You can call the ModifySecurityIps operation to modify an IP address whitelist of an ApsaraDB RDS instance.

An IP address whitelist contains the IP addresses and CIDR blocks that are granted access to the instance. For more information about how to configure an IP address whitelist, see Configure an IP address whitelist for an ApsaraDB RDS instance.

Note Before you call this operation, make sure that the instance is in the Running state.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes ModifySecurityIps

The operation that you want to perform. Set the value to ModifySecurityIps.

DBInstanceId String Yes pgm-bp18n0c8zt45****

The ID of the instance.

SecurityIps String Yes 10.23.12.24

The IP addresses and CIDR blocks that you want to include in the IP address whitelist. If the IP address whitelist contains more than one IP address or CIDR block, separate these IP addresses and CIDR blocks with commas (,). Each IP address or CIDR block in the IP address whitelist must be unique. For more information, see Configure an IP address whitelist for an ApsaraDB RDS instance. Valid formats:

  • IP addresses, such as 10.23.12.24.
  • CIDR blocks, such as 10.23.12.0/24. In this example, /24 indicates that the prefix of each IP address is 24-bit long. You can replace 24 with a value within the range of 1 to 32.
Note A maximum of 1,000 IP addresses and CIDR blocks can be configured for each instance. If you want to add a large number of IP addresses, we recommend that you merge these IP addresses into CIDR blocks, such as 10.23.12.0/24.
DBInstanceIPArrayName String No test

The name of the IP address whitelist. Default value: Default.

Note A maximum of 200 IP address whitelists can be configured for each instance.
DBInstanceIPArrayAttribute String No hidden

The attribute of the IP address whitelist. This parameter is empty by default.

Note The IP address whitelists that have the hidden attribute are not displayed in the ApsaraDB RDS console. These IP address whitelists are used to access Alibaba Cloud services, such as Data Transmission Service (DTS).
SecurityIPType String No IPv4

The address format of the IP address whitelist.

WhitelistNetworkType String No Classic

The network type of the IP address whitelist. Valid values:

  • Classic: The IP address whitelist is of the classic network type in enhanced whitelist mode.
  • VPC: The IP address whitelist is of the virtual private cloud (VPC) network type in enhanced whitelist mode.
  • MIX: The IP address whitelist is in standard whitelist mode.

Default value: MIX.

Note In standard whitelist mode, IP addresses and CIDR blocks can be added only to the default IP address whitelist. In enhanced whitelist mode, IP addresses and CIDR blocks can be added to both IP address whitelists of the classic network type and those of the VPC network type.
ModifyMode String No Cover

The method that is used to modify the IP address whitelist. Valid values:

  • Cover: Use the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to overwrite the existing IP addresses and CIDR blocks in the IP address whitelist.
  • Append: Add the IP addresses and CIDR blocks that are specified in the SecurityIps parameter to the IP address whitelist.
  • Delete: Delete the IP addresses and CIDR blocks that are specified in the SecurityIps parameter from the IP address whitelist. You must retain at least one IP address or CIDR block.

Default value: Cover.

FreshWhiteListReadins String No pgr-bp17yuz4dn3d****,pgr-bp1vn2ph54u1****

The read-only instances to which you want to synchronize the IP address whitelist.

  • If the instance is attached with a read-only instance, you can use this parameter to synchronize the IP address whitelist to the read-only instance. If the instance is attached with multiple read-only instances, the read-only instances must be separated by commas (,).
  • If the instance is not attached with a read-only instance, this parameter is empty.

Response parameters

Parameter Type Example Description
RequestId String 1AD222E9-E606-4A42-BF6D-8A4442913CEF

The ID of the request.

TaskId String 115855279

The ID of the task.

Examples

Sample requests

http(s)://rds.aliyuncs.com/?Action=ModifySecurityIps
&DBInstanceId=pgm-bp18n0c8zt45****
&SecurityIps=10.23.12.24
&<Common request parameters>

Sample success responses

XML format 

<ModifySecurityIpsResponse>
      <RequestId> 1AD222E9-E606-4A42-BF6D-8A4442913CEF</RequestId>
      <TaskId>115855279</TaskId>
</ModifySecurityIpsResponse>

JSON format 

{
    "RequestId": " 1AD222E9-E606-4A42-BF6D-8A4442913CEF",
    "TaskId": 115855279
}

Error codes

HTTP status code Error code Error message Description
400 InvalidWhitelistNetType.Malformed Specified WhitelistNetType is not valid. The error message returned because the value of the WhitelistNetworkType parameter is invalid. Enter a valid value.
400 InvalidIPArrayAttribute.Format The format of the IP attribute is invalid. The error message returned because the value of the DBInstanceIPArrayAttribute parameter is in an invalid format. Enter a value in the valid format and try again. If the IP address whitelist contains multiple IP addresses or CIDR blocks, make sure that the IP addresses and CIDR blocks are separated by commas (,). The following two formats are supported:IP addresses, such as 10.23.12.24, and CIDR blocks, such as 10.23.12.0/24. In the example CIDR block, /24 indicates that the prefix of each IP address is 24-bit long. You can replace 24 with a value within the range of 1 to 32.

For a list of error codes, visit the API Error Center.