Adding a Basic Access Control Rule
Scenario
You can configure basic access control rules by application, endpoint, host, user, and client IP address to allow or block requests that match the rules.
For example, if application demo has a file download API, you can add a basic access control rule to block requests for accessing the file download API of application demo.
The following describes how to create a basic access control rule.
Procedure
- Log in to the web console of the API data security protection system as user sysadmin.
- In the navigation pane on the left, choose Security Policies > Access Control.
- Click the Basic Access Control tab, click Add, and set rule parameters. For the descriptions of parameters, see Table 1.
Figure 1 Adding a basic access control rule
Table 1 Parameters for adding a basic access control rule Parameter
Description
Rule Name
Name of the rule.
Description
Rule description.
Service Name
Select the application to which the rule applies.
Rule Conditions
Configure the rule conditions, including the request method, URL, request body, endpoint type, client IP address, region, account, and account group.
Action
Configure the action triggered when the rule is matched.
Priority
When a request matches several basic access control rules, the rule with the highest priority takes effect.
Effective Time
The time or duration when the rule takes effect.- Effective permanently: The rule takes effect permanently when it is enabled.
- Custom: The rule takes effect in a fixed time range every week or every day.
Enabled/Disabled
Enable or disable basic access control rules.- Enabled status: The rule takes effect immediately after being added.
- Disabled status: The rule does not takes effect after being added. You need to manually enable it.
- Click OK.
Operation Results
An access control rule takes effect after being configured. Requests for accessing the application are allowed or blocked based on the rule.
Related Operations
On the Basic Access Control tab, you can also perform the following actions:
- To modify a basic access control rule, locate it and click Edit on the right of the row.
- To delete a basic access control rule, locate it and click Delete on the right of the row.
- To delete several basic access control rules, select them all and click Delete in the upper right corner.
- To enable several basic access control rules, select them all and click Enable in the upper right corner.
- To disable several basic access control rules, select them all and click Disable in the upper right corner.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot