Set Network ACL Rules
Last updated: 2017-06-21 16:27:04
1. API Description
This API (ModifyNetworkAclEntry) is used to configure ACL rules.
Domain for API request:vpc.api.qcloud.com
You can configure both inbound and outbound network ACL policies;
2. Input Parameters
The following request parameter list only provides API request parameters. Common request parameters need to be added when the API is called. For more information, refer to Common Request Parameters. The Action field for this API is ModifyNetworkAclEntry.
| Parameter Name | Required | Type | Description |
|---|---|---|---|
| vpcId | Yes | String | Virtual private cloud ID of the subnet, which can be vpcId or unVpcId. unVpcId is recommended. For example: vpc-jk7weyp2. You can query this through API DescribeVpcEx. |
| networkAclId | Yes | String | Network ACL ID assigned by the system. For example: acl-jk7weyp2. Can be queried via the API DescribeNetworkAcl. |
| ruleDirection | Yes | Int | Network ACL direction. 1: inbound, 0: outbound. |
| networkAclEntrySet.n | Yes | Array | Network ACL policy information array. |
| networkAclEntrySet.n.desc | Yes | String | Note. |
| networkAclEntrySet.n.ipProtocol | Yes | String | Protocol, such as tcp. |
| networkAclEntrySet.n.cidrIp | Yes | String | Source IP or source network segment (IP and CIDR are both supported). For example: 10.20.3.0 or 10.0.0.2/24. |
| networkAclEntrySet.n.portRange | Yes | String | Source port (or source port range). For example: 80 or 90-100. |
| networkAclEntrySet.n.action | Yes | Int | Policy. 0: Allow, 1: Reject. |
3. Output Parameters
| Parameter Name | Type | Description |
|---|---|---|
| code | Int | Error code, 0: Succeeded, other values: Failed. |
| message | String | Error message. |
4. Error Code Table
The following error code list only provides the business logic error codes for this API. For additional common error codes, refer to VPC Error Codes.
| Error code | Description |
|---|---|
| InvalidVpc.NotFound | Invalid VPC. VPC resource does not exist. Please verify that the resource information you entered is correct. You can query the VPC via the API DescribeVpcEx. |
| InvalidNetworkAclID.NotFound | Invalid network ACL ID. Network ACL ID does not exist. Please verify that the resource information you entered is correct. You can query network ACL IDs via the API DescribeNetworkAcl. |
| NetworkAclInLimitExceeded | Number of created network ACL inbound rules has exceeded the limit. Please contact customer service for more resources. For more information on VPC resource restrictions, refer to VPC Usage Restrictions. |
| NetworkAclOutLimitExceeded | Number of created network ACL outbound rules has exceeded the limit. Please contact customer service for more resources. For more information on VPC resource restrictions, see VPC Usage Restrictions. |
5. Example
Input
https://vpc.api.qcloud.com/v2/index.php?Action=ModifyNetworkAclEntry &<Common request parameters> &vpcId=vpc-erxok83l &networkAclId=acl-jk7weyp2 &ruleDirection=1 &networkAclEntrySet.0.desc=test &networkAclEntrySet.0.ipProtocol=all &networkAclEntrySet.0.cidrIp=0.0.0.0/0 &networkAclEntrySet.0.portRange=ALL &networkAclEntrySet.0.action=1
Output
{
"code": 0,
"message": ""
}
