All Products
Search
Document Center

ENS:CreateNetworkAclEntry

Last Updated:Mar 12, 2024

Creates a network access control list (ACL) rule.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

ParameterTypeRequiredDescriptionExample
NetworkAclIdstringYes

The ID of the network ACL.

nacl-bp1lhl0taikrbgnh****
NetworkAclEntryNamestringNo

The name of the rule.

The name must be 1 to 128 characters in length and cannot start with http:// or https://.

acl-1
DescriptionstringNo

The description of the network ACL.

The description must be 1 to 256 characters in length and cannot start with http:// or https://.

This is my NetworkAcl.
DirectionstringYes

Specifies whether the ACL rule controls inbound or outbound access requests. Valid values:

  • ingress
  • egress
ingress
PolicystringYes

The action that is performed on network traffic that matches the rule. Valid values:

  • accept: allows network traffic.
  • drop: blocks network traffic.
accept
CidrBlockstringYes

The source CIDR block.

10.0.0.0/24
ProtocolstringYes

The protocol. Valid values:

  • icmp: ICMP
  • tcp: TCP
  • udp: UDP
  • all: all protocols
all
PortRangestringYes

The port range.

  • If you set Protocol to all or icmp, set this parameter to -1/-1, which specifies all ports.
  • If you set Protocol to tcp or udp, the port can be 1 to 65535. You can set this parameter to 1/200 or 80/80, which specifies ports 1 to 200 or port 80.
-1/-1
PriorityintegerYes

The priority of the rule. Valid values: 1 to 100. Default value: 1.

1

Response parameters

ParameterTypeDescriptionExample
object

Schema of Response

RequestIdstring

The ID of the request.

CEF72CEB-54B6-4AE8-B225-F876FF7BA984
NetworkAclEntryIdstring

The ID of the network ACL.

nae-5****

Examples

Sample success responses

JSONformat

{
  "RequestId": "CEF72CEB-54B6-4AE8-B225-F876FF7BA984",
  "NetworkAclEntryId": "nae-5****"
}

Error codes

HTTP status codeError codeError message
400Invalid%sThe specified parameter %s is invalid.
400Missing%sYou must specify the parameter %s.
400InvalidParam.DuplicateRuleThis rule already exists
400RuleLimitExceedThe maximum number of network acl rule is reached.
400ens.interface.errorAn error occurred while call the API.
400NoPermissionPermission denied.
400InvalidParameter.%sThe specified field %s invalid. Please check it again.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
No change history