Server Load Balancer (SLB) provides you with an access control function. You can configure different access control rules (whitelist or blacklist) for different listeners. Before configuring the access control function for a listener, you must first configure an access control list.

You can create multiple access control lists. Each list contains multiple IP addresses or CIDR blocks. Limits on access control lists are shown in the following table.
Resource Limit
The maximum number of access control lists per region 50
The maximum number of IP entries added each time 50
The maximum number of IP entries per access control list 300
The maximum number of listeners with which an access control list can be associated 50

Create an access control list

To create an access control list, follow these steps:

  1. Log on to the SLB console.
  2. Select a region.
  3. In the left-side navigation pane, click Access Control.
  4. Click Create Access Control List, enter an access control list name, select the IP version, and select the resource group.
  5. Click OK.

Add IP entries

To add IP entries to the access control list, follow these steps:

  1. Log on to the SLB console.
  2. Select a region.
  3. In the left-side navigation pane, click Access Control.
  4. Find the target access control list and click Manage.
  5. Add IP entries:
    • Click Add Multiple Entries. In the displayed dialog box, add IP addresses or CIDR blocks and click OK.

      Note the following when you add IP entries:
      • Each line should include only one IP entry. Use the Enter key to break lines.

      • Use a vertical bar (|) to separate an IP address or a CIDR block with the description, for example, 192.168.1.0/24|description.



    • Click Add Entry. In the displayed dialog box, add an IP address or a CIDR block and the description, and click OK.


Delete IP entries

To delete IP entries, follow these steps:

  1. Log on to the SLB console.
  2. Select a region.
  3. In the left-side navigation pane, click Access Control.
  4. Find the target access control list and click Manage.
  5. Click Delete in the Actions column of the target IP entry, or select multiple IP entries and click Delete at the bottom of the list.
  6. In the displayed dialog box, click OK.