Updated on 2024-11-06 GMT+08:00

Creating an ACL Account

Function

This API is used to create an account with read/write or read-only permissions for a DCS Redis 4.0 or 5.0 instance.

If the default user has enabled password-free access, normal users cannot use the instance. To allow normal users to use the instance, disable password-free access.

The password of the default user of a single-node or master/standby instance cannot contain colons (:). Otherwise, normal users cannot be created.

Calling Method

For details, see Calling APIs.

URI

POST /v2/{project_id}/instances/{instance_id}/accounts

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Project ID. For details, see Obtaining a Project ID.

instance_id

Yes

String

Instance ID.

Request Parameters

Table 2 Request body parameters

Parameter

Mandatory

Type

Description

account_name

Yes

String

Account name.

  • Starts with a letter.

  • Can contain only letters, digits, hyphens (-), and underscores (_).

  • Can contain 1 to 64 characters.

account_role

Yes

String

Account permission. Options: read (read-only) and write (read/write).

account_password

Yes

String

Account password.

  • Can contain 8 to 64 characters.

  • Cannot use the username spelled forwards or backwards.

  • Must contain at least three of the following character types (colons are not allowed):

    • Lowercase letters

    • Uppercase letters

    • Digits

    • Special characters `~!@#$^&*()-_=+\|{}'",<.>/?

description

No

String

Account description.

Response Parameters

Status code: 400

Table 3 Response body parameters

Parameter

Type

Description

error_msg

String

Error message.

error_code

String

Error code.

error_ext_msg

String

Extended error information. This parameter is not used currently and is set to null.

Status code: 401

Table 4 Response body parameters

Parameter

Type

Description

error_msg

String

Error message.

error_code

String

Error code.

error_ext_msg

String

Extended error information. This parameter is not used currently and is set to null.

Status code: 403

Table 5 Response body parameters

Parameter

Type

Description

error_msg

String

Error message.

error_code

String

Error code.

error_ext_msg

String

Extended error information. This parameter is not used currently and is set to null.

Status code: 404

Table 6 Response body parameters

Parameter

Type

Description

error_msg

String

Error message.

error_code

String

Error code.

error_ext_msg

String

Extended error information. This parameter is not used currently and is set to null.

Status code: 500

Table 7 Response body parameters

Parameter

Type

Description

error_msg

String

Error message.

error_code

String

Error code.

error_ext_msg

String

Extended error information. This parameter is not used currently and is set to null.

Example Requests

Creating a read-only ACL account named user.

POST https:///{dcs_endpoint}/v2/{project_id}/instances/{instance_id}/accounts

{
  "account_name" : "user",
  "account_role" : "read",
  "account_password" : "xxxxx"
}

Example Responses

Status code: 400

Invalid request.

{
  "error_code" : "DCS.4961",
  "error_msg" : "Acl account request param invalid."
}

SDK Sample Code

The SDK sample code is as follows.

Creating a read-only ACL account named user.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.dcs.v2.region.DcsRegion;
import com.huaweicloud.sdk.dcs.v2.*;
import com.huaweicloud.sdk.dcs.v2.model.*;


public class CreateAclAccountSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");
        String projectId = "{project_id}";

        ICredential auth = new BasicCredentials()
                .withProjectId(projectId)
                .withAk(ak)
                .withSk(sk);

        DcsClient client = DcsClient.newBuilder()
                .withCredential(auth)
                .withRegion(DcsRegion.valueOf("<YOUR REGION>"))
                .build();
        CreateAclAccountRequest request = new CreateAclAccountRequest();
        request.withInstanceId("{instance_id}");
        CreateAclAccountRequestBody body = new CreateAclAccountRequestBody();
        body.withAccountPassword("xxxxx");
        body.withAccountRole(CreateAclAccountRequestBody.AccountRoleEnum.fromValue("read"));
        body.withAccountName("user");
        request.withBody(body);
        try {
            CreateAclAccountResponse response = client.createAclAccount(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Creating a read-only ACL account named user.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkdcs.v2.region.dcs_region import DcsRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkdcs.v2 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]
    projectId = "{project_id}"

    credentials = BasicCredentials(ak, sk, projectId)

    client = DcsClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(DcsRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = CreateAclAccountRequest()
        request.instance_id = "{instance_id}"
        request.body = CreateAclAccountRequestBody(
            account_password="xxxxx",
            account_role="read",
            account_name="user"
        )
        response = client.create_acl_account(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Creating a read-only ACL account named user.

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    dcs "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dcs/v2"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dcs/v2/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/dcs/v2/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")
    projectId := "{project_id}"

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        WithProjectId(projectId).
        Build()

    client := dcs.NewDcsClient(
        dcs.DcsClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.CreateAclAccountRequest{}
	request.InstanceId = "{instance_id}"
	request.Body = &model.CreateAclAccountRequestBody{
		AccountPassword: "xxxxx",
		AccountRole: model.GetCreateAclAccountRequestBodyAccountRoleEnum().READ,
		AccountName: "user",
	}
	response, err := client.CreateAclAccount(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

The ACL account creation task is successfully delivered.

400

Invalid request.

401

Invalid authentication information.

403

Request rejected.

404

The requested resource could not be found.

500

Internal service error.

Error Codes

See Error Codes.