Set a Network ACL Rule
Last updated: 2019-11-29 11:06:01
1. API Description
This API (ModifyNetworkAclEntry) is used to configure ACL rules.
API request domain name: vpc.api.qcloud.com
You can configure both inbound and outbound network ACL policies.
2. Input Parameters
Below is a list of API request parameters. You need to add common request parameters to your request when calling this API. For more information, see the Common Request Parameters page. The Action field for this API is ModifyNetworkAclEntry.
| Parameter name | Required | Type | Description |
|---|---|---|---|
| vpcId | Yes | String | ID of the VPC to which the subnet belongs, which can be vpcId or unVpcId (recommended), for example vpc-jk7weyp2. You can query the ID through the API DescribeVpcEx. |
| networkAclId | Yes | String | Network ACL ID assigned by the system, for example: acl-jk7weyp2. You can query the ID through the API DescribeNetworkAcl. |
| ruleDirection | Yes | Int | Network ACL direction. 1: Inbound; 0: Outbound. |
| networkAclEntrySet.n | Yes | Array | Information array of network ACL policies. |
| networkAclEntrySet.n.desc | Yes | String | Comments. |
| networkAclEntrySet.n.ipProtocol | Yes | String | Protocol, such as TCP. |
| networkAclEntrySet.n.cidrIp | Yes | String | Source IP address or source IP range, for example: 10.20.3.0 or 10.0.0.2/24. IP or CIDR is supported. |
| networkAclEntrySet.n.portRange | Yes | String | Source port number or port range, for example: 80 or 90-100. |
| networkAclEntrySet.n.action | Yes | Int | Policy. 0: Allow; 1: Reject. |
3. Output Parameters
| Parameter name | Type | Description |
|---|---|---|
| code | Int | Error code. 0: Successful; other values: Failed. |
| message | String | Error message |
4. Error Codes
The following error codes only include business logic error codes for this API. For additional common error codes, see VPC Error Codes.
| Error code | Description |
|---|---|
| InvalidVpc.NotFound | Invalid VPC. This error code indicates that the VPC does not exist. In this case, verify whether the resource information that you entered is correct. You can query the VPC through the API DescribeVpcEx. |
| InvalidNetworkAclID.NotFound | Invalid Network ACL ID. This error code indicates that the Network ACL ID does not exist. In this case, verify whether the resource information that you entered is correct. You can query this ID through the API DescribeNetworkAcl. |
| NetworkAclInLimitExceeded | The number of created network ACL inbound rules exceeds its limit. To request more resources, contact our customer service. For more information about VPC resource limits, see VPC Use Limits. |
| NetworkAclOutLimitExceeded | The number of created network ACL outbound rules exceeds its limit. To request more resources, contact our customer service. For more information about VPC resource limits, see VPC Use Limits. |
5. Sample
Input
https://vpc.api.qcloud.com/v2/index.php?Action=ModifyNetworkAclEntry &<Common Request Parameters> &vpcId=vpc-erxok83l &networkAclId=acl-jk7weyp2 &ruleDirection=1 &networkAclEntrySet.0.desc=test &networkAclEntrySet.0.ipProtocol=all &networkAclEntrySet.0.cidrIp=0.0.0.0/0 &networkAclEntrySet.0.portRange=ALL &networkAclEntrySet.0.action=1
Output
{
"code": 0,
"message": ""
}
