String |
|
name |
String |
|
description |
String |
|
project_id |
String |
|
created_at |
String |
|
updated_at |
String |
|
admin_state_up |
Boolean |
|
status |
String |
|
enterprise_project_id |
String |
|
tags |
Array of ResourceTag objects |
|
associations |
Array of FirewallAssociation objects |
|
ingress_rules |
Array of FirewallRuleDetail objects |
|
egress_rules |
Array of FirewallRuleDetail objects |
|
Parameter |
Type |
Description |
---|---|---|
key |
String |
Minimum: 1 Maximum: 128 |
value |
String |
Maximum: 255 |
Parameter |
Type |
Description |
---|---|---|
virsubnet_id |
String |
|
Parameter |
Type |
Description |
---|---|---|
id |
String |
|
name |
String |
|
description |
String |
|
action |
String |
|
project_id |
String |
|
protocol |
String |
|
ip_version |
Integer |
|
source_ip_address |
String |
|
destination_ip_address |
String |
|
source_port |
String |
|
destination_port |
String |
|
source_address_group_id |
String |
|
destination_address_group_id |
String |
|
enabled |
Boolean |
|
Example Requests
Update the inbound rule whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629 in the network ACL whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629.
PUT https://{Endpoint}/v3/{project_id}/vpc/firewalls/e9a7731d-5bd9-4250-a524-b9a076fd5629/update-rules { "firewall" : { "ingress_rules" : [ { "id" : "e9a7731d-5bd9-4250-a524-b9a076fd5629", "name" : "network_acl_rule test2", "description" : "network_acl_rule test2", "action" : "allow", "protocol" : "tcp", "ip_version" : "4", "source_ip_address" : "192.168.3.0/24", "destination_ip_address" : "192.168.6.0/24", "source_port" : "30-40,60-90", "destination_port" : "40-60,70-90", "source_address_group_id" : null, "destination_address_group_id" : null } ] } }
Example Responses
Status code: 200
Normal response to the PUT operation. For more status codes, see Status Codes.
{ "firewall" : { "id" : "e9a7731d-5bd9-4250-a524-b9a076fd5629", "name" : "network_acl_test1", "description" : "network_acl_test1", "project_id" : "9476ea5a8a9849c38358e43c0c3a9e12", "created_at" : "2022-04-07T07:30:46.000+00:00", "updated_at" : "2022-04-07T07:30:46.000+00:00", "admin_state_up" : true, "enterprise_project_id" : "158ad39a-dab7-45a3-9b5a-2836b3cf93f9", "status" : "ACTIVE", "tags" : [ ], "ingress_rules" : [ { "id" : "e9a7731d-5bd9-4250-a524-b9a076fd5629", "name" : "network_acl_rule test2", "description" : "network_acl_rule test2", "action" : "allow", "project_id" : "9476ea5a8a9849c38358e43c0c3a9e12", "protocol" : "tcp", "ip_version" : 4, "source_ip_address" : "192.168.3.0/24", "destination_ip_address" : "192.168.6.0/24", "source_port" : "30-40,60-90", "destination_port" : "40-60,70-90" } ], "egress_rules" : [ { "id" : "f9a7731d-5bd9-4250-a524-b9a076fd5629", "name" : "network_acl_rule test", "description" : "network_acl_rule test", "action" : "allow", "project_id" : "9476ea5a8a9849c38358e43c0c3a9e12", "protocol" : "tcp", "ip_version" : 4, "source_ip_address" : "192.168.3.0/24", "destination_ip_address" : "192.168.6.0/24", "source_port" : "30-40,60-90", "destination_port" : "40-60,70-90" } ], "associations" : [ { "virsubnet_id" : "8359e5b0-353f-4ef3-a071-98e67a34a143" } ] } }
SDK Sample Code
The SDK sample code is as follows.
