Creates an access control list (ACL).

Usage notes

The CreateAcl operation is asynchronous. After you send a request, the system returns a request ID. However, the operation is still being performed in the system background. You can call the ListAcls operation to query the status of an ACL:

  • If an ACL is in the Creating state, the ACL is being created.
  • If an ACL is in the Available state, the ACL is created.


OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CreateAcl

The operation that you want to perform. Set the value to CreateACL.

AclName String No test-acl

The name of the ACL. The name must be 2 to 128 characters in length, and can contain letters, digits, periods (.), underscores (_), and hyphens (-). The name must start with a letter.

ClientToken String No 5A2CFF0E-5718-45B5-9D4D-70B3FF3898

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the value, but you must make sure that it is unique among different requests. ClientToken can contain only ASCII characters.

Note If you do not set this parameter, the system uses RequestId as ClientToken. The value of RequestId may be different for each API request.
DryRun Boolean No true

Specifies whether to check the request without performing the operation. Valid values:

  • true: checks the request without performing the operation. The system checks the required parameters, request syntax, and limits. If the request fails the check, an error message is returned. If the request passes the check, the DryRunOperation error code is returned.
  • false (default): sends the request. If the request passes the check, an HTTP 2xx status code is returned and the operation is performed.
ResourceGroupId String No rg-atstuj3rtop****

The ID of the resource group.

Response parameters

Parameter Type Example Description
AclId String nacl-hp34s2h0xx1ht4nwo****

The ID of the ACL.

JobId String 72dcd26b-f12d-4c27-b3af-18f6aed5****

The ID of the asynchronous task.

RequestId String CEF72CEB-54B6-4AE8-B225-F876FF7BA984

The ID of the request.


Sample requests

&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK


JSON format

HTTP/1.1 200 OK

  "AclId" : "nacl-hp34s2h0xx1ht4nwo****",
  "JobId" : "72dcd26b-f12d-4c27-b3af-18f6aed5****",
  "RequestId" : "CEF72CEB-54B6-4AE8-B225-F876FF7BA984"

Error codes

HttpCode Error code Error message Description
400 QuotaExceeded.AclsNum The quota of %s is exceeded, usage %s/%s. The error message returned because the usage %s has exceeded the quota %s.

For a list of error codes, visit the Error Center.