Associates an access control list (ACL) with a listener.

Description

  • AssociateAclsWithListener is an asynchronous operation. After you send a request, the system returns a request ID, but the operation is still being performed in the system background. You can call the DescribeListener operation to query the state of the listener with which you attempt to associate an ACL.
    • If the listener is in the updating state, it indicates that the ACL is being associated. In this case, you can perform only query operations.
    • If the listener is in the active state, it indicates that the ACL is associated.
  • The AssociateAclsWithListener operation cannot be called repeatedly for the same Global Accelerator (GA) instance within a specific period of time.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes AssociateAclsWithListener

The operation that you want to perform. Set the value to AssociateAclsWithListener.

RegionId String Yes 64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF

The ID of the region.

AclIds.N String Yes nacl-hp34s2h0xx1ht4nwo****

The ID of the ACL. You can associate up to two ACL IDs.

ListenerId String Yes lsr-bp1bpn0kn908w4nbw****

The ID of the listener.

AclType String Yes White

The type of ACL. Valid values:

  • white: a whitelist. Only requests from the IP addresses or CIDR blocks in the ACL are forwarded. Whitelists apply to scenarios in which you want to allow only specific IP addresses to access an application. Your service may be adversely affected if the whitelist is not properly configured. After you configure a whitelist for a listener, only requests from the IP addresses that are added to the whitelist are forwarded by the listener. If the whitelist is enabled but no IP addresses are added to it, the listener does not forward requests.
  • black: a blacklist. All requests from the IP addresses or CIDR blocks in the ACL are denied. Blacklists apply to scenarios in which you want to deny access from specific IP addresses to an application. If the blacklist is enabled but no IP addresses are added to it, the listener forwards all requests.
ClientToken String No 02fb3da4****

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the value, but you must make sure that it is unique among different requests. ClientToken can contain only ASCII characters.

Note If you do not set this parameter, ClientToken is set to the value of RequestId. The value of RequestId may be different for each API request.
DryRun Boolean No false

Specifies whether to only precheck the request. Default value: false. Valid values:

  • true: prechecks the request without performing the operation. The system checks the required parameters, request syntax, and limits. If the request fails the precheck, an error message is returned. If the request passes the precheck, the DryRunOperation error code is returned.
  • false: sends the request. If the request passes the precheck, a 2xx HTTP status code is returned and the operation is performed.

Response parameters

Parameter Type Example Description
RequestId String 64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF

The ID of the request.

AclIds Array of String nacl-hp34s2h0xx1ht4nwo****

The ID of the ACL.

ListenerId String lsr-bp1bpn0kn908w4nbw****

The ID of the listener.

Examples

Sample requests

http(s)://[Endpoint]/?Action=AssociateAclsWithListener
&RegionId=64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF
&AclIds=["nacl-hp34s2h0xx1ht4nwo****"]
&ListenerId=lsr-bp1bpn0kn908w4nbw****
&AclType=White
&ClientToken=02fb3da4****
&DryRun=false
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<AssociateAclsWithListenerResponse>
    <RequestId>64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF</RequestId>
    <AclIds>nacl-hp34s2h0xx1ht4nwo****</AclIds>
    <ListenerId>lsr-bp1bpn0kn908w4nbw****</ListenerId>
</AssociateAclsWithListenerResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "RequestId" : "64ADAB1E-0B7F-4FD8-A404-3BECC0E9CCFF",
  "AclIds" : [ "nacl-hp34s2h0xx1ht4nwo****" ],
  "ListenerId" : "lsr-bp1bpn0kn908w4nbw****"
}

Error codes

For a list of error codes, visit the API Error Center.