CreateAcl

Last updated: 2020-03-27 19:05:17

PDF

1. API Description

Domain name for API request: ckafka.tencentcloudapi.com.

This API is used to add an ACL policy.

A maximum of 100 requests can be initiated per second for this API.

Note: This API supports Finance regions. If the common parameter Region is a Finance region, a domain name with the Finance region needs to be specified, for example: ckafka.ap-shanghai-fsi.tencentcloudapi.com

2. Input Parameters

The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

Parameter Name Required Type Description
Action Yes String Common parameter. The value used for this API: CreateAcl.
Version Yes String Common parameter. The value used for this API: 2019-08-19.
Region Yes String Common parameter. For more information, please see the list of regions supported by the product.
InstanceId Yes String Instance ID information
ResourceType Yes Integer ACL resource type. 0: UNKNOWN, 1: ANY, 2: TOPIC, 3: GROUP, 4: CLUSTER, 5: TRANSACTIONAL_ID. Currently, only TOPIC is available, and other fields will be used for future ACLs compatible with open-source Kafka
ResourceName Yes String Resource name, which is related to resourceType. For example, if resourceType is TOPIC, this field indicates the topic name; if resourceType is GROUP, this field indicates the group name
Operation Yes Integer ACL operation mode. 0: UNKNOWN, 1: ANY, 2: ALL, 3: READ, 4: WRITE, 5: CREATE, 6: DELETE, 7: ALTER, 8: DESCRIBE, 9: CLUSTER_ACTION, 10: DESCRIBE_CONFIGS, 11: ALTER_CONFIGS
PermissionType Yes Integer Permission type. 0: UNKNOWN, 1: ANY, 2: DENY, 3: ALLOW. Currently, CKafka supports ALLOW (equivalent to whitelist), and other fields will be used for future ACLs compatible with open-source Kafka
Host No String The default value is *, which means that any host can access. Currently, CKafka does not support the host as *, but the future product based on the open-source Kafka will directly support this
Principal No String User list. The default value is *, which means that any user can access. The current user can only be one included in the user list

3. Output Parameters

Parameter Name Type Description
Result JgwOperateResponse Returned result
RequestId String The unique request ID, which is returned for each request. RequestId is required for locating a problem.

4. Example

Example1 Adding ACL policy

Input Example

https://ckafka.tencentcloudapi.com/?Action=CreateAcl
&InstanceId=xxx
&ResourceType=xxx
&ResourceName=1
&Operation=2
&PermissionType=2
&Host=2
&Principal=2
&<Common request parameters>

Output Example

{
  "Response": {
    "Result": {
      "ReturnCode": "0",
      "ReturnMessage": "ok[apply ok]"
    },
    "RequestId": "b1ce770b-3623-47d3-b31b-538f8941142d"
  }
}

5. Developer Resources

API Explorer

This tool allows online call, signature authentication, SDK code generation and quick search of APIs to greatly improve the efficiency of using TencentCloud APIs.

SDK

TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

Command Line Interface

6. Error Code

The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

Error Code Description
InternalError Internal error.
InvalidParameter Invalid parameter.
InvalidParameterValue.InstanceNotExist The instance does not exist.
InvalidParameterValue.RepetitionValue The parameter already exists.
InvalidParameterValue.SubnetIdInvalid Invalid subnet ID.
InvalidParameterValue.SubnetNotBelongToZone The subnet is not in the zone.
InvalidParameterValue.VpcIdInvalid Invalid VPC ID.
InvalidParameterValue.WrongAction The value of the Action parameter is incorrect.
InvalidParameterValue.ZoneNotSupport The zone is not supported.
ResourceUnavailable The resource is unavailable.
UnauthorizedOperation Unauthorized operation.
UnsupportedOperation.BatchDelInstanceLimit The batch instance deletion limit is reached.
UnsupportedOperation.OssReject Oss rejected the operation.