tencent cloud

文档反馈

CreateAcl

最后更新时间:2023-07-05 15:57:50

1. API Description

Domain name for API request: ckafka.tencentcloudapi.com.

This API is used to add an ACL policy.

A maximum of 100 requests can be initiated per second for this API.

We recommend you to use API Explorer
Try it
API Explorer provides a range of capabilities, including online call, signature authentication, SDK code generation, and API quick search. It enables you to view the request, response, and auto-generated examples.

2. Input Parameters

The following request parameter list only provides API request parameters and some common parameters. For the complete common parameter list, see Common Request Parameters.

Parameter Name Required Type Description
Action Yes String Common Params. The value used for this API: CreateAcl.
Version Yes String Common Params. The value used for this API: 2019-08-19.
Region Yes String Common Params. For more information, please see the list of regions supported by the product.
InstanceId Yes String Instance ID information
ResourceType Yes Integer ACL resource type (2: TOPIC, 3: GROUP, 4: CLUSTER).
Operation Yes Integer ACL operation type (2: ALL, 3: READ, 4: WRITE, 5: CREATE, 6: DELETE, 7: ALTER, 8: DESCRIBE, 9: CLUSTER_ACTION, 10: DESCRIBE_CONFIGS, 11: ALTER_CONFIGS, 12: IDEMPOTENT_WRITE).
PermissionType Yes Integer Permission type (2: DENY, 3: ALLOW). CKafka currently supports ALLOW, which is equivalent to allowlist. DENY will be supported for ACLs compatible with open-source Kafka.
ResourceName No String Resource name, which is related to resourceType. For example, if resourceType is TOPIC, this field indicates the topic name; if resourceType is GROUP, this field indicates the group name; if resourceType is CLUSTER, this field can be left empty.
Host No String The default value is *, which means that any host can access. Currently, CKafka does not support the host as *, but the future product based on the open-source Kafka will directly support this
Principal No String The list of users allowed to access the topic. Default: User:*, meaning all users. The current user must be in the user list. Add User: before the user name (User:A for example).
ResourceNameList No String The resource name list, which is in JSON string format. Either ResourceName or resourceNameList can be specified.

3. Output Parameters

Parameter Name Type Description
Result JgwOperateResponse Returned result
RequestId String The unique request ID, which is returned for each request. RequestId is required for locating a problem.

4. Example

Example1 Adding an ACL policy

Input Example

https://ckafka.tencentcloudapi.com/?Action=CreateAcl
&InstanceId=xxx
&ResourceType=2
&ResourceName=test1
&Operation=2
&PermissionType=2
&Host=1.1.1.1
&Principal=User:user1
&<Common request parameters>

Output Example

{
    "Response": {
        "Result": {
            "ReturnCode": "0",
            "ReturnMessage": "ok[apply ok]",
            "Data": {
                "FlowId": 0
            }
        },
        "RequestId": "b1ce770b-3623-47d3-b31b-538f8941142d"
    }
}

5. Developer Resources

SDK

TencentCloud API 3.0 integrates SDKs that support various programming languages to make it easier for you to call APIs.

Command Line Interface

6. Error Code

The following only lists the error codes related to the API business logic. For other error codes, see Common Error Codes.

Error Code Description
FailedOperation Operation failed.
InternalError Internal error.
InvalidParameter Invalid parameter.
InvalidParameterValue.InstanceNotExist The instance does not exist.
InvalidParameterValue.RepetitionValue The parameter already exists.
InvalidParameterValue.SubnetIdInvalid Invalid subnet ID.
InvalidParameterValue.SubnetNotBelongToZone The subnet is not in the zone.
InvalidParameterValue.VpcIdInvalid Invalid VPC ID.
InvalidParameterValue.WrongAction The value of the Action parameter is incorrect.
InvalidParameterValue.ZoneNotSupport The zone is not supported.
ResourceUnavailable The resource is unavailable.
UnauthorizedOperation Unauthorized operation.
UnsupportedOperation.BatchDelInstanceLimit The batch instance deletion limit is reached.
UnsupportedOperation.OssReject Oss rejected the operation.