DocsICP FilingConsole
官方文档
首页

CreateAcl

更新时间:
复制 MD 格式
产品详情
我的收藏

Creates an access control list (ACL) in a specified region.

Operation description

CreateAcl is an asynchronous operation. After you send a request, the system returns an instance ID and starts to create the ACL in the background. You can call the ListAcls operation to query the status of the ACL.

  • If the ACL is in the Creating state, the ACL is being created.

  • If the ACL is in the Available state, the ACL is available for use.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

  • Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.

  • API: The API that you can call to perform the action.

  • Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.

  • Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.

    • For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.

    • For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.

  • Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.

  • Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

alb:CreateAcl

create

*Acl

acs:alb:{#regionId}:{#accountId}:acl/*

 None None

Request parameters

Parameter

Type

Required

Description

Example
AclName

string

No

The name of the ACL. The name must be 2 to 128 characters in length, and can contain digits, periods (.), underscores (_), hyphens (-), letters, and Chinese characters. The name must start with a letter, a Chinese character, or a digit.

test-acl
ClientToken

string

No

The client token that is used to ensure the idempotence of the request.

You can use the client to generate a value, but you must make sure that the value is unique among different requests. The client token can contain only ASCII characters.

Note

If you do not specify this parameter, the system automatically uses the RequestId of the request as the ClientToken. The RequestId of each request may be different.

5A2CFF0E-5718-45B5-9D4D-70B3*****
DryRun

boolean

No

Specifies whether to perform a dry run. Valid values:

  • true: performs a dry run. The system checks the required parameters, request format, and service limits. If the request fails the dry run, an error code is returned. If the request passes the dry run, the DryRunOperation error code is returned. No ACL is created.

  • false (default): sends a normal request. If the request passes the check, an HTTP 2xx status code is returned and the operation is performed.

true
ResourceGroupId

string

No

The ID of the resource group.

rg-atstuj3rtop****
Tag

array<object>

No

The tags to add to the ACL.

rg-12313

object

No

This object represents a single tag.

Key

string

No

The tag key. The tag key can be up to 128 characters in length and cannot start with aliyun or acs:. It cannot contain http:// or https://.

env
Value

string

No

The tag value. The tag value can be up to 128 characters in length and cannot start with aliyun or acs:. It cannot contain http:// or https://.

product

Response elements

Element

Type

Description

Example

object

The response object.

AclId

string

The ID of the ACL.

acl-hp34s2h0xx1ht4nwo****
JobId

string

The ID of the asynchronous task.

72dcd26b-f12d-4c27-b3af-18f6aed5****
RequestId

string

The ID of the request.

CEF72CEB-54B6-4AE8-B225-F876******

Examples

Success response

JSON format

{
  "AclId": "acl-hp34s2h0xx1ht4nwo****",
  "JobId": "72dcd26b-f12d-4c27-b3af-18f6aed5****",
  "RequestId": "CEF72CEB-54B6-4AE8-B225-F876******"
}

Error codes

HTTP status code

Error code

Error message

Description
400 QuotaExceeded.AclsNum The quota of %s is exceeded, usage %s/%s. The quota of %s is exceeded, usage %s/%s.
400 NotExist.ResourceGroup ResourceGroup does not exist.
403 Forbidden.Acl ACL authentication has failed.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.