Access Control¶
Access control policies are a type of security measures provided by APIG. You can use them to allow or deny API access from specific IP addresses, account names, or account IDs.
Access control policies take effect for an API only if they have been bound to the API.
Usage Guidelines¶
You have understood the guidelines for policy creation and API binding.
An API can be bound only with one access control policy of the same restriction type in an environment, but each access control policy can be bound to multiple APIs.
Configuration Parameters¶
Parameter | Description |
---|---|
Name | Access control policy name. |
Type | Type of the source from which API calls are to be controlled.
Note
|
Effect | Options: Allow and Deny. Use this parameter along with Type to control access from certain IP addresses, account names, or account IDs to an API. |
IP Addresses | Required only when Type is set to IP address. IP addresses and IP address ranges that are allowed or not allowed to access an API. Note You can set a maximum of 100 IP addresses respectively to allow or deny access. |
Account Names | Required only when Type is set to Account name. Enter the account names that are allowed or forbidden to access an API. Use commas (,) to separate multiple account names. Click the username in the upper right corner of the console and choose My Credentials to obtain the account name. |
Account ID | Required only when Type is set to Account ID. Enter the account IDs that are allowed or forbidden to access an API. Use commas (,) to separate multiple account IDs. Click the username in the upper right corner of the console and choose My Credentials to obtain the account ID. |