ListGroupDNSServiceRules

更新时间:
复制 MD 格式

Queries DNS authorization rules for an instance group.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

  • Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.

  • API: The API that you can call to perform the action.

  • Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.

  • Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.

    • For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.

    • For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.

  • Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.

  • Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

iotcc:ListGroupDNSServiceRules

get

*CloudConnector

acs:iotcc:{#regionId}:{#accountId}:cloudconnector/{#CloudConnectorId}

None None

Request parameters

Parameter

Type

Required

Description

Example

IoTCloudConnectorGroupId

string

Yes

The ID of the Cloud Connector instance group.

iotccg-g00epppbi9di9y****

DNSServiceRuleIds

array

No

The ID of the DNS authorization rule.

string

No

The IDs of DNS authorization rules. You can specify up to 20 rule IDs.

gar-ffnn1ewe2nmf3y****

ServiceType

string

No

The target type of the DNS authorization rule. Valid values:

  • Normal: The target type is a standard DNS type.

  • DNSRedirect: The target type is a DNS redirection type.

Normal

Destination

array

No

The destination IP addresses of the DNS authorization rule.

string

No

The destination IP addresses of the DNS authorization rule. You can specify up to 20 destination IP addresses.

Note

This parameter is required when ServiceType is set to DNSRedirect.

192.168.0.2

Source

array

No

The source IP addresses of the DNS authorization rule.

string

No

The source IP addresses of the DNS authorization rule. You can specify up to 20 source IP addresses. Valid values include but are not limited to the following:

100.100.2.136, 100.100.2.137, 100.100.2.138, 114.114.114.114, 8.8.8.8, 8.8.4.4, 223.5.5.5, 223.6.6.6, 221.5.88.88, 116.116.116.116, 221.228.15.26, 61.139.2.69, 218.6.200.139, 119.29.29.29, 218.2.2.2, 208.67.220.220, 208.67.222.222, 218.4.4.4.

To use other DNS authorization rule IP addresses beyond the default ones listed above, submit a ticket and include the requested IP addresses in your ticket.

100.100.2.136

DNSServiceRuleStatus

array

No

The status of the DNS authorization rule.

string

No

The status of the DNS authorization rule. You can specify up to 20 statuses. Valid values:

  • Creating: The rule is being created.

  • Created: The rule has been created.

  • Deleting: The rule is being deleted.

  • Updating: The rule is being updated.

Created

DNSServiceRuleName

array

No

The names of DNS authorization rules. You can specify up to 20 rule names.

string

No

The names of DNS authorization rules. You can specify up to 20 rule names.

The name must be 2 to 128 characters in length and can contain letters, digits, periods (.), underscores (_), and hyphens (-). It must start with a letter or a Chinese character.

test

NextToken

string

No

The token used to retrieve the next page of results. Valid values:

  • Leave this parameter empty for the first query or if no further queries are needed.

  • If more results are available, set this parameter to the NextToken value returned in the previous API call.

FFmyTO70tTpLG6I3FmYAXGKPd****

MaxResults

integer

No

The number of entries to return on each page. Valid values: 1–50. Default value: 10.

10

RegionId

string

Yes

The region ID of the Cloud Connector instance group.

You can call the ListRegions operation to obtain the region ID.

cn-hangzhou

Response elements

Element

Type

Description

Example

object

The request ID.

RequestId

string

The request ID.

77111A6A-56BA-59B2-8CAA-7CBF21648FB8

TotalCount

integer

The total number of entries.

10

NextToken

string

The token used to retrieve the next page of results. Valid values:

  • If NextToken is empty, no further queries are available.

  • If NextToken returns a value, it indicates the starting token for the next query.

FFmyTO70tTpLG6I3FmYAXGKPd****

MaxResults

integer

The number of entries returned per page.

10

DNSServiceRules

array<object>

The list of DNS authorization rules.

object

The list of DNS authorization rules.

IoTCloudConnectorGroupId

string

The ID of the Cloud Connector instance group.

iotccg-g00epppbi9di9y****

DNSServiceRuleStatus

string

The status of the DNS authorization rule. Valid values:

  • Creating: The rule is being created.

  • Created: The rule has been created.

  • Deleting: The rule is being deleted.

  • Updating: The rule is being updated.

Created

Source

string

The source IP address of the DNS authorization rule. Valid values include but are not limited to the following:

100.100.2.136, 100.100.2.137, 100.100.2.138, 114.114.114.114, 8.8.8.8, 8.8.4.4, 223.5.5.5, 223.6.6.6, 221.5.88.88, 116.116.116.116, 221.228.15.26, 61.139.2.69, 218.6.200.139, 119.29.29.29, 218.2.2.2, 208.67.220.220, 208.67.222.222, 218.4.4.4.

To use other DNS authorization rule IP addresses beyond the default ones listed above, submit a ticket and include the requested IP addresses in your ticket.

100.100.2.136

ServiceType

string

The target type of the DNS authorization rule. Valid values:

  • Normal: The target type is a standard DNS type.

  • DNSRedirect: The target type is a DNS redirection type.

Normal

Destination

string

The destination IP address of the DNS authorization rule.

Note

This parameter is required when ServiceType is set to DNSRedirect.

192.168.0.2

DNSServiceRuleName

string

The name of the DNS authorization rule.

The name must be 2 to 128 characters in length and can contain letters, digits, periods (.), underscores (_), and hyphens (-). It must start with a letter or a Chinese character.

test

DNSServiceRuleDescription

string

The description of the DNS authorization rule.

The description must be 2 to 256 characters in length. It must start with a letter or a Chinese character and cannot begin with http:// or https://.

description

DNSServiceRuleId

string

The ID of the DNS authorization rule.

gar-ffnn1ewe2nmf3y****

Examples

Success response

JSON format

{
  "RequestId": "77111A6A-56BA-59B2-8CAA-7CBF21648FB8",
  "TotalCount": 10,
  "NextToken": "FFmyTO70tTpLG6I3FmYAXGKPd****",
  "MaxResults": 10,
  "DNSServiceRules": [
    {
      "IoTCloudConnectorGroupId": "iotccg-g00epppbi9di9y****",
      "DNSServiceRuleStatus": "Created",
      "Source": "100.100.2.136",
      "ServiceType": "Normal",
      "Destination": "192.168.0.2",
      "DNSServiceRuleName": "test",
      "DNSServiceRuleDescription": "description",
      "DNSServiceRuleId": "gar-ffnn1ewe2nmf3y****"
    }
  ]
}

Error codes

HTTP status code

Error code

Error message

Description

400 Forbidden.RAM Ram user does not have permission to perform this operation. The error message returned because the RAM user does not have the permissions to perform the operation.
400 ResourceNotFound.IoTCloudConnectorGroup The param of IoTCloudConnectorGroupId is illegal.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.