Modifying the ACL for Console Access
Function
This API is provided for the administrator to modify the ACL for console access. The change will be applied for all IAM users and federated users (SP initiated) of the account.
The API can be called using both the global endpoint and region-specific endpoints. For IAM endpoints, see Regions and Endpoints.
Debugging
You can debug this API in API Explorer.
URI
PUT /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/console-acl-policy
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
domain_id |
Yes |
String |
Account ID. For details about how to obtain the account ID, see Obtaining Account, IAM User, Group, Project, Region, and Agency Information. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
X-Auth-Token |
Yes |
String |
Access token issued to a user to bear its identity and permissions. For details about the permissions required by the token, see Actions. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
Yes |
object |
ACL for console access. |
Parameter |
Mandatory |
Type |
Description |
---|---|---|---|
No |
Array of objects |
IP address CIDR blocks from which console access is allowed. Specify either allow_address_netmasks or allow_ip_ranges. |
|
No |
Array of objects |
IP address ranges from which console access is allowed. Specify either allow_address_netmasks or allow_ip_ranges. |
Response Parameters
Parameter |
Type |
Description |
---|---|---|
object |
ACL for console access. |
Parameter |
Type |
Description |
---|---|---|
Array of objects |
IP address CIDR blocks from which console access is allowed. This parameter is only returned when an IP address range or CIDR block from which console access is allowed is specified. |
|
Array of objects |
IP address ranges from which console access is allowed. This parameter is only returned when an IP address range from which console access is allowed is specified. |
Example Request
Request for modifying the console access policy to only allow console access from IP address range 0.0.0.0-255.255.255.255
PUT https://iam.myhuaweicloud.com/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/console-acl-policy
{
"console_acl_policy": {
"allow_ip_ranges": [
{
"ip_range": "0.0.0.0-255.255.255.255"
}
]
}
}
Example Response
Status code: 200
The request is successful.
{ "console_acl_policy": { "allow_ip_ranges": [ { "ip_range": "0.0.0.0-255.255.255.255", "description": "" } ] } }
Status code: 400
The request body is abnormal.
- Example 1
{ "error_msg" : "'%(key)s' is a required property.", "error_code" : "IAM.0072" }
- Example 2
{ "error_msg" : "Invalid input for field '%(key)s'. The value is '%(value)s'.", "error_code" : "IAM.0073" }
Status code: 500
The system is abnormal.
{ "error_msg" : "An unexpected error prevented the server from fulfilling your request.", "error_code" : "IAM.0006" }
Status Codes
Status Code |
Description |
---|---|
200 |
The request is successful. |
400 |
The request body is abnormal. |
401 |
Authentication failed. |
403 |
Access denied. |
500 |
The system is abnormal. |
Error Codes
For details, see Error Codes.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot