Help Center> > API Reference> SFS APIs> Share Access Rules> Adding Share Access Rules

Adding Share Access Rules

Updated at: Jul 02, 2019 17:47

Function

This API is used to add share access rules.

NOTE:
  • This API is an asynchronous API. If the returned status code is 200, the API request is successfully delivered and received. Later, you can refer to Querying Share Access Rules to check whether the share access rule is added successfully.

URI

  • POST /v2/{project_id}/shares/{share_id}/action?vpc_ip_base_acl={vpc_ip_base_acl}
  • Parameter description

    Parameter

    Mandatory

    Type

    Description

    share_id

    Yes

    string

    Specifies the UUID of the shared file system.

    project_id

    Yes

    string

    Specifies the project ID of the operator. For details about how to obtain the project ID, see Obtaining a Project ID.

    vpc_ip_base_acl

    No

    string

    Specifies the identifier of the IP address-based authorization scenario. Currently, only enable is available. The value enable indicates creating a share access rule for the IP address-based authorization scenario.

    NOTICE:

    To ensure compatibility, even though this parameter is left blank or set to another value other than enable, you can use the API to create a share access rule for the IP address-based authorization scenario. However, this method of creation has been discarded and will not be maintained in the future.

Request

  • Parameter description

    Parameter

    Mandatory

    Type

    Description

    os-allow_access

    Yes

    object

    Specifies the os-allow_access object.

  • Description of field os-allow_access

    Parameter

    Mandatory

    Type

    Description

    access_level

    No

    string

    Specifies the access level of the shared file system. Possible values are ro (read-only) and rw (read-write). The default value is rw (read/write).

    access_type

    Yes

    string

    Specifies the type of the share access rule. The value can be NFS or CIFS.

  • Example response (VPC-based authorization)
    { 
        "os-allow_access": { 
            "access_to": "59cd070d-9c4c-462e-9dcc-b6bb716225bc", 
            "access_type": "cert", 
            "access_level": "rw" 
        } 
    }
    { 
        "allow_access": { 
            "access_to": "59cd070d-9c4c-462e-9dcc-b6bb716225bc", 
            "access_type": "cert", 
            "access_level": "rw" 
        } 
    }
  • Example response (IP address-based authorization)

    POST /v2/{project_id}/shares/{share_id}/action?vpc_ip_base_acl=enable

    NFS share:

    { 
        "allow_access": { 
            "access_to": "0560a527-0e77-40a6-aa3b-110beecad368#0.0.0.0/0#1#all_squash,root_squash", 
            "access_type": "cert", 
            "access_level": "rw" 
        } 
    }

    CIFS share:

    { 
        "allow_access": { 
            "access_to": "0560a527-0e77-40a6-aa3b-110beecad368#0.0.0.0/0#0", 
            "access_type": "cert", 
            "access_level": "rw" 
        } 
    }

    When creating the share access rule for an IP address-based authorization scenario.

    1. The X-Openstack-Manila-Api-Version parameter must be specified for the request header, and the value of X-Openstack-Manila-Api-Version must be from 2.28 to 2.42.

    2. The vpc_ip_base_acl parameter must be added in the request URL and the value of vpc_ip_base_acl must be set to enable. To ensure compatibility, even though this parameter is left blank or set to another value other than enable, you can use the API to create a share access rule for the IP address-based authorization scenario. However, this method of creation has been discarded and will not be maintained in the future.

Response

  • Parameter description

    Parameter

    Type

    Description

    access

    object

    Specifies the access object. If the share access rule is not updated, this value is null.

  • Description of the access field

    Parameter

    Type

    Description

    share_id

    string

    Specifies the UUID of the shared file system to which the access rule is added.

    access_type

    string

    Specifies the type of the share access rule.

    access_to

    string

    Specifies the access that the back end grants or denies.

    access_level

    string

    Specifies the access level of the shared file system.

    id

    string

    Specifies the UUID of the share access rule.

    state

    string

    Specifies the status of the share access rule. If the API version is earlier than 2.28, the status of the share access rule is new, active, or error. In 2.28 and later versions, the status of the share access rule is queued_to_apply, applying, active, error, queued_to_deny, or denying.

  • Example response
    {
      "access": {
        "share_id": "15940c49-789f-476a-b099-a3be7d311854",
        "access_type": "cert",
        "access_to": "59cd070d-9c4c-462e-9dcc-b6bb716225bc",
        "access_level": "rw",
        "state": "new",
        "id": "418e3cf4-08c3-4ed2-a29a-ceffa346b3b8"
        ,
      }
    }

Status Codes

  • Normal

    200

  • Abnormal

    Status Code

    Description

    400 Bad Request

    The server failed to process the request.

    401 Unauthorized

    You must enter a username and the password to access the requested page.

    403 Forbidden

    Access to the requested page is forbidden.

    404 Not Found

    The requested page was not found.

    405 Method Not Allowed

    You are not allowed to use the method specified in the request.

    406 Not Acceptable

    The response generated by the server could not be accepted by the client.

    407 Proxy Authentication Required

    You must use the proxy server for authentication. Then the request can be processed.

    408 Request Timeout

    The request timed out.

    409 Conflict

    The request could not be processed due to a conflict.

    500 Internal Server Error

    Failed to complete the request because of an internal service error.

    501 Not Implemented

    Failed to complete the request because the server does not support the requested function.

    502 Bad Gateway

    Failed to complete the request because the request is invalid.

    503 Service Unavailable

    Failed to complete the request because the service is unavailable.

    504 Gateway Timeout

    A gateway timeout error occurred.

Did you find this page helpful?

Submit successfully!

Thank you for your feedback. Your feedback helps make our documentation better.

Failed to submit the feedback. Please try again later.

Which of the following issues have you encountered?







Please complete at least one feedback item.

Content most length 200 character

Content is empty.

OK Cancel