ModifyAccessRule -

Modifies a rule in a permission group.

Usage notes

Rules in the default permission groups DEFAULT_VPC_GROUP_NAME and DEFAULT_CLASSIC_GROUP_NAME cannot be modified.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	ModifyAccessRule	The operation that you want to perform. Set the value to ModifyAccessRule.
AccessGroupName	String	Yes	VPC-test	The name of the permission group.
AccessRuleId	String	Yes	1	The rule ID.
SourceCidrIp	String	Yes	192.0..	The IP address or CIDR block of the authorized object. You must set this parameter to an IP address or CIDR block. Note If the permission group resides in the classic network, you must set this parameter to an IP address.
RWAccessType	String	No	RDWR	The access permissions of the authorized object on the file system. Valid values: RDWR (default): the read and write permissions RDONLY: the read-only permissions
UserAccessType	String	No	all_squash	The access permissions for different types of users in the authorized object. Valid values: no_squash: allows access from root users to the file system. root_squash: grants root users the least permissions as the nobody user. all_squash: grants all users the least permissions as the nobody user. The nobody user has the least permissions in Linux and can access only the public content of the file system. This ensures the security of the file system.
Priority	Integer	No	1	The priority of the rule. Valid values: 1 to 100. Default value: 1, which indicates the highest priority.
FileSystemType	String	No	standard	The type of the file system. Valid values: standard (default): General-purpose NAS file system extreme: Extreme NAS file system
Ipv6SourceCidrIp	String	No	fe80::3d4a:80fd:f05d:****	The IPv6 address or CIDR block of the authorized object. You must set this parameter to an IPv6 IP address or CIDR block. Note Only Extreme NAS file systems that reside in the China (Hohhot) region support IPv6. Only permission groups that reside in virtual private clouds (VPCs) support IPv6. This parameter is unavailable if you specify the SourceCidrIp parameter.

Response parameters


Parameter	Type	Example	Description
RequestId	String	6299428C-3861-435D-AE54-9B330A00****	The request ID.

Examples

Sample requests

http(s)://[Endpoint]/?Action=ModifyAccessRule
&AccessGroupName=VPC-test
&AccessRuleId=1
&SourceCidrIp=192.0.**.**
&RWAccessType=RDWR
&UserAccessType=all_squash
&Priority=1
&FileSystemType=standard
&Ipv6SourceCidrIp=fe80::3d4a:80fd:f05d:****
&<Common request parameters>

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<ModifyAccessRuleResponse>
    <RequestId>6299428C-3861-435D-AE54-9B330A00****</RequestId>
</ModifyAccessRuleResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "6299428C-3861-435D-AE54-9B330A00****"
}

Error codes


HTTP status code	Error code	Error message	Description
400	InvalidParam.Ipv6SourceCidrIp	IPv6 address verification failed.	The specified IPv6 address fails to be verified.
400	InvalidParam.SourceCidrIp	IPv4 address verification failed.	The specified IPv4 address fails to be verified.
400	InvalidParam.IPv4AndIPv6MutuallyExclusive	You cannot configure IPv4 and IPv6 at the same time.	You cannot specify an IPv4 address and an IPv6 address at the same time.
400	InvalidAccessGroup.NotsupportedIPv6	The access group does not support IPv6.	The permission group does not support IPv6.

For a list of error codes, see Service error codes.