Queries the detailed information of a network ACL.

Make the API call

You can use OpenAPI Explorer to make API calls, search for API calls, perform debugging, and generate SDK example code.

Request parameters

Parameter Type Required? Example value Description
Action String Yes DescribeNetworkAclAttributes

The name of this action. Value: DescribeNetworkAclAttributes.

NetworkAclId String Yes nacl-a2do9e413e0spzasx****

The ID of the network ACL.

RegionId String Yes cn-hangzhou

The region of the network ACL. To query the region ID, call DescribeRegions.

ClientToken String No 0c593ea1-3bea-11e9-b96b-88e9fe637760

The client token that guarantees the idempotence of the request. The value of this parameter is generated by the client and is unique among different requests. Only ASCII characters are allowed. It can contain a maximum of 64 ASCII characters.

Response parameters

Parameter Type Example value Description
RequestId String F5905F9C-0161-4E72-9CB1-1F3F3CF6268A

The ID of the request.

NetworkAclAttribute Struct

A list of network ACL attributes.

NetworkAclId String nacl-a2do9e413e0spnhmj****

The ID of the network ACL.

RegionId String cn-hangzhou

The region of the network ACL.

NetworkAclName String acl-1

The name of the network ACL.

Description String This is my NetworkAcl.

The description of the network ACL.

VpcId String vpc-a2d33rfpl72k5defr****

The ID of the VPC associated with the network ACL.

CreationTime String 2019-04-25 11:33:27

The time when the network ACL was created.

Status String Available

The status of the network ACL.

  • Available: The network ACL is available.
  • Modifying: The network ACL is being configured.
IngressAclEntries Array

The inbound rules of the network ACL.

NetworkAclEntryId String nae-a2dk86arlydmevfbg****

The ID of the inbound rule entry.

Policy String accept

The authorization policy of the rule. Valid values:

  • accept: Allow the specified traffic.
  • drop: Deny the specified traffic.
Protocol String all

The transport layer protocol. Valid values:

  • ICMP
  • GRE
  • TCP
  • UDP
  • all: All protocols are supported.
SourceCidrIp String 10.0.0.0/24

The source IP address range.

Port String -1/-1

The source port range.

EntryType String  custom

The rule type. Valid values:

  • custom: Custom rule.
  • system: System rule.
NetworkAclEntryName String  acl-3

The name of the inbound rule.

Description String  This is IngressAclEntries.

The description of the inbound rule.

EgressAclEntries Array

The outbound rules of the network ACL.

NetworkAclEntryId String  nae-a2d447uw4tillxdcv****

The ID of the outbound rule entry.

Policy String  accept

The authorization policy of the rule. Valid values:

  • accept: Allow the specified traffic.
  • drop: Deny the specified traffic.
Protocol String  all

The transport layer protocol. Valid values:

  • ICMP
  • GRE
  • TCP
  • UDP
  • all: All protocols are supported.
DestinationCidrIp String  10.0.0.0/24

The destination IP address range.

Port String  -1/-1

The destination port range.

EntryType String  custom

The rule type. Valid values:

  • custom: Custom rule.
  • system: System rule.
Description String  This is EgressAclEntries.

The description of the outbound rule.

NetworkAclEntryName String  acl-2

The name of the outbound rule.

Resources Array

The associated resources.

ResourceId String vsw-bp1de348lntdwxscd****

The ID of the associated resource.

ResourceType String VSwitch

The type of the associated resource.

Status String BINDED

The status of the associated resource.

  • BINDED: The resource is associated with the network ACL.
  • BINDING: The resource is being associated with the network ACL.
  • UNBINDING: The resource is being disassociated from the network ACL.

Examples

Request example

https://vpc.aliyuncs.com/?Action=DescribeNetworkAclAttributes
&NetworkAclId=nacl-a2do9e413e0spxxxxxxxx
&RegionId=cn-hangzhou
&<Common request parameters>

Response example

XML format

<DescribeNetworkAclAttributesResponse>
  <NetworkAclAttribute>
        <CreationTime>2019-04-25 11:33:27</CreationTime>
        <EgressAclEntries>
              <EgressAclEntry>
                    <Port>-1/-1</Port>
                    <Policy>accept</Policy>
                    <NetworkAclEntryId>nae-a2d447uw4tillcdvf****</NetworkAclEntryId>
                    <DestinationCidrIp>10.0.0.0/24</DestinationCidrIp>
                    <Protocol>all</Protocol>
              </EgressAclEntry>
        </EgressAclEntries>
        <Status>Available</Status>
        <RegionId>cn-hangzhou</RegionId>
        <IngressAclEntries>
              <IngressAclEntry>
                    <SourceCidrIp>10.0.0.0/24</SourceCidrIp>
                    <Port>-1/-1</Port>
                    <Policy>accept</Policy>
                    <NetworkAclEntryId>nae-a2dk86arlydmecdvf****</NetworkAclEntryId>
                    <Protocol>all</Protocol>
              </IngressAclEntry>
        </IngressAclEntries>
        <NetworkAclId>nacl-a2do9e413e0spcdvf****</NetworkAclId>
        <VpcId>vpc-a2d33rfpl72k5cdvfcdvf****</VpcId>
        <Resources>
    </Resources>
  </NetworkAclAttribute>
  <RequestId>F5905F9C-0161-4E72-9CB1-1F3F3CF6268A</RequestId>
</DescribeNetworkAclAttributesResponse>

JSON format

{
   "NetworkAclAttribute":    {
      "CreationTime": "2019-04-25 11:33:27",
      "EgressAclEntries": {"EgressAclEntry": [      {
         "Port": "-1/-1",
         "Policy": "accept",
         "NetworkAclEntryId": "nae-a2d447uw4tillcdvf****",
         "DestinationCidrIp": "10.0.0.0/24",
         "Protocol": "all"
      }]},
      "Status": "Available",
      "RegionId": "cn-hangzhou",
      "IngressAclEntries": {"IngressAclEntry": [      {
         "SourceCidrIp": "10.0.0.0/24",
         "Port": "-1/-1",
         "Policy": "accept",
         "NetworkAclEntryId": "nae-a2dk86arlydmecdvf****",
         "Protocol": "all"
      }]},
      "NetworkAclId": "nacl-a2do9e413e0spcdvf****",
      "VpcId": "vpc-a2d33rfpl72k5cdvfcdvf****",
      "Resources": {"Resource": []}
   },
   "RequestId": "F5905F9C-0161-4E72-9CB1-1F3F3CF6268A"
}

Errors

HTTP status code Error code Error message Description
500 InternalError The request processing has failed due to some unknown error. The request failed to be processed due to unknown errors.

For a list of error codes, visit the API Error Center.