Last updated: 2020-02-19 09:20:37

    1. API Description

    Domain name for API request:

    This API is used to create a permission group rule.

    A maximum of 20 requests can be initiated per second for this API.

    2. Input Parameters

    The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

    Parameter Name Required Type Description
    Action Yes String Common parameter. The value used for this API: CreateCfsRule
    Version Yes String Common parameter. The value used for this API: 2019-07-19
    Region No String Common parameter. This parameter is not required for this API.
    PGroupId Yes String Permission group ID
    AuthClientIp Yes String You can enter a single IP or IP range, such as or The default visiting address is *, indicating that all IPs are allowed. Please note that you need to enter the CVM instance's private IP here.
    Priority Yes Integer Rule priority. Value range: 1–100. 1 represents the highest priority, while 100 the lowest
    RWPermission No String Read/write permission. Valid values: RO (read-only), RW (read & write). Default value: RO
    UserPermission No String User permission. Valid values: all_squash, no_all_squash, root_squash, no_root_squash. Specifically, all_squash: any visiting user will be mapped to an anonymous user or user group; no_all_squash: a visiting user will be first matched with a local user, and if the match fails, it will be mapped to an anonymous user or user group; root_squash: a visiting root user will be mapped to an anonymous user or user group; no_root_squash: a visiting root user will be allowed to maintain root account permissions. Default value: root_squash.

    3. Output Parameters

    Parameter Name Type Description
    RuleId String Rule ID
    PGroupId String Permission group ID
    AuthClientIp String Client IP
    RWPermission String Read & write permissions
    UserPermission String User permission
    Priority Integer Priority
    RequestId String The unique request ID, which is returned for each request. RequestId is required for locating a problem.

    4. Example

    Example1 Creating a permission group rule

    Input Example
    &<Common Request Parameters>

    Output Example

      "Response": {
        "RequestId": "fjo8aejo-fjei-32eu-2je9-fhue83nd81",
        "RuleId": "rule-12345",
        "PGroupId": "pgroup-12345",
        "AuthClientIp": "",
        "RWPermission": "rw",
        "UserPermission": "root_squash",
        "Priority": 9

    5. Developer Resources

    API Explorer

    This tool allows online call, signature authentication, SDK code generation and quick search of APIs to greatly improve the efficiency of using TencentCloud APIs.


    TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

    Command Line Interface

    6. Error Code

    The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

    Error Code Description
    FailedOperation Operation failed.
    FailedOperation.PgroupInUse The permission group has been bound to a file system.
    FailedOperation.PgroupIsUpdating The permission group is being updated.
    InternalError Internal error.
    InternalError.GetAccountStatusFailed Failed to get the payment status of the user.
    InvalidParameter Invalid parameter.
    InvalidParameterValue.DuplicatedRuleAuthClientIp The rule IP already exists.
    InvalidParameterValue.InvalidAuthClientIp Incorrect rule IP.
    InvalidParameterValue.InvalidPgroup The permission group is not under this user.
    InvalidParameterValue.InvalidPriority Incorrect priority settings.
    InvalidParameterValue.InvalidRwPermission Incorrect read/write permission settings.
    InvalidParameterValue.InvalidUserPermission Incorrect user permission settings.
    ResourceInsufficient.RuleLimitExceeded The number of rules exceeds the upper limit.
    ResourceNotFound.PgroupNotFound The permission group does not exist.
    UnsupportedOperation Unsupported operation.
    UnsupportedOperation.OutOfService Your account is in arrears. Please top up and try again.
    UnsupportedOperation.UnverifiedUser Unverified user.

    Was this page helpful?

    Was this page helpful?

    • Not at all
    • Not very helpful
    • Somewhat helpful
    • Very helpful
    • Extremely helpful
    Send Feedback