Creating an Access Control Policy

Function

This API is used to create an access control policy to allow or deny API access from certain IP addresses or domains. The acl_value value of a domain is a tenant name rather than a domain name (such as www.exampleDomain.com).

URI

The following table lists the HTTP/HTTPS request method and URI of the API.

**Table 1** HTTP/HTTPS request method and URI
Request Method	URI
POST	/v1.0/apigw/acls

Request

**Table 2** Parameter description
Parameter	Type	Description
acl_name	String	Name of the access control policy The name of an access control policy consists of 3–64 characters, starting with a letter. Only letters, digits, and underscores (_) are allowed.
acl_type	String	Access control type, which can be: PERMIT (whitelist) DENY (blacklist)
acl_value	String	One or more objects from which the access will be controlled. Separate multiple objects with commas.
entity_type	String	Object type, which can be: IP DOMAIN

Example request:

{
        "acl_name": "test001",
	"acl_type": "PERMIT",
        "acl_value": "192.168.1.5,192.168.10.0/24,192.168.12.12-192.168.12.19",
        "entity_type": "IP"
}

Response

**Table 3** Parameter description
Parameter	Type	Description
id	String	Access control policy ID
acl_name	String	Access control policy name
acl_type	String	Access control type, which can be: PERMIT (whitelist) DENY (blacklist)
acl_value	String	Access control objects
entity_type	String	Object type, which can be: IP DOMAIN
update_time	Timestamp	Time when the access control policy was last updated

Example response:

{
	"id": "d402b35e-1054-4280-b1c5-0d741a28c995",
        "acl_name": "test",
        "entity_type": "IP",
	"acl_type": "PERMIT",
        "acl_value": "192.168.1.5,192.168.10.0/24,192.168.12.12-192.168.12.19",
	"update_time": "2017-11-18T14:27:36.918578+08:00"
}