All Products
Search
Document Center

PolarDB:ModifyDBClusterAccessWhitelist

Last Updated:Jul 09, 2026

Creates or modifies the whitelist of a cluster, including the IP whitelist and security groups.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request parameters

Parameter

Type

Required

Description

Example

DBClusterId

string

Yes

The cluster ID.

pc-*************

SecurityIps

string

No

The IP addresses or CIDR blocks in the IP whitelist group. A maximum of 1,000 IP addresses or CIDR blocks can be added to all IP whitelist groups. Separate multiple IP addresses with commas (,). The following two formats are supported:

  • IP address format, such as 10.23.12.24.

  • CIDR format, such as 10.23.12.24/24, where 24 indicates the prefix length of the CIDR block. The prefix length ranges from 1 to 32.

Note

This parameter takes effect only when WhiteListType is set to IP.

10.23.12.24

DBClusterIPArrayName

string

No

The name of the IP whitelist group. The name must be 2 to 120 characters in length and can contain lowercase letters and digits. The name must start with a letter and end with a letter or digit.

  • If the specified whitelist group name does not exist, a new whitelist group is created.

  • If the specified whitelist group name already exists, the whitelist group is modified.

  • If this parameter is not specified, the default group is modified.

Note
  • A maximum of 50 IP whitelist groups are supported for a cluster.

  • This parameter takes effect only when WhiteListType is set to IP.

default

DBClusterIPArrayAttribute

string

No

The attribute of the IP whitelist group. If this parameter is set to hidden, the group is not displayed in the console.

Note
  • IP whitelist groups that are already displayed in the console cannot be hidden.

  • This parameter takes effect only when WhiteListType is set to IP.

hidden

WhiteListType

string

No

The type of the whitelist. Valid values:

  • IP: IP whitelist group.

  • SecurityGroup: security group.

Default value: IP.

IP

SecurityGroupIds

string

No

The security group IDs. Separate multiple security group IDs with commas (,).

Note
  • A maximum of 3 security groups are supported for a cluster.

  • This parameter takes effect only when WhiteListType is set to SecurityGroup.

sg-*********

ModifyMode

string

No

The method used to modify the IP whitelist. Valid values:

  • Cover: overwrites the original IP whitelist (default value).

  • Append: appends IP addresses to the whitelist.

  • Delete: removes IP addresses from the whitelist.

Note

This parameter takes effect only when WhiteListType is set to IP.

Cover

Response elements

Element

Type

Description

Example

object

RequestId

string

The request ID.

D0CEC6AC-7760-409A-A0D5-E6CD86******

Examples

Success response

JSON format

{
  "RequestId": "D0CEC6AC-7760-409A-A0D5-E6CD86******"
}

Error codes

HTTP status code

Error code

Error message

Description

400 NumberExceed.securityGroupIds The number of SecurityGroupIds exceeds 10. The number of security groups cannot exceed 10. Modify the parameter and try again.
400 InvalidSecurityIPList.Duplicate Specified security IP list is not valid: Duplicate IP address in the list The specified IP address whitelist is invalid, because the whitelist contains duplicate IP addresses.
400 InvalidSecurityIPList.Format Specified security IP list format is not valid. The format of the specified IP address in the whitelist is invalid.
400 LockTimeout The request processing has failed due to lock timeout. Failed to process the request due to a lock timeout.
403 SecurityIPList.Duplicate Specified same security IP already exists. The specified security group IP address already exists.
403 OperationDenied.LockMode The operation is not permitted when the instance is locked. This operation is not supported while the cluster is in the locked state.
404 InvalidDBCluster.NotFound The DBClusterId provided does not exist in our records. The specified DBClusterId parameter does not exist in the current record.
404 InvalidDBClusterId.NotFound The DBInstanceId provided does not exist in our records. The specified DBClusterId parameter does not exist in the current record.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.