Invokes the CreateAcl operation to create an access control policy group.
Operation description
CreateAcl is an asynchronous operation. After you invoke the operation, the system returns an access control policy group ID but the access control policy group is not yet created. The creation node continues to run in the background. You can invoke GetAcl or ListAcls to query the status of the access control policy group:
-
If the access control policy group is in the init state, the access control policy group is being created. In this state, you can only execute query operations and cannot execute other operations.
-
If the access control policy group is in the active state, the access control policy group is created.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
ga:CreateAcl |
create |
*Acl
|
None | None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| RegionId |
string |
Yes |
The region ID of the Alibaba Cloud Global Accelerator (GA) instance. Set the value to cn-hangzhou. |
cn-hangzhou |
| AclName |
string |
No |
The name of the access control policy group. The name must be 1 to 128 characters in length and must start with a letter or a Chinese character. It can contain digits, periods (.), underscores (_), and hyphens (-). |
test-acl |
| AddressIPVersion |
string |
Yes |
The IP version of the access control policy group. Valid values:
|
IPv4 |
| AclEntries |
array<object> |
No |
The access control policy group entries, which are IP address entries or CIDR block entries. You can add up to 50 entries at a time. |
|
|
object |
No |
The access control policy group entries, which are IP address entries or CIDR block entries. You can add up to 50 entries at a time. |
||
| Entry |
string |
No |
The access control policy group entry, which is an IP address entry (192.168.XX.XX) or a CIDR block entry (10.0.XX.XX/24). You can add up to 50 entries at a time. |
10.0.XX.XX/24 |
| EntryDescription |
string |
No |
The description of the access control policy group entry. You can add descriptions for up to 50 entries at a time. The description must be 1 to 256 characters in length and can contain letters, digits, hyphens (-), forward slashes (/), periods (.), underscores (_), and Chinese characters. |
test-entry |
| ClientToken |
string |
No |
The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The client token can contain only ASCII characters. Note
If you do not specify this parameter, the system uses the RequestId value as the ClientToken value. The RequestId value is different for each API request. |
5A2CFF0E-5718-45B5-9D4D-70B3FF3898 |
| DryRun |
boolean |
No |
Specifies whether to perform a dry run. Valid values:
|
false |
| ResourceGroupId |
string |
No |
The resource group ID. |
rg-acfmwj7wvng3jbi |
| Tag |
array<object> |
No |
The label information of the access control policy group. |
|
|
object |
No |
The label information of the access control policy group. |
||
| Key |
string |
No |
The label key of the access control policy group. Once specified, the label key cannot be an empty string. The label key can be up to 64 characters in length and cannot start with You can specify up to 20 label keys. |
tag-key |
| Value |
string |
No |
The label value of the access control policy group. Once specified, the label value can be an empty string. The label value can be up to 128 characters in length and cannot start with You can specify up to 20 label values. |
tag-value |
Response elements
|
Element |
Type |
Description |
Example |
|
object |
The response parameters. |
||
| RequestId |
string |
The request ID. |
CEF72CEB-54B6-4AE8-B225-F876FF7BA984 |
| AclId |
string |
The access control policy group ID. |
nacl-hp34s2h0xx1ht4nwo**** |
Examples
Success response
JSON format
{
"RequestId": "CEF72CEB-54B6-4AE8-B225-F876FF7BA984",
"AclId": "nacl-hp34s2h0xx1ht4nwo****"
}
Error codes
|
HTTP status code |
Error code |
Error message |
Description |
|---|---|---|---|
| 400 | IsExist.AclEntriesIsExist | acl entries %s is exist | The ACL entry %s already exists. |
| 400 | QuotaExceeded.AclEntries | The number of acl entries exceeds the limit | The number of entries in the ACL exceeds the upper limit. |
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.