Associates a network access control list (ACL) with a listener.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes AssociateAclsWithListener

The operation that you want to perform. Set the value to AssociateAclsWithListener.

RegionId String Yes 64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF

The ID of the request.

ListenerId String Yes lsr-bp1bpn0kn908w4nbw****

The ID of the listener.

AclType String Yes White

The type of network ACL. Valid values:

  • white: a whitelist. Only requests from the IP addresses or CIDR blocks in the network ACL are forwarded. Whitelists apply to scenarios in which you want to allow only specific IP addresses to access an application. Your service may be adversely affected if the whitelist is not properly configured. After you configure a whitelist for a listener, only requests from the IP addresses that are added to the whitelist are forwarded by the listener. If the whitelist is enabled but no IP addresses are added to the network ACL, the listener does not forward requests.
  • black: a blacklist. All requests from the IP addresses or CIDR blocks in the network ACL are denied. The blacklist applies to scenarios in which you want to deny access from specific IP addresses to an application. If the blacklist is enabled but no IP addresses are added to the network ACL, the listener forwards all requests.
ClientToken String No 02fb3da4****

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the value, but you must make sure that it is unique among different requests. ClientToken can contain only ASCII characters.

Note If you do not set this parameter, the system automatically uses RequestId as ClientToken. RequestId of each API request may be different.
DryRun Boolean No false

Specifies whether to only precheck this request. Valid values:

  • true: prechecks the request without associating the network ACL with a listener. The system prechecks the required parameters, request syntax, and limits. If the request fails to pass the precheck, an error message is returned. If the request passes the precheck, the DryRunOperation error code is returned.
  • false (default): sends the request. If the request passes the precheck, a 2xx HTTP status code is returned and the operation is performed.
AclIds.N String Yes nacl-hp34s2h0xx1ht4nwo****

The ID of the network ACL. You can associate at most two network ACLs with a listener.

Response parameters

Parameter Type Example Description
RequestId String 64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF

The ID of the request.

AclIds Array of String nacl-hp34s2h0xx1ht4nwo****

The ID of the network ACL.

ListenerId String lsr-bp1bpn0kn908w4nbw****

The ID of the listener.

Examples

Sample requests

http(s)://[Endpoint]/?Action=AssociateAclsWithListener
&RegionId=64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF
&AclIds=["nacl-hp34s2h0xx1ht4nwo****"]
&ListenerId=lsr-bp1bpn0kn908w4nbw****
&AclType=White
&ClientToken=02fb3da4****
&DryRun=false
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<AssociateAclsWithListenerResponse>
    <RequestId>64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF</RequestId>
    <AclIds>nacl-hp34s2h0xx1ht4nwo****</AclIds>
    <ListenerId>lsr-bp1bpn0kn908w4nbw****</ListenerId>
</AssociateAclsWithListenerResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF",
  "AclIds" : [ "nacl-hp34s2h0xx1ht4nwo****" ],
  "ListenerId" : "lsr-bp1bpn0kn908w4nbw****"
}

Error codes

For a list of error codes, visit the API Error Center.