Update the control plane access control list

put

https://api.linode.com/{apiVersion}/lke/clusters/{clusterId}/control_plane_acl

Updates a specific cluster's control plane access control list.

Permissions and scopes

To call this operation, you need permissions, based on the model you're using:

Identity and access permissions. Your user needs a role with these permissions. Learn more.
- Roles: lkecluster_admin
OAuth scopes. Your user needs these scopes assigned. Learn more.
- Scopes: lke:read_write

CLI

linode-cli lke cluster-acl-update 12345 \
      --acl.enabled true \
      --acl.addresses.ipv4 "203.0.113.1" \
      --acl.addresses.ipv6 "2001:db8:1234:abcd::/64"

Learn more

Responses

`revision-id` provided will be reflected on GET response when (and only after) the ACL stanza is verified as enforced.

Response body

object

acl

object

Defines settings related to the IP-based ACL of the LKE cluster. The object requires the enabled and addresses keys. It also supports the optional key revision-id. The default policy is set to ALLOW, so that access controls are disabled. An empty object value ({}) sets default elements.

addresses

object

Supports keys ipv4 and ipv6. Defaults to {}.

enabled

boolean

Defines a default policy. A value of true results in a default policy of DENY. A value of false results in a default policy of ALLOW, such as for disabled access controls. It defaults to true. Creating a cluster with ACL, or upgrading a cluster to use ACL for LKE, is an irreversible change. Once upgraded, you can only toggle access controls with this field.

revision-id

string

Enables clients to track events related to ACL update requests and enforcements. Optional field. If omitted, defaults to a randomly generated string.

`Cluster does not support Control Plane ACL`.

200Returns a single cluster's control plane access control list. The optional field revision-id provided will be reflected on GET response when (and only after) the ACL stanza is verified as enforced.

400If the cluster was not created or updated to enable the ACL feature, this request returns a 400 (Bad Request) error with an appropriate message, such as Cluster does not support Control Plane ACL.

404If the cluster does not exist, this request returns a 404 (Not Found) error.

defaultSee Errors for the range of possible error response codes.

`revision-id` provided will be reflected on GET response when (and only after) the ACL stanza is verified as enforced.

`Cluster does not support Control Plane ACL`.