Invokes the AssociateAclsWithListener operation to associate access control policy groups with a listener.
Operation description
- AssociateAclsWithListener is an asynchronous operation. After you send a request, the system returns a request ID, but the access control policy group is not yet associated with the listener. The association node continues to run in the background. You can invoke DescribeListener to query the listener status:
If the listener is in the updating state, the access control policy group is being associated with the listener. In this state, you can only execute query operations and cannot execute other operations.
If the listener is in the active state, the access control policy group is associated with the listener.
You cannot concurrently associate access control policy groups with listeners within the same Alibaba Cloud Global Accelerator (GA) instance.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
ga:AssociateAclsWithListener |
update |
*Listener
|
None | None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| RegionId |
string |
Yes |
The region ID of the Global Accelerator instance. Set the value to ap-southeast-1. |
cn-hangzhou |
| AclIds |
array |
Yes |
The ID of the access control policy group. You can associate up to two access control policy groups. |
|
|
string |
No |
The ID of the access control policy group. You can associate up to two access control policy groups. |
nacl-hp34s2h0xx1ht4nwo**** |
|
| ListenerId |
string |
Yes |
The listener ID. Only intelligent routing listeners support the access control feature. |
lsr-bp1bpn0kn908w4nbw**** |
| AclType |
string |
Yes |
The type of access control. Valid values:
|
white |
| ClientToken |
string |
No |
The client token that is used to ensure the idempotency of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The client token can contain only ASCII characters. Note
If you do not specify this parameter, the system uses the RequestId value as the ClientToken value. The RequestId value is different for each API request. |
02fb3da4**** |
| DryRun |
boolean |
No |
Specifies whether to perform a dry run. Valid values:
|
false |
Response elements
|
Element |
Type |
Description |
Example |
|
object |
The response parameters. |
||
| RequestId |
string |
The request ID. |
64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF |
| AclIds |
array |
The ID of the access control policy group. |
|
|
string |
The ID of the access control policy group. |
nacl-hp34s2h0xx1ht4nwo**** |
|
| ListenerId |
string |
The listener ID. |
lsr-bp1bpn0kn908w4nbw**** |
Examples
Success response
JSON format
{
"RequestId": "64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF",
"AclIds": [
"nacl-hp34s2h0xx1ht4nwo****"
],
"ListenerId": "lsr-bp1bpn0kn908w4nbw****"
}
Error codes
|
HTTP status code |
Error code |
Error message |
Description |
|---|---|---|---|
| 400 | NotExist.Listener | listener %s is not exist | The listener %s does not exist. |
| 400 | NotActive.Listener | listener %s is not active | The listener %s is unavailable. |
| 400 | NotExist.Accelerator | accelerator %s is not exist | The GA instance %s does not exist. |
| 400 | StateError.Accelerator | accelerator state %s is illegal | The GA instance is in an invalid state %s. |
| 400 | NotExist.Acl | acl %s is not exist | The ACL %s does not exist. |
| 400 | StateError.Acl | acl state %s is illegal | The status of the ACL %s is invalid. |
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.