ModifyDBClusterAccessWhitelist - PolarDB - Alibaba Cloud Documentation Center

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

polardb:ModifyDBClusterAccessWhitelist

update

*dbcluster

acs:polardb:{#regionId}:{#accountId}:dbcluster/{#dbclusterId}

None

Request parameters

Parameter	Type	Required	Description	Example
DBClusterId	string	Yes	The cluster ID.	pc-*************
SecurityIps	string	No	The IP addresses or CIDR blocks in the IP address whitelist group. All IP address whitelist groups can contain a total of 1,000 IP addresses or CIDR blocks. Separate multiple IP addresses with commas (,). The following formats are supported: IP address format. For example: 10.23.12.24. CIDR format. For example: 10.23.12.24/24. The number 24 indicates the prefix length of the IP address. The prefix length can range from 1 to 32. Note This parameter is available only when WhiteListType is set to IP.	10.23.12.24
DBClusterIPArrayName	string	No	The name of the IP address whitelist group. The name must be 2 to 120 characters in length. It must consist of lowercase letters and digits. The name must start with a letter and end with a letter or a digit. If the specified whitelist group name does not exist, a new whitelist group is created. If the specified whitelist group name already exists, the whitelist group is modified. If you do not specify this parameter, the `default` group is modified. Note A cluster can have up to 50 IP address whitelist groups. This parameter is available only when WhiteListType is set to IP.	default
DBClusterIPArrayAttribute	string	No	The attribute of the IP address whitelist group. If you set this parameter to `hidden`, the whitelist group is not visible in the console. Note You cannot hide an IP address whitelist group that is already visible in the console. This parameter is available only when WhiteListType is set to IP.	hidden
WhiteListType	string	No	The type of the whitelist. Valid values: IP: IP address whitelist group. SecurityGroup: Security group. The default value is IP.	IP
SecurityGroupIds	string	No	The security group ID. Separate multiple security group IDs with commas (,). Note A cluster can be associated with up to three security groups. This parameter is available only when WhiteListType is set to SecurityGroup.	sg-*********
ModifyMode	string	No	The method used to modify the IP address whitelist. Valid values: Cover: Overwrites the original IP address whitelist. This is the default value. Append: Appends IP addresses to the whitelist. Delete: Deletes IP addresses from the whitelist. Note This parameter is available only when WhiteListType is set to IP.	Cover

Response elements

Element	Type	Description	Example
	object
RequestId	string	The request ID.	D0CEC6AC-7760-409A-A0D5-E6CD86******

Examples

Success response

JSON format

{
  "RequestId": "D0CEC6AC-7760-409A-A0D5-E6CD86******"
}

Error response

JSON format

{
  "RequestId": "D0CEC6AC-7760-409A-A0D5-E6CD8660E9CC"
}

Error codes

HTTP status code	Error code	Error message	Description
400	NumberExceed.securityGroupIds	The number of SecurityGroupIds exceeds 10.	The number of security groups cannot exceed 10. Modify the parameter and try again.
400	InvalidSecurityIPList.Duplicate	Specified security IP list is not valid: Duplicate IP address in the list	The specified IP address whitelist is invalid, because the whitelist contains duplicate IP addresses.
400	InvalidSecurityIPList.Format	Specified security IP list format is not valid.	The format of the specified IP address in the whitelist is invalid.
400	LockTimeout	The request processing has failed due to lock timeout.	Failed to process the request due to a lock timeout.
403	SecurityIPList.Duplicate	Specified same security IP already exists.	The specified security group IP address already exists.
403	OperationDenied.LockMode	The operation is not permitted when the instance is locked.	This operation is not supported while the cluster is in the locked state.
404	InvalidDBCluster.NotFound	The DBClusterId provided does not exist in our records.	The specified DBClusterId parameter does not exist in the current record.
404	InvalidDBClusterId.NotFound	The DBInstanceId provided does not exist in our records.	The specified DBClusterId parameter does not exist in the current record.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.