You can call the DescribeModifyPGHbaConfigLog operation to query the modification history of the pg_hba.conf file of an ApsaraDB RDS for PostgreSQL instance.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String No DescribeModifyPGHbaConfigLog

The operation that you want to perform. Set the value to DescribeModifyPGHbaConfigLog.

ClientToken String No 1

This parameter is reserved. You do not need to specify this parameter.

DBInstanceId String Yes pgm-bp1lymyn1v3i****

You can call the DescribeDBInstances operation to query the IDs of instances.

StartTime String No 2021-11-25T05:00:40Z

The beginning of the time range to query. Specify the time in the yyyy-MM-ddTHH:mmZ format. The time must be in UTC.

EndTime String No 2021-11-25T06:00:40Z

The end of the time range to query. Specify the time in the yyyy-MM-ddTHH:mmZ format. The time must be in UTC.

Response parameters

Parameter Type Example Description
DBInstanceId String pgm-bp1lymyn1v3i****

The ID of the instance.

RequestId String 6D797E6B-E157-510C-A27F-6F9E6DA40633

The ID of the request.

LogItemCount Integer 1

The number of modification records.

HbaLogItems Array of HbaLogItem

An array that consists of the modifications to the pg_hba.conf file.

HbaLogItem
ModifyStatus String success

The status of the modification.

  • success: The modification is successful.
  • failed: The modification failed.
  • setting: The modification is being applied.
StatusReason String null

The reason why the modification failed.

ModifyTime String 2021-11-25T06:00:40Z

The time when the modification was made to the pg_hba.conf file.

BeforeHbaItems Array of HbaItem

The configuration of the pg_hba.conf file before the modification was made.

HbaItem
Type String host

The type of connection to the instance.

Mask String null

The mask of the instance.

Database String all

The names of the databases that the specified users are allowed to access.

PriorityId Integer 0

The priority of the AD domain controller in the pg_hba.conf file.

Address String 0.0.0.0/0

The IP addresses from which the specified users can access the specified databases.

Option String null

The value of this parameter is based on the value of the METHOD parameter.

Method String md5

The the authentication method of Lightweight Directory Access Protocol (LDAP).

User String all

The user that is allowed to access the instance.

AfterHbaItems Array of HbaItem

The configuration of the pg_hba.conf file after the modification was made.

HbaItem
Type String host

The type of connection to the instance.

Mask String null

The mask of the instance.

Database String all

The names of the databases that the specified users are allowed to access.

PriorityId Integer 0

The priority of the modification item.

Address String 0.0.0.0/0

The IP addresses from which the specified users can access the specified databases.

Option String ldapserver=The private IP address of the ECS instance="CN=Users,DC=pgsqldomain,DC=net" ldapbinddn="CN=The username of the administrator user of the AD domain controller, CN=Users,DC=pgsqldomain,DC=net" ldapbindpasswd="The password of the administrator user of the AD domain controller" ldapsearchattribute="sAMAccountName"

The value of this parameter is based on the value of the METHOD parameter.

Method String ldap

The the authentication method of LDAP.

User String ldapuser

The user that is allowed to access the instance.

Examples

Sample requests

http(s)://rds.aliyuncs.com/?Action=DescribeModifyPGHbaConfigLog
&DBInstanceId=pgm-bp1lymyn1v3i****
&StartTime=2021-11-25T05:00:40Z
&EndTime=2021-11-25T06:00:40Z
&<Common request parameters>

Sample success responses

XML format 

HTTP/1.1 200 OK
Content-Type:application/xml

<DescribeModifyPGHbaConfigLogResponse>
    <DBInstanceId>pgm-bp1lymyn1v3i****</DBInstanceId>
    <RequestId>6D797E6B-E157-510C-A27F-6F9E6DA40633</RequestId>
    <LogItemCount>1</LogItemCount>
    <HbaLogItems>
        <ModifyStatus>success</ModifyStatus>
        <StatusReason/>
        <ModifyTime>2021-11-25T06:00:40Z</ModifyTime>
        <BeforeHbaItems>
            <Type>host</Type>
            <Database>all</Database>
            <PriorityId>0</PriorityId>
            <Address>0.0.0.0/0</Address>
            <Method>md5</Method>
            <User>all</User>
        </BeforeHbaItems>
        <AfterHbaItems>
            <Type>host</Type>
            <Database>all</Database>
            <PriorityId>0</PriorityId>
            <Address>0.0.0.0/0</Address>
            <Option>ldapserver=The private IP address of the ECS instance ldapbasedn="CN=Users,DC=pgsqldomain,DC=net" ldapbinddn="CN=The username of the administrator user of the AD domain controller, CN=Users,DC=pgsqldomain,DC=net" ldapbindpasswd="The password of the administrator user of the AD domain controller" ldapsearchattribute="sAMAccountName"</Option>
            <Method>ldap</Method>
            <User>ldapuser</User>
        </AfterHbaItems>
    </HbaLogItems>
</DescribeModifyPGHbaConfigLogResponse>

JSON format 

HTTP/1.1 200 OK
Content-Type:application/json

{
  "DBInstanceId" : "pgm-bp1lymyn1v3i****",
  "RequestId" : "6D797E6B-E157-510C-A27F-6F9E6DA40633",
  "LogItemCount" : 1,
  "HbaLogItems" : {
    "ModifyStatus" : "success",
    "StatusReason" : "",
    "ModifyTime" : "2021-11-25T06:00:40Z",
    "BeforeHbaItems" : {
      "Type" : "host",
      "Database" : "all",
      "PriorityId" : 0,
      "Address" : "0.0.0.0/0",
      "Method" : "md5",
      "User" : "all"
    },
    "AfterHbaItems" : {
      "Type" : "host",
      "Database" : "all",
      "PriorityId" : 0,
      "Address" : "0.0.0.0/0",
      "Option" : "ldapserver=The private IP address of the ECS instance ldapbasedn=\"CN=Users,DC=pgsqldomain,DC=net\" ldapbinddn=\"CN=The username of the administrator user of the AD domain controller, CN=Users,DC=pgsqldomain,DC=net\" ldapbindpasswd=\" The password of the administrator user of the AD domain controller\" ldapsearchattribute=\"sAMAccountName\",
      "Method" : "ldap",
      "User" : "ldapuser"
    }
  }
}

Error codes

Http status code Error code Error message Description
400 InvalidStartTime.Format Specified start time is not valid. The error message returned because the specified start time is invalid.
400 InvalidEndTime.Format Specified end time is not valid. The error message returned because the specified end time is invalid. Check and enter a valid value.

For a list of error codes, visit the API Error Center.