Associates access control lists (ACLs) with a listener.

Usage notes

The DeleteDhcpOptionsSet operation is asynchronous. After you send a request, the system returns the request ID. However, the operation is still being performed in the system background. You can call ListAclRelations to query the status of an ACL.

  • If an ACL is in the Associating state, the ACL is being associated with a listener.
  • If an ACL is in the Associated state, the ACL has been associated with a listener.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes AssociateAclsWithListener

The operation that you want to perform. Set the value to AssociateAclsWithListener.

AclIds.N String Yes nacl-hp34s2h0xx1ht4nwo****

The IDs of the ACLs. You can specify up to three IDs in each call.

ListenerId String Yes lsr-bp1bpn0kn908w4nbw****

The ID of the listener.

AclType String Yes White

The type of the ACL. Valid values:

  • White: a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. The whitelist applies to scenarios in which you want to allow only specific IP addresses to access an application. Your service may be adversely affected if the whitelist is not properly configured. After a whitelist is configured, only requests from IP addresses that are added to the whitelist are forwarded by the listener. If a whitelist is configured but no IP address is added to the whitelist, the listener forwards all requests.
  • Black: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are blocked. The blacklist applies to scenarios in which you want to block access from specific IP addresses to an application. If a blacklist is configured for a listener but no IP address is added to the blacklist, the listener forwards all requests.
DryRun Boolean No true

Specifies whether only to precheck this request. Valid values:

  • true: sends the precheck request but does not associate the ACLs with the listener. The system checks the required parameters, request syntax, and limits. If the request fails the check, an error message is returned. If the request passes the check, the DryRunOperation error code is returned.
  • false (default): sends the request. If the request passes the precheck, an HTTP 2xx status code is returned and the operation is performed.
ClientToken String No 5A2CFF0E-5718-45B5-9D4D-70B3FF3898

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the value, but you must make sure that it is unique among different requests. ClientToken can contain only ASCII characters.

Note If you do not set this parameter, ClientToken is set to the value of RequestId. The value of RequestId for each API request may be different.

Response parameters

Parameter Type Example Description
JobId String 72dcd26b-f12d-4c27-b3af-18f6aed5****

The ID of the asynchronous task.

RequestId String CEF72CEB-54B6-4AE8-B225-F876FF7BA984

The ID of the request.

Examples

Sample requests

http(s)://[Endpoint]/?Action=AssociateAclsWithListener
&AclIds=["nacl-hp34s2h0xx1ht4nwo****"]
&ListenerId=lsr-bp1bpn0kn908w4nbw****
&AclType=White
&DryRun=true
&ClientToken=5A2CFF0E-5718-45B5-9D4D-70B3FF3898
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<AssociateAclsWithListenerResponse>
    <JobId>72dcd26b-f12d-4c27-b3af-18f6aed5****</JobId>
    <RequestId>CEF72CEB-54B6-4AE8-B225-F876FF7BA984</RequestId>
</AssociateAclsWithListenerResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "JobId" : "72dcd26b-f12d-4c27-b3af-18f6aed5****",
  "RequestId" : "CEF72CEB-54B6-4AE8-B225-F876FF7BA984"
}

Error codes

HttpCode Error code Error message Description
400 QuotaExceeded.AclsNum The quota of %s is exceeded, usage %s/%s. The error message returned because the usage %s exceeded the quota %s.
400 IncorrectStatus.Acl The status of %s [%s] is incorrect. The error message returned because the status of the specified resource %s [%s] is invalid.
400 ResourceQuotaExceeded.ListenerAclEntriesNum The quota of %s is exceeded for resource %s, usage %s/%s. The error message returned because the quota %s of the specified resource %s is exhausted. The current usage is %s.
404 ResourceNotFound.Acl The specified resource %s is not found. The error message returned because the specified resource %s does not exist.

For a list of error codes, visit the Error Center.