Help Center> VPC Endpoint> API Reference> API> VPC Endpoint Services> Batch Adding Whitelist Records of a VPC Endpoint Service
Updated on 2024-04-19 GMT+08:00
Online Debugging
CLI Examples
View PDF

Batch Adding Whitelist Records of a VPC Endpoint Service

Function

This API is used to add whitelists of VPC endpoint services of the current user in batches. The description can be added. Note: Your account is in the whitelist of your own VPC endpoint service by default.

Calling Method

For details, see Calling APIs.

URI

POST /v1/{project_id}/vpc-endpoint-services/{vpc_endpoint_service_id}/permissions/batch-create

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Specifies the project ID.

Minimum: 1

Maximum: 64

vpc_endpoint_service_id

Yes

String

Specifies the ID of the VPC endpoint service.

Minimum: 1

Maximum: 64

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Specifies the user token. It can be obtained by calling the IAM API. The value of X-Subject-Token in the response header is the user token.

Content-Type

No

String

Specifies the MIME type of the request body. Default value application/json is recommended. For APIs used to upload objects or images, the MIME type varies depending on the flow type.

Default: application/json
Table 3 Request body parameters

Parameter

Mandatory

Type

Description

permissions

Yes

Array of EpsAddPermissionRequest objects

Specifies the whitelist records of the VPC endpoint service.

permission_type

No

String

Specifies the whitelist type of the VPC endpoint service.

  • domainId: indicates the whitelisted ID of the account that can create VPC endpoints to connect to the VPC endpoint service.

  • orgPath: indicates the whitelisted organization path under which accounts can create VPC endpoints to connect to the VPC endpoint service.
Table 4 EpsAddPermissionRequest

Parameter

Mandatory

Type

Description

permission

Yes

String

The permission format is iam:domain::domain_id or organizations:orgPath::org_path.

  • iam:domain:: and organizations:orgPath:: are fixed formats.

  • domain_id indicates the ID of the account in which VPC endpoints can be created to access the VPC endpoint service. org_path indicates the organization path under which accounts can create VPC endpoints to access the VPC endpoint service. domain_id can contain a maximum of 64 characters, including only letters and digits. org_path can contain a maximum of 1,024 characters, including only letters, digits, forward slashes (/), and hyphens (-). Example: iam:domain::6e9dfd51d1124e8d8498dce894923a0dd or organizations:orgPath::o-3j59d1231uprgk9yuvlidra7zbzfi578/r-rldbu1vmxdw5ahdkknxnvd5rgag77m2z/ou-7tuddd8nh99rebxltawsm6qct5z7rklv/*

Minimum: 0

Maximum: 1024

description

Yes

String

Specifies the description of a whitelist record of a VPC endpoint service.

Minimum: 0

Maximum: 256

Response Parameters

Status code: 200

Table 5 Response body parameters

Parameter

Type

Description

permissions

Array of EpsPermission objects

Specifies the whitelist of the VPC endpoint service.
Table 6 EpsPermission

Parameter

Type

Description

id

String

Specifies primary key IDs of whitelist records of a VPC endpoint service.

permission

String

The permission format is iam:domain::domain_id or organizations:orgPath::org_path.

  • iam:domain:: and organizations:orgPath:: are fixed formats.

  • domain_id indicates the ID of the account in which VPC endpoints can be created to access the VPC endpoint service. org_path indicates the organization path under which accounts can create VPC endpoints to access the VPC endpoint service. domain_id can contain only letters and digits. org_path can contain only letters, digits, forward slashes (/), and hyphens (-). You can also enter an asterisk for domain_id or org_path, which indicates that this VPC endpoint service allows accesses from any VPC endpoints. Example: iam:domain::6e9dfd51d1124e8d8498dce894923a0dd or organizations:orgPath::o-3j59d1231uprgk9yuvlidra7zbzfi578/r-rldbu1vmxdw5ahdkknxnvd5rgag77m2z/ou-7tuddd8nh99rebxltawsm6qct5z7rklv/*

Minimum: 1

Maximum: 1024

permission_type

String

Specifies the whitelist type of the VPC endpoint service.

  • domainId: indicates the whitelisted ID of the account that can create VPC endpoints to connect to the VPC endpoint service.

  • orgPath: indicates the whitelisted organization path under which accounts can create VPC endpoints to connect to the VPC endpoint service.

description

String

Specifies the description of a whitelist record of a VPC endpoint service.

Minimum: 0

Maximum: 256

created_at

String

Specifies the time when a whitelist record is created.

