weihongmin1
46d24ba358
Reviewed-by: Belejkanic, Lukas <lukas.belejkanic@t-systems.com> Co-authored-by: weihongmin1 <weihongmin1@huawei.com> Co-committed-by: weihongmin1 <weihongmin1@huawei.com>
22 KiB
Querying the ACL for Console Access
Function
This API is used to query the ACL for console access.
URI
GET /v3.0/OS-SECURITYPOLICY/domains/{domain_id}/console-acl-policy
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
domain_id |
Yes |
String |
Domain ID. |
Request Parameters
Parameter |
Mandatory |
Type |
Description |
|---|---|---|---|
X-Auth-Token |
Yes |
String |
Token with Security Administrator permissions. |
Response Parameters
Parameter |
Type |
Description |
|---|---|---|
object |
ACL for console access. |
Parameter |
Type |
Description |
|---|---|---|
Array of objects |
IPv4 address or CIDR block from which access is allowed. This parameter is returned only when an IPv4 address or CIDR block from which console access is allowed is specified. |
|
Array of objects |
IPv4 address range from which access is allowed. This parameter is returned only when an IP address range from which access is allowed is specified. |
|
Array of objects |
IPv6 address or CIDR block from which access is allowed. This parameter is only returned when an IPv6 address range or CIDR block from which access is allowed is specified. |
|
Array of objects |
IPv6 address range from which access is allowed. This parameter is only returned when an IPv6 address range from which access is allowed is specified. |
Parameter |
Type |
Description |
|---|---|---|
address_netmask |
String |
IPv4 CIDR block, for example, 192.168.0.1/24. |
description |
String |
Description about the IPv4 CIDR block. |
Parameter |
Type |
Description |
|---|---|---|
description |
String |
Description about an IP address range. |
ip_range |
String |
IPv4 address range, for example, 0.0.0.0-255.255.255.255. |
Example Request
GET https://sample.domain.com/v3.0/OS-SECURITYPOLICY/domains/{domain_id}/console-acl-policy
Example Response
Status code: 200
The request is successful.
{
"console_acl_policy" : {
"allow_ip_ranges" : [ {
"ip_range" : "0.0.0.0-255.255.255.255",
"description" : ""
}, {
"ip_range" : "0.0.0.0-255.255.255.255",
"description" : ""
} ],
"allow_address_netmasks" : [ {
"address_netmask" : "192.168.0.1/24",
"description" : ""
}, {
"address_netmask" : "192.168.0.1/24",
"description" : ""
} ] ,
"allow_ip_ranges_ipv6": [{
"ip_range": "0000:0000:0000:0000:0000:0000:0000:0000-FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF",
"description": "IPv6 address range"
} ],
"allow_address_netmasks_ipv6": [{
"address_netmask": "0000:0000:0000:0000:0000:0000:0000:0000/100",
"description": "IPv6 address or CIDR block"
}]
}
}
Status code: 403
Access denied.
- Example 1
{
"error_msg" : "You are not authorized to perform the requested action.",
"error_code" : "IAM.0002"
}
- Example 2
{
"error_msg" : "Policy doesn't allow %(actions)s to be performed.",
"error_code" : "IAM.0003"
}
Status code: 404
The requested resource cannot be found.
{
"error_msg" : "Could not find %(target)s: %(target_id)s.",
"error_code" : "IAM.0004"
}
Status code: 500
Internal server error.
{
"error_msg" : "An unexpected error prevented the server from fulfilling your request.",
"error_code" : "IAM.0006"
}
Status Codes
Status Code |
Description |
|---|---|
200 |
The request is successful. |
401 |
Authentication failed. |
403 |
Access denied. |
404 |
The requested resource cannot be found. |
500 |
Internal server error. |