psm MySQLCS create-access-rule

Create an access rule for the specified MySQL Cloud Service instance.


In the following syntax, line breaks have been added for clarity. Do not include them when entering the command.

psm MySQLCS create-access-rule -s|--service-name instance-name 
     -r|--rule-name access-rule-name 
     -c|--config-payload path-to-json-payload
     [-wc|--wait-until-complete true|false]
    [-of|--output-format json|html|short]


Parameter Description

-s|--service-name instance-name

Specifies the name of the MySQL Cloud Service instance.


Specifies the path to the json payload file. The payload contains the access rule specification.

–wc|--wait-until-complete true|false

(Optional) If set to true, the command behaves synchronously. That is, it does not return until the submitted job is complete. The following message is displayed until the job is complete:

Waiting for the job to complete... (it cannot be cancelled)

The default value is false.

-of|--output-format json|html|short

(Optional) Specifies the output format of the command’s response:

  • json—output is formatted as a JSON array.

  • html—output is formatted as HTML

  • short—output is formatted as a brief summary.

The default output format is the one you specified when using the psm setup command to configure the psm CLI.

JSON Payload

The json payload has the following syntax:

  "ruleName": "name-of-rule",
  "description": "brief-description-of-rule",
  "source": "source-ip-address",
  "destination": "destionation-address",
  "ports": "port-or-range-of-ports",
  "status": "enabled-or-disabled"
Parameter Description


The name of the rule. Alphanumeric characters, only. Spaces and special characters are not permitted.


(Optional) Text description of the rule. Spaces and special characters are permitted.


The source can be an IP address or range of IP addresses:

  • IP address: any IP address of the following format : XXX.XXX.XXX.XXX. For example:

  • IP range: IP addresses of the following format: XXX.XXX.XXX.XXX/XXX. For example: permits every IP address in the defined range to access the defined port.


Only mysql_MASTER can be used here.


The port number.


Status of the access rule. Possible values are enabled or disabled.


The following example creates an access rule for the service namedMySQL57–aas with the following parameters:

  • Rule name: AccRule1

  • Port: 5900

  • Source: Any IP address in the range to

  • Destination: mysql_MASTER

$ psm MySQLCS create-access-rule -s MySQL57-aas -c /tmp/create-access-rule.json

where the JSON payload contains the following:

 "ruleName": "AccRule1",
  "description": "Permit public access to port 5900",
  "destination": "mysql_MASTER",
  "ports": "5900",
  "source": "",
  "status": "disabled"