CreateAccessRule - Apsara File Storage NAS - Alibaba Cloud Documentation Center

Creates a rule for a permission group.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

Parameter	Type	Required	Description	Example
AccessGroupName	string	Yes	The name of the permission group.	vpc-test
SourceCidrIp	string	No	The IP address or CIDR block of the authorized object. You must set this parameter to an IP address or CIDR block. Note If the permission group resides in the classic network, you must set this parameter to an IP address.	192.0.2.0/16
RWAccessType	string	No	The access permissions of the authorized object on the file system. Valid values: RDWR (default): the read and write permissions RDONLY: the read-only permissions	RDWR
UserAccessType	string	No	The access permissions for different types of users in the authorized object. Valid values: no_squash (default): grants root users the permissions to access the file system. root_squash: grants root users the least permissions as the nobody user. all_squash: grants all users the least permissions as the nobody user. The nobody user has the least permissions in Linux and can access only the public content of the file system. This ensures the security of the file system.	no_squash
Priority	integer	No	The priority of the rule. The rule with the highest priority takes effect if multiple rules are attached to the authorized object. Valid values: 1 to 100. The value 1 indicates the highest priority.	1
FileSystemType	string	No	The type of the file system. Valid values: standard (default): General-purpose NAS file system extreme: Extreme NAS file system	standard
Ipv6SourceCidrIp	string	No	The IPv6 address or CIDR block of the authorized object. You must set this parameter to an IPv6 address or CIDR block. Note Only Extreme NAS file systems that reside in the Chinese mainland support IPv6. If you specify this parameter, you must enable IPv6 for the file system. Only permission groups that reside in virtual private clouds (VPCs) support IPv6. You cannot specify an IPv4 address and an IPv6 address at the same time.	2001:250:6000::***

Response parameters

Parameter	Type	Description	Example
	object
RequestId	string	The request ID.	A323836B-5BC6-45A6-8048-60675C23****
AccessRuleId	string	The rule ID.	1

Examples

Sample success responses

JSONformat

{
  "RequestId": "A323836B-5BC6-45A6-8048-60675C23****",
  "AccessRuleId": "1"
}

Error codes

HTTP status code	Error code	Error message	Description
400	InvalidParam.Ipv6SourceCidrIp	IPv6 address verification failed.	IPv6 address verification failed.
400	InvalidParam.SourceCidrIp	IPv4 address verification failed.	IPv4 address verification failed.
400	InvalidParam.IPv4AndIPv6MutuallyExclusive	You cannot configure IPv4 and IPv6 at the same time.	You cannot configure IPv4 and IPv6 at the same time.
400	InvalidAccessGroup.NotsupportedIPv6	The access group does not support IPv6.	The access group does not support IPv6.

For a list of error codes, visit the Service error codes.