Modifies an IP address whitelist of an instance.
Operation Description
An IP address whitelist contains the IP addresses and CIDR blocks that are granted access to the instance. For more information about how to configure an IP address whitelist, see Configure an IP address whitelist for an ApsaraDB RDS instance.
NoteBefore you call this operation, make sure that the instance is in the Running state. If the instance is not in the Running state, the operation fails.
Authorization information
The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:
- Operation: the value that you can use in the Action element to specify the operation on a resource.
- Access level: the access level of each operation. The levels are read, write, and list.
- Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level,
All Resourcesis used in the Resource type column of the operation.
- Condition Key: the condition key that is defined by the cloud service.
- Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
| Operation | Access level | Resource type | Condition key | Associated operation |
|---|---|---|---|---|
| rds:ModifySecurityIps | WRITE |
|
| none |
Request parameters
| Parameter | Type | Required | Description | Example |
|---|---|---|---|---|
| DBInstanceId | string | Yes | The ID of the instance. | pgm-bp18n0c8zt45**** |
| SecurityIps | string | Yes | The IP addresses and CIDR blocks that you want to include in the IP address whitelist. If the IP address whitelist contains more than one IP address or CIDR block, separate these IP addresses and CIDR blocks with commas (,). Each IP address or CIDR block in an IP address whitelist must be unique. For more information, see Configure an IP address whitelist for an ApsaraDB RDS instance. The entries in the IP address whitelist must be in one of the following formats:
NoteA maximum of 1,000 IP addresses or CIDR blocks can be added for each instance. If you want to add a large number of IP addresses, we recommend that you merge them into CIDR blocks, such as 10.23.XX.XX/24. | 10.23.XX.XX |
| DBInstanceIPArrayName | string | No | The name of the IP address whitelist that you want to modify. Default value: Default. NoteA maximum of 200 IP address whitelists can be configured for each instance. | test |
| DBInstanceIPArrayAttribute | string | No | The attribute of the IP address whitelist. By default, this parameter is empty. NoteThe IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS). | hidden |
| SecurityIPType | string | No | The type of the IP addresses in the IP address whitelist. Set the value to IPv4. IPv6 is not supported. | IPv4 |
| WhitelistNetworkType | string | No | The network type of the IP address whitelist. Valid values:
Default value: MIX. NoteIn standard whitelist mode, IP addresses and CIDR blocks are added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks are added to the IP address whitelists of the classic network type and the VPC network type. | Classic |
| ModifyMode | string | No | The method that is used to modify the IP address whitelist. Valid values:
Default value: Cover. | Cover |
| FreshWhiteListReadins | string | No | The read-only instances to which you want to synchronize the IP address whitelist.
| pgr-bp17yuz4dn3d****,pgr-bp1vn2ph54u1**** |
Response parameters
Examples
Sample success responses
JSONformat
{
"TaskId": "115855279",
"RequestId": " 1AD222E9-E606-4A42-BF6D-8A4442913CEF"
}Error codes
| HTTP status code | Error code | Error message | Description |
|---|---|---|---|
| 400 | IncorrectMasterDBInstanceState | Master instance state does not support this operation. | - |
| 400 | InvalidWhitelistNetType.Malformed | Specified WhitelistNetType is not valid. | The specified WhitelistNetworkType is invalid. Please check again. |
| 400 | InvalidIPArrayAttribute.Format | The format of the IP attribute is invalid. | The specified DBInstanceIPArrayAttribute parameter is invalid. Specify a valid value and try again. If the value that you specify contains multiple entries, separate the entries with commas (,). Each entry must be unique. Valid entries are in one of the following formats: IP address, such as 10.23.12.24. CIDR, such as 10.23.12.0/24. In this example, 24 indicates that the prefix in each IP address is 24 bits in length. You can replace 24 with an integer within the range of 1 to 32. |
| 400 | InvalidSecurityIPList.Duplicate | Specified security IP list is not valid: Duplicate IP address in the list. | The IP address whitelist is invalid. It contains duplicate entries. |
| 400 | SecurityIPList.Format | Specified SecurityIPList is not valid. | The specified IP address whitelist is invalid. |
| 403 | IncorrectDBType | The current DB type does not support this operation. | The operation failed. The operation is not supported by the database engine of the RDS instance. Specify a different database engine. |
| 403 | IncorrectDBInstanceType | Current DB instance type does not support this operation. | The operation failed. The RDS instance is not in a ready state. |
| 403 | IncorrectDBInstanceCharacterType | Current DB Instance character_type does not support this operation. | This operation is not supported for the character type of the current instance. |
| 403 | IncorrectDBInstanceState | Current DB instance state does not support this operation. | - |
| 403 | IncorrectEngineVersion | The engine version does not support the operation. | The operation failed. The operation is not supported for the database engine version of the RDS instance. |
| 404 | Readins.NotFound | The current instance does not contain any read only instance. The operation is not supported. | The operation failed. The RDS instance is not attached with read-only RDS instances. |
| 404 | InvalidDBInstanceName.NotFound | The database instance does not exist. | The name of the RDS instance cannot be found. Check the name of the RDS instance. |
| 404 | InvalidDBInstance.NotFound | The specified instance does not exist or is not supported. | The RDS instance cannot be found. Check the ID or name of the RDS instance. |
| 404 | IncorrectDBInstanceLockMode | Current DB instance lock mode does not support this operation. | The operation failed. The RDS instance is locked. |
For a list of error codes, visit the Service error codes.
Change history
| Change time | Summary of changes | Operation | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|
| 2022-10-28 | The error codes of the API operation change. | |||||||||
| ||||||||||
| 2022-09-01 | The error codes of the API operation change. | |||||||||
|