Checks whether KMS keys are authorized to ApsaraDB for MongoDB instances.

Before you enable Transparent Data Encryption (TDE) by calling the ModifyDBInstanceTDE operation, you can call this operation to check whether KMS keys are authorized to ApsaraDB for MongoDB instances.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes CheckCloudResourceAuthorized

The operation that you want to perform. Set the value to CheckCloudResourceAuthorized.

DBInstanceId String Yes dds-bp18f7d6b6a7****

The ID of the instance.

TargetRegionId String Yes cn-hangzhou

The region ID of the instance. You can call the DescribeDBInstanceAttribute operation to query the region ID of the instance.

Response parameters

Parameter Type Example Description
AuthorizationState Integer 1

Indicates whether KMS keys are authorized to ApsaraDB for MongoDB instances. Valid values:

  • 0: no
  • 1: yes
  • 2: KMS is not enabled.
RequestId String A0181AC4-F186-46ED-87CA-100C70B86729

The ID of the request.

RoleArn String acs:ram::140****:role/aliyunrdsinstanceencryptiondefaultrole

The role information of the authorized Alibaba Resource Name (ARN).

Note This parameter is returned only when the value of the AuthorizationState parameter is 1.

Examples

Sample requests

http(s)://mongodb.aliyuncs.com/?Action=CheckCloudResourceAuthorized
&DBInstanceId=dds-bp18f7d6b6a7****
&TargetRegionId=cn-hangzhou
&<Common request parameters>

Sample success responses

XML format 

HTTP/1.1 200 OK
Content-Type:application/xml

<CheckCloudResourceAuthorizedResponse>
    <AuthorizationState>1</AuthorizationState>
    <RequestId>A0181AC4-F186-46ED-87CA-100C70B86729</RequestId>
    <RoleArn>acs:ram::140****:role/aliyunrdsinstanceencryptiondefaultrole</RoleArn>
</CheckCloudResourceAuthorizedResponse>

JSON format 

HTTP/1.1 200 OK
Content-Type:application/json

{
  "AuthorizationState" : 1,
  "RequestId" : "A0181AC4-F186-46ED-87CA-100C70B86729",
  "RoleArn" : "acs:ram::140****:role/aliyunrdsinstanceencryptiondefaultrole"
}

Error codes

For a list of error codes, see Service error codes.