Example Requests

Batch adding whitelist records of a VPC endpoint service

POST https://{endpoint}/v1/{project_id}/vpc-endpoint-services/c07132bf-4071-439a-9ff3-2068eb45092f/permissions/batch-create

{
  "permissions" : [ {
    "permission" : "*",
    "description" : "Specifies APIs for batch adding whitelist records of a VPC endpoint service."
  }, {
    "permission" : "iam:domain::4dbb0ce8766f44a9bfd08ccf8fc02397",
    "description" : "test"
  } ]
}

Example Responses

Status code: 200

The server has successfully processed the request.

{
  "permissions" : [ {
    "id" : "ab42a58b-6f8e-43b3-9400-aaf0e393ee0d",
    "permission" : "iam:domain::4dbb0ce8766f44a9bfd08ccf8fc02397",
    "description" : "test",
    "created_at" : "2022-06-16T10:03:27Z"
  }, {
    "id" : "dfaaeff1-858d-4631-83c4-be3548a07935",
    "permission" : "*",
    "description" : "",
    "created_at" : "2022-06-16T10:03:27Z"
  } ]
}

SDK Sample Code

The SDK sample code is as follows.

Batch adding whitelist records of a VPC endpoint service

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.vpcep.v1.region.VpcepRegion;
import com.huaweicloud.sdk.vpcep.v1.*;
import com.huaweicloud.sdk.vpcep.v1.model.*;

import java.util.List;
import java.util.ArrayList;

public class BatchAddEndpointServicePermissionsSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        VpcepClient client = VpcepClient.newBuilder()
                .withCredential(auth)
                .withRegion(VpcepRegion.valueOf("<YOUR REGION>"))
                .build();
        BatchAddEndpointServicePermissionsRequest request = new BatchAddEndpointServicePermissionsRequest();
        BatchAddEndpointServicePermissionsRequestBody body = new BatchAddEndpointServicePermissionsRequestBody();
        List<EpsAddPermissionRequest> listbodyPermissions = new ArrayList<>();
        listbodyPermissions.add(
            new EpsAddPermissionRequest()
                .withPermission("*")
                .withDescription("Specifies APIs for batch adding whitelist records of a VPC endpoint service.")
        );
        listbodyPermissions.add(
            new EpsAddPermissionRequest()
                .withPermission("iam:domain::4dbb0ce8766f44a9bfd08ccf8fc02397")
                .withDescription("test")
        );
        body.withPermissions(listbodyPermissions);
        request.withBody(body);
        try {
            BatchAddEndpointServicePermissionsResponse response = client.batchAddEndpointServicePermissions(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Batch adding whitelist records of a VPC endpoint service

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
 
# coding: utf-8

from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkvpcep.v1.region.vpcep_region import VpcepRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkvpcep.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = __import__('os').getenv("CLOUD_SDK_AK")
    sk = __import__('os').getenv("CLOUD_SDK_SK")

    credentials = BasicCredentials(ak, sk) \

    client = VpcepClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(VpcepRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = BatchAddEndpointServicePermissionsRequest()
        listPermissionsbody = [
            EpsAddPermissionRequest(
                permission="*",
                description="Specifies APIs for batch adding whitelist records of a VPC endpoint service."
            ),
            EpsAddPermissionRequest(
                permission="iam:domain::4dbb0ce8766f44a9bfd08ccf8fc02397",
                description="test"
            )
        ]
        request.body = BatchAddEndpointServicePermissionsRequestBody(
            permissions=listPermissionsbody
        )
        response = client.batch_add_endpoint_service_permissions(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Batch adding whitelist records of a VPC endpoint service

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
 
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    vpcep "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpcep/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpcep/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpcep/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := vpcep.NewVpcepClient(
        vpcep.VpcepClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.BatchAddEndpointServicePermissionsRequest{}
	var listPermissionsbody = []model.EpsAddPermissionRequest{
        {
            Permission: "*",
            Description: "Specifies APIs for batch adding whitelist records of a VPC endpoint service.",
        },
        {
            Permission: "iam:domain::4dbb0ce8766f44a9bfd08ccf8fc02397",
            Description: "test",
        },
    }
	request.Body = &model.BatchAddEndpointServicePermissionsRequestBody{
		Permissions: listPermissionsbody,
	}
	response, err := client.BatchAddEndpointServicePermissions(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

The server has successfully processed the request.

Error Codes

See Error Codes.

Parent Topic: VPC Endpoint Services