Creates a network ACL.

Make the API call

You can use OpenAPI Explorer to make API calls, search for API calls, perform debugging, and generate SDK example code.

Request parameters

Parameter Type Required? Example value Description
Action String Yes CreateNetworkAcl

The name of this action. Valid value: CreateNetworkAcl.

RegionId String Yes cn-hangzhou

The region of the network ACL. To query the region ID, call DescribeRegions.

VpcId String Yes vpc-dsfd34356vdf****

The ID of the VPC associated with the network ACL.

NetworkAclName String No acl-1

The name of the network ACL.

The name must be 2 to 128 characters in length and can contain letters, numbers, periods (.), underscores (_), and hyphens (-). The name must start with a letter, and cannot start with http:// or https://.

Description String No This is my NetworkAcl.

The description of the network ACL.

The description must be 2 to 256 characters in length. It must start with a letter, but cannot start with http:// or https://.

Response parameters

Parameter Type Example value Description
RequestId String 0ED8D006-F706-4D23-88ED-E11ED28DCAC0

The ID of the request.

NetworkAclId String nacl-a2do9e413e0spzasx****

The ID of the network ACL.

NetworkAclAttribute Struct

The attribute of the network ACL.

NetworkAclId String nacl-a2do9e413e0spdefr****

The ID of the network ACL.

RegionId String cn-hangzhou

The region of the network ACL.

NetworkAclName String acl-1

The name of the network ACL.

Description String This is my NetworkAcl.

The description of the network ACL.

VpcId String vpc-a2d33rfpl72k5xsscd****

The ID of the VPC associated with the network ACL.

CreationTime String 2019-04-25 11:33:27

The time when the network ACL was created.

Status String Modifying

The status of the network ACL.

  • Available: The network ACL is available.
  • Modifying: The network ACL is being configured.
IngressAclEntries Array

The inbound rules.

NetworkAclEntryId String nae-a2dk86arlydmexscd****

The ID of the inbound rule entry.

Policy String accept

The authorization policy of the rule. Values:

  • accept: Allow the specified traffic.
  • drop: Deny the specified traffic.
Protocol String all

The transport layer protocol. Valid values:

  • ICMP
  • GRE
  • TCP
  • UDP
  • all: All protocols are supported.
SourceCidrIp String 10.0.0.0/24

The source IP address range.

Port String  -1/-1

The source port range.

EntryType String  custom

The rule type. Values:

  • custom: Custom rule.
  • system: System rule.
NetworkAclEntryName String  acl-3

The name of the inbound rule.

Description String  This is IngressAclEntries.

The description of the inbound rule.

EgressAclEntries Array

The outbound rules.

NetworkAclEntryId String  nae-a2d447uw4tillxsdc****

The ID of the outbound rule entry.

Policy String  accept

The authorization policy of the rule. Values:

  • accept: Allow the specified traffic.
  • drop: Deny the specified traffic.
Protocol String all

The transport layer protocol. Valid values:

  • ICMP
  • GRE
  • TCP
  • UDP
  • all: All protocols are supported.
DestinationCidrIp String 10.0.0.0/24

The destination IP address range.

Port String -1/-1

The destination port range.

EntryType String custom

The rule type. Values:

  • custom: Custom rule.
  • system: System rule.
Description String This is EgressAclEntries.

The description of the outbound rule.

NetworkAclEntryName String acl-2

The name of the outbound rule.

Resources Array

The associated resources.

ResourceId String vsw-bp1de348lntdwgthy****

The ID of the associated resource.

ResourceType String VSwitch

The type of the associated resource.

Status String BINDED

The status of the associated resource.

  • BINDED: The resource is associated with the network ACL.
  • BINDING: The resource is being associated with the network ACL.
  • UNBINDING: The resource is being disassociated from the network ACL.

Examples

Request example

https://vpc.aliyuncs.com/?Action=CreateNetworkAcl
&RegionId=cn-hangzhou
&VpcId=vpc-dsfd34356vdf****
&<CommonParameters>

Response example

XML format

<CreateNetworkAclResponse>
  <NetworkAclAttribute>
        <CreationTime>2019-04-25 11:33:27</CreationTime>
        <EgressAclEntries>
              <EgressAclEntry>
                    <Port>-1/-1</Port>
                    <Policy>accept</Policy>
                    <NetworkAclEntryId>nae-a2d447uw4tillcdvf****</NetworkAclEntryId>
                    <DestinationCidrIp>0.0.0.0/0</DestinationCidrIp>
                    <Protocol>all</Protocol>
              </EgressAclEntry>
        </EgressAclEntries>
        <Status>Available</Status>
        <RegionId>cn-hangzhou</RegionId>
        <IngressAclEntries>
              <IngressAclEntry>
                    <SourceCidrIp>0.0.0.0/0</SourceCidrIp>
                    <Port>-1/-1</Port>
                    <Policy>accept</Policy>
                    <NetworkAclEntryId>nae-a2dk86arlydmecdvf****</NetworkAclEntryId>
                    <Protocol>all</Protocol>
              </IngressAclEntry>
        </IngressAclEntries>
        <NetworkAclId>nacl-a2do9e413e0spcdvf****</NetworkAclId>
        <VpcId>vpc-a2d33rfpl72k5cdvf****</VpcId>
        <Resources>
    </Resources>
  </NetworkAclAttribute>
  <RequestId>AEAC0891-1E52-4A46-A29C-175FB6356FE8</RequestId>
  <NetworkAclId>nacl-a2do9e413e0spcdvf****</NetworkAclId>
</CreateNetworkAclResponse>

JSON format

{
   "NetworkAclAttribute":    {
      "CreationTime": "2019-04-25 11:33:27",
      "EgressAclEntries": {"EgressAclEntry": [      {
         "Port": "-1/-1",
         "Policy": "accept",
         "NetworkAclEntryId": "nae-a2d447uw4tillcdvf****",
         "DestinationCidrIp": "0.0.0.0/0",
         "Protocol": "all"
      }]},
      "Status": "Available",
      "RegionId": "cn-hangzhou",
      "IngressAclEntries": {"IngressAclEntry": [      {
         "SourceCidrIp": "0.0.0.0/0",
         "Port": "-1/-1",
         "Policy": "accept",
         "NetworkAclEntryId": "nae-a2dk86arlydmecdvf****",
         "Protocol": "all"
      }]},
      "NetworkAclId": "nacl-a2do9e413e0spcdvf****",
      "VpcId": "vpc-a2d33rfpl72k5cdvf****",
      "Resources": {"Resource": []}
   },
   "RequestId": "AEAC0891-1E52-4A46-A29C-175FB6356FE8",
   "NetworkAclId": "nacl-a2do9e413e0spcdvf****"
}

Errors

HTTP status code Error code Error message Description
500 InternalError The request processing has failed due to some unknown error. The request failed to be processed due to unknown errors.

For a list of error codes, visit the API Error Center.