Associates access control lists (ACLs) with a listener.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes AssociateAclsWithListener

The operation that you want to perform. Set the value to AssociateAclsWithListener.

AclIds Array of String Yes nacl-hp34s2h0xx1ht4nwo****

The IDs of the ACLs. You can specify up to three IDs at a time.

ListenerId String Yes lsr-bp1bpn0kn908w4nbw****

The ID of the listener.

AclType String Yes White

The type of ACL. Valid values:

  • White: a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. The whitelist applies to scenarios in which you want to allow only specific IP addresses to access an application. Risks may arise if you specify an ACL as a whitelist. After a whitelist is configured, only IP addresses in the whitelist can access the Application Load Balancer (ALB) listener. If you enable a whitelist but the whitelist does not contain an IP address, the listener forwards all requests.
  • Black: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are blocked. The blacklist applies to scenarios in which you want to block access from specific IP addresses to an application. If you enable a blacklist but the blacklist does not contain an IP address, the listener forwards all requests.
DryRun Boolean No true

Specifies whether only to precheck the request. Valid values:

  • true: only prechecks the request and does not perform the requested operation. The system checks the required parameters, request format, and service limits. If the request fails the precheck, an error code is returned based on the cause of the failure. If the request passes the precheck, the DryRunOperation error code is returned.
  • false: prechecks the request and performs the requested operation. After the request passes the precheck, an HTTP 2xx status code is returned and the system performs the operation. This is the default value.
ClientToken String No 5A2CFF0E-5718-45B5-9D4D-70B3FF3898

The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must make sure that it is unique among different requests. The token can contain only ASCII characters and cannot exceed 64 characters in length.

Note If you do not specify this parameter, the system automatically uses the request ID as the client token. The ID of each request is unique.

Response parameters

Parameter Type Example Description
JobId String 72dcd26b-f12d-4c27-b3af-18f6aed5****

The ID of the asynchronous task.

RequestId String CEF72CEB-54B6-4AE8-B225-F876FF7BA984

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=AssociateAclsWithListener
&AclIds=["nacl-hp34s2h0xx1ht4nwo****"]
&ListenerId=lsr-bp1bpn0kn908w4nbw****
&AclType=White
&DryRun=true
&ClientToken=5A2CFF0E-5718-45B5-9D4D-70B3FF3898
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<AssociateAclsWithListenerResponse>
    <JobId>72dcd26b-f12d-4c27-b3af-18f6aed5****</JobId>
    <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
</AssociateAclsWithListenerResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "JobId" : "72dcd26b-f12d-4c27-b3af-18f6aed5****",
  "RequestId" : "CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

HTTP status code Error code Error message Description
400 QuotaExceeded.AclsNum The quota of %s is exceeded, usage %s/%s. The error message returned because the usage %s has exceeded the quota %s.
400 IncorrectStatus.Acl The status of %s [%s] is incorrect. The error message returned because the status of the specified %s [%s] resource is invalid.
400 ResourceQuotaExceeded.ListenerAclEntriesNum The quota of %s is exceeded for resource %s, usage %s/%s. The error message returned because the usage %s of the specified %s resource has exceeded the quota %s.
404 ResourceNotFound.Acl The specified resource %s is not found. The error message returned because the specified %s resource does not exist.

For a list of error codes, visit the API Error Center.