Skip to content
Cloudflare API
Start here
API Reference
Magic Transit
Sites
ACLs

Update Site ACL

client.MagicTransit.Sites.ACLs.Update(ctx, siteID, aclID, params) (*ACL, error)
PUT/accounts/{account_id}/magic/sites/{site_id}/acls/{acl_id}

Update a specific Site ACL.

Security
API Token

The preferred authorization scheme for interacting with the Cloudflare API. Create a token.

Example:Authorization: Bearer Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY
API Email + API Key

The previous authorization scheme for interacting with the Cloudflare API, used in conjunction with a Global API key.

Example:X-Auth-Email: user@example.com

The previous authorization scheme for interacting with the Cloudflare API. When possible, use API tokens instead of Global API keys.

Example:X-Auth-Key: 144c9defac04969c7bfad8efaa8ea194
Accepted Permissions (at least one required)
Magic WAN WriteMagic Transit Write
ParametersExpand Collapse
siteID string

Identifier

maxLength32
aclID string

Identifier

maxLength32
params SiteACLUpdateParams
AccountID param.Field[string]

Path param: Identifier

maxLength32
Description param.Field[string]Optional

Body param: Description for the ACL.

ForwardLocally param.Field[bool]Optional

Body param: The desired forwarding action for this ACL policy. If set to “false”, the policy will forward traffic to Cloudflare. If set to “true”, the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false.

LAN1 param.Field[ACLConfiguration]Optional

Body param

LAN2 param.Field[ACLConfiguration]Optional

Body param

Name param.Field[string]Optional

Body param: The name of the ACL.

Protocols param.Field[[]AllowedProtocol]Optional

Body param

const AllowedProtocolTCP AllowedProtocol = "tcp"
const AllowedProtocolUdp AllowedProtocol = "udp"
const AllowedProtocolIcmp AllowedProtocol = "icmp"
Unidirectional param.Field[bool]Optional

Body param: The desired traffic direction for this ACL policy. If set to “false”, the policy will allow bidirectional traffic. If set to “true”, the policy will only allow traffic in one direction. If not included in request, will default to false.

ReturnsExpand Collapse
type ACL struct{…}

Bidirectional ACL policy for network traffic within a site.

ID stringOptional

Identifier

maxLength32
Description stringOptional

Description for the ACL.

ForwardLocally boolOptional

The desired forwarding action for this ACL policy. If set to “false”, the policy will forward traffic to Cloudflare. If set to “true”, the policy will forward traffic locally on the Magic Connector. If not included in request, will default to false.

LAN1 ACLConfigurationOptional
LANID string

The identifier for the LAN you want to create an ACL policy with.

LANName stringOptional

The name of the LAN based on the provided lan_id.

PortRanges []stringOptional

Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed.

Ports []int64Optional

Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed.

Subnets []SubnetOptional

Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed.

LAN2 ACLConfigurationOptional
LANID string

The identifier for the LAN you want to create an ACL policy with.

LANName stringOptional

The name of the LAN based on the provided lan_id.

PortRanges []stringOptional

Array of port ranges on the provided LAN that will be included in the ACL. If no ports or port rangess are provided, communication on any port on this LAN is allowed.

Ports []int64Optional

Array of ports on the provided LAN that will be included in the ACL. If no ports or port ranges are provided, communication on any port on this LAN is allowed.

Subnets []SubnetOptional

Array of subnet IPs within the LAN that will be included in the ACL. If no subnets are provided, communication on any subnets on this LAN are allowed.

Name stringOptional

The name of the ACL.

Protocols []AllowedProtocolOptional
One of the following:
const AllowedProtocolTCP AllowedProtocol = "tcp"
const AllowedProtocolUdp AllowedProtocol = "udp"
const AllowedProtocolIcmp AllowedProtocol = "icmp"
Unidirectional boolOptional

The desired traffic direction for this ACL policy. If set to “false”, the policy will allow bidirectional traffic. If set to “true”, the policy will only allow traffic in one direction. If not included in request, will default to false.

Update Site ACL

package main

import (
  "context"
  "fmt"

  "github.com/stainless-sdks/cloudflare-go"
  "github.com/stainless-sdks/cloudflare-go/magic_transit"
  "github.com/stainless-sdks/cloudflare-go/option"
)

func main() {
  client := cloudflare.NewClient(
    option.WithAPIToken("Sn3lZJTBX6kkg7OdcBUAxOO963GEIyGQqnFTOFYY"),
  )
  acl, err := client.MagicTransit.Sites.ACLs.Update(
    context.TODO(),
    "023e105f4ecef8ad9ca31a8372d0c353",
    "023e105f4ecef8ad9ca31a8372d0c353",
    magic_transit.SiteACLUpdateParams{
      AccountID: cloudflare.F("023e105f4ecef8ad9ca31a8372d0c353"),
    },
  )
  if err != nil {
    panic(err.Error())
  }
  fmt.Printf("%+v\n", acl.ID)
}

{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "description": "Allows local traffic between PIN pads and cash register.",
    "forward_locally": true,
    "lan_1": {
      "lan_id": "lan_id",
      "lan_name": "lan_name",
      "port_ranges": [
        "8080-9000"
      ],
      "ports": [
        1
      ],
      "subnets": [
        "192.0.2.1"
      ]
    },
    "lan_2": {
      "lan_id": "lan_id",
      "lan_name": "lan_name",
      "port_ranges": [
        "8080-9000"
      ],
      "ports": [
        1
      ],
      "subnets": [
        "192.0.2.1"
      ]
    },
    "name": "PIN Pad - Cash Register",
    "protocols": [
      "tcp"
    ],
    "unidirectional": true
  },
  "success": true
}
Returns Examples
{
  "errors": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "messages": [
    {
      "code": 1000,
      "message": "message",
      "documentation_url": "documentation_url",
      "source": {
        "pointer": "pointer"
      }
    }
  ],
  "result": {
    "id": "023e105f4ecef8ad9ca31a8372d0c353",
    "description": "Allows local traffic between PIN pads and cash register.",
    "forward_locally": true,
    "lan_1": {
      "lan_id": "lan_id",
      "lan_name": "lan_name",
      "port_ranges": [
        "8080-9000"
      ],
      "ports": [
        1
      ],
      "subnets": [
        "192.0.2.1"
      ]
    },
    "lan_2": {
      "lan_id": "lan_id",
      "lan_name": "lan_name",
      "port_ranges": [
        "8080-9000"
      ],
      "ports": [
        1
      ],
      "subnets": [
        "192.0.2.1"
      ]
    },
    "name": "PIN Pad - Cash Register",
    "protocols": [
      "tcp"
    ],
    "unidirectional": true
  },
  "success": true
}