Update the inbound rule whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629 in the network ACL whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
package com.huaweicloud.sdk.test; import com.huaweicloud.sdk.core.auth.ICredential; import com.huaweicloud.sdk.core.auth.BasicCredentials; import com.huaweicloud.sdk.core.exception.ConnectionException; import com.huaweicloud.sdk.core.exception.RequestTimeoutException; import com.huaweicloud.sdk.core.exception.ServiceResponseException; import com.huaweicloud.sdk.vpc.v3.region.VpcRegion; import com.huaweicloud.sdk.vpc.v3.*; import com.huaweicloud.sdk.vpc.v3.model.*; import java.util.List; import java.util.ArrayList; public class UpdateFirewallRulesSolution { public static void main(String[] args) { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment String ak = System.getenv("CLOUD_SDK_AK"); String sk = System.getenv("CLOUD_SDK_SK"); String projectId = "{project_id}"; ICredential auth = new BasicCredentials() .withProjectId(projectId) .withAk(ak) .withSk(sk); VpcClient client = VpcClient.newBuilder() .withCredential(auth) .withRegion(VpcRegion.valueOf("<YOUR REGION>")) .build(); UpdateFirewallRulesRequest request = new UpdateFirewallRulesRequest(); request.withFirewallId("{firewall_id}"); UpdateFirewallRulesRequestBody body = new UpdateFirewallRulesRequestBody(); List<FirewallUpdateRuleItemOption> listFirewallIngressRules = new ArrayList<>(); listFirewallIngressRules.add( new FirewallUpdateRuleItemOption() .withId("e9a7731d-5bd9-4250-a524-b9a076fd5629") .withName("network_acl_rule test2") .withDescription("network_acl_rule test2") .withAction("allow") .withProtocol("tcp") .withIpVersion(4) .withSourceIpAddress("192.168.3.0/24") .withDestinationIpAddress("192.168.6.0/24") .withSourcePort("30-40,60-90") .withDestinationPort("40-60,70-90") ); FirewallUpdateRuleOption firewallbody = new FirewallUpdateRuleOption(); firewallbody.withIngressRules(listFirewallIngressRules); body.withFirewall(firewallbody); request.withBody(body); try { UpdateFirewallRulesResponse response = client.updateFirewallRules(request); System.out.println(response.toString()); } catch (ConnectionException e) { e.printStackTrace(); } catch (RequestTimeoutException e) { e.printStackTrace(); } catch (ServiceResponseException e) { e.printStackTrace(); System.out.println(e.getHttpStatusCode()); System.out.println(e.getRequestId()); System.out.println(e.getErrorCode()); System.out.println(e.getErrorMsg()); } } } |
Update the inbound rule whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629 in the network ACL whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 |
# coding: utf-8 import os from huaweicloudsdkcore.auth.credentials import BasicCredentials from huaweicloudsdkvpc.v3.region.vpc_region import VpcRegion from huaweicloudsdkcore.exceptions import exceptions from huaweicloudsdkvpc.v3 import * if __name__ == "__main__": # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak = os.environ["CLOUD_SDK_AK"] sk = os.environ["CLOUD_SDK_SK"] projectId = "{project_id}" credentials = BasicCredentials(ak, sk, projectId) client = VpcClient.new_builder() \ .with_credentials(credentials) \ .with_region(VpcRegion.value_of("<YOUR REGION>")) \ .build() try: request = UpdateFirewallRulesRequest() request.firewall_id = "{firewall_id}" listIngressRulesFirewall = [ FirewallUpdateRuleItemOption( id="e9a7731d-5bd9-4250-a524-b9a076fd5629", name="network_acl_rule test2", description="network_acl_rule test2", action="allow", protocol="tcp", ip_version=4, source_ip_address="192.168.3.0/24", destination_ip_address="192.168.6.0/24", source_port="30-40,60-90", destination_port="40-60,70-90" ) ] firewallbody = FirewallUpdateRuleOption( ingress_rules=listIngressRulesFirewall ) request.body = UpdateFirewallRulesRequestBody( firewall=firewallbody ) response = client.update_firewall_rules(request) print(response) except exceptions.ClientRequestException as e: print(e.status_code) print(e.request_id) print(e.error_code) print(e.error_msg) |
Update the inbound rule whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629 in the network ACL whose ID is e9a7731d-5bd9-4250-a524-b9a076fd5629.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
package main import ( "fmt" "github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic" vpc "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3" "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3/model" region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpc/v3/region" ) func main() { // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security. // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment ak := os.Getenv("CLOUD_SDK_AK") sk := os.Getenv("CLOUD_SDK_SK") projectId := "{project_id}" auth := basic.NewCredentialsBuilder(). WithAk(ak). WithSk(sk). WithProjectId(projectId). Build() client := vpc.NewVpcClient( vpc.VpcClientBuilder(). WithRegion(region.ValueOf("<YOUR REGION>")). WithCredential(auth). Build()) request := &model.UpdateFirewallRulesRequest{} request.FirewallId = "{firewall_id}" nameIngressRules:= "network_acl_rule test2" descriptionIngressRules:= "network_acl_rule test2" actionIngressRules:= "allow" protocolIngressRules:= "tcp" ipVersionIngressRules:= int32(4) sourceIpAddressIngressRules:= "192.168.3.0/24" destinationIpAddressIngressRules:= "192.168.6.0/24" sourcePortIngressRules:= "30-40,60-90" destinationPortIngressRules:= "40-60,70-90" var listIngressRulesFirewall = []model.FirewallUpdateRuleItemOption{ { Id: "e9a7731d-5bd9-4250-a524-b9a076fd5629", Name: &nameIngressRules, Description: &descriptionIngressRules, Action: &actionIngressRules, Protocol: &protocolIngressRules, IpVersion: &ipVersionIngressRules, SourceIpAddress: &sourceIpAddressIngressRules, DestinationIpAddress: &destinationIpAddressIngressRules, SourcePort: &sourcePortIngressRules, DestinationPort: &destinationPortIngressRules, }, } firewallbody := &model.FirewallUpdateRuleOption{ IngressRules: &listIngressRulesFirewall, } request.Body = &model.UpdateFirewallRulesRequestBody{ Firewall: firewallbody, } response, err := client.UpdateFirewallRules(request) if err == nil { fmt.Printf("%+v\n", response) } else { fmt.Println(err) } } |
For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.
Status Codes
Status Code |
Description |
---|---|
200 |
Normal response to the PUT operation. For more status codes, see Status Codes. |
Error Codes
See Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot