Can be used in a VPC environment.
Overview
Adds rules to the inbound rule list of the network ACL.
Request
Request parameter
| Parameter name | Requirement status | Type | Restrictions | Description |
|---|---|---|---|---|
| regionCode | No | String | - Region code Decides the region of the network ACL where the inbound rules will be added. regionCode can be obtained through the getRegionList action. Default: Selects the first region of the getRegionList search results. |
|
| networkAclNo | Yes | String | - Network ACL number networkAclNo can be obtained through the getNetworkAclList action. |
|
| networkAclRuleList.N.priority | Yes | Integer | Min : 0, Max : 199 | - Priority of network ACL rules It can't overlap with the priority of other inbound rules. |
| networkAclRuleList.N.protocolTypeCode | Yes | String | - The protocol type code of network ACL rule Options : TCP | UDP | ICMP |
|
| networkAclRuleList.N.ipBlock | Conditional | String | - The access source IP address block of network ACL rules ex) 0.0.0.0/0, 100.10.20.0/24, 192.168.0.10/32 |
|
| networkAclRuleList.N.denyAllowGroupNo | Conditional | String | - The Deny-Allow group number of network ACL rules' access source Designates Deny-Allow groups instead of IP address blocks as the access source. denyAllowGroupNo can be obtained through the getNetworkAclDenyAllowGroupList action. |
|
| networkAclRuleList.N.portRange | Conditional | String | - The port range of network ACL rules Example 1. Single port: 22 Example 2. Specifying range: 1-65535 Do not enter when protocolTypeCode is ICMP. |
|
| networkAclRuleList.N.ruleActionCode | Yes | String | - The rule action code of network ACL rules Options : ALLOW | DROP |
|
| networkAclRuleList.N.networkAclRuleDescription | No | String | Min : 0, Max : 1000 Bytes | Network ACL rule description |
| responseFormatType | No | String | - Format type of the response result Options : xml | json Default : xml |
Response
Response data type
- NetworkAclRuleList type
| NetworkAclRuleList extends CommonResponse |
|---|
| private Integer totalRows; |
| private List |
| NetworkAclRule |
|---|
| private String networkAclNo; |
| private Integer priority; |
| private CommonCode protocolType; |
| private String portRange; |
| private CommonCode ruleAction; |
| private Date createDate; |
| private String ipBlock; |
| private String denyAllowGroupNo; |
| private CommonCode networkAclRuleType; |
| private String networkAclRuleDescription; |
Examples
Request examples
ncloud vpc addNetworkAclInboundRule --regionCode KR --networkAclNo ***31 --networkAclRuleList "priority='0', protocolTypeCode='TCP', ipBlock='***.***.0.0/0', portRange='22-23', ruleActionCode='ALLOW'" "priority='1', protocolTypeCode='TCP', ipBlock='***.***.0.0/0', portRange='24-25', ruleActionCode='ALLOW'"
Response examples
The inbound rule list of the network ACL after completing the request
<addNetworkAclInboundRuleResponse>
<requestId>189b16ac-26a0-472e-b3a9-47b80cdf7dfe</requestId>
<returnCode>0</returnCode>
<returnMessage>success</returnMessage>
<totalRows>1</totalRows>
<networkAclRuleList>
<networkAclRule>
<networkAclNo>***31</networkAclNo>
<priority>0</priority>
<protocolType>
<code>TCP</code>
<codeName>tcp</codeName>
</protocolType>
<portRange>22-23</portRange>
<ruleAction>
<code>ALLOW</code>
<codeName>Allow</codeName>
</ruleAction>
<createDate>2020-08-05T19:56:35+0900</createDate>
<ipBlock>***.***.0.0/0</ipBlock>
<denyAllowGroupNo/>
<networkAclRuleType>
<code>INBND</code>
<codeName>Inbound</codeName>
</networkAclRuleType>
<networkAclRuleDescription></networkAclRuleDescription>
</networkAclRule>
</networkAclRuleList>
</addNetworkAclInboundRuleResponse>