The Elastic IP Address (EIP) API and Virtual Private Cloud (VPC) API share the same endpoint. To call the EIP API, you must send HTTP or HTTPS GET requests to the endpoint of the EIP API. You must add the request parameters that correspond to the API operation being called. After you call the API operation, the system returns a response. Requests and responses are encoded in UTF-8.

Request structure

EIP API operations use the RPC protocol. You can call EIP API operations by sending HTTP or HTTPS GET requests.

A request uses the following syntax:
http(s)://Endpoint/?Action=xx&Parameters
where:
  • Endpoint: the endpoint of the EIP API. The endpoint is vpc.aliyuncs.com.
  • Action: the name of the operation being performed. For example, to create an EIP, you must set the Action parameter to AllocateEipAddress.
  • Version: the version of the API that you want to call. The current EIP API version is 2016-04-28.
  • Parameters: the request parameters for the operation. Separate multiple parameters with ampersands (&).

    Request parameters include both common request parameters and API operation-specific parameters. Common parameters include information such as the API version number and authentication information. For more information, see Common parameters.

The following example demonstrates how to call the AllocateEipAddress operation to apply for an EIP:
Note The following code has been edited to improve readability:
https://vpc.aliyuncs.com/?Action=AllocateEipAddress
&Format=xml
&Version=2016-04-28
&Signature=xxxx%xxxx%3D
&SignatureMethod=HMAC-SHA1
&SignatureNonce=15215528852396
&SignatureVersion=1.0
&AccessKeyId=key-test
&Timestamp=2012-06-01T12:00:00Z
...

API authorization

To ensure the security of your account, we recommend that you call APIs as a Resource Access Management (RAM) user. To call the EIP API as a RAM user, you must create a permission policy that contains the required permissions and attach the policy to the RAM user.

For more information about the EIP resources and API operations that can be authorized to a RAM user, see RAM user authorization.

Signature:

You must sign all API requests to ensure security whether the requests use HTTP or HTTPS. Alibaba Cloud uses the request signature to verify the identity of the API caller.

EIP implements symmetric encryption with an AccessKey pair to verify the identity of the request sender. An AccessKey pair is an identity credential that is issued to Alibaba Cloud accounts and RAM users. Similar to a pair of username and password, an AccessKey pair consists of an AccessKey ID and an AccessKey secret. The AccessKey ID is used to verify the identity of the user, while the AccessKey secret is used to encrypt and verify the signature string. You must keep your AccessKey secret strictly confidential.

You must add the signature to a RPC API request in the following format:

https://endpoint/?SignatureVersion=1.0&SignatureMethod=HMAC-SHA1&Signature=XXXX%3D&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0axxxxxxxx

Take AllocateEipAddress as an example. The AccessKey ID is testid and the AccessKey secret is testsecret. The URL before the request is signed is:

http://vpc.aliyuncs.com/?Action=AllocateEipAddress
&Timestamp=2016-05-23T12:46:24Z
&Format=XML
&AccessKeyId=testid
&SignatureMethod=HMAC-SHA1
&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0axxxxxxxx
&Version=2016-04-28
&SignatureVersion=1.0
Perform the following operations to calculate the signature:
  1. Use the request parameters to create a string-to-sign.
    GET&%2F&AccessKeyId%3Dtestid&Action%3DAllocateEipAddress&Format%3DXML&SignatureMethod%3DHMAC-SHA1&SignatureNonce%3D3ee8c1b8-83d3-44af-a94f-4e0axxxxxxxx&SignatureVersion%3D1.0&TimeStamp%3D2016-02-23T12%253A46%253A24Z&Version%3D2016-04-28
  2. Calculate the HMAC value of the string to be signed.

    Append an ampersand (&) to the AccessKey secret as the key to calculate the HMAC value. In this example, the key is testsecret&.

    CT9X0VtwR86fNWS********juE=
  3. Add the signature string to the request:
    http://vpc.aliyuncs.com/?Action=AllocateEipAddress
    &Timestamp=2016-05-23T12:46:24Z
    &Format=XML
    &AccessKeyId=testid
    &SignatureMethod=HMAC-SHA1
    &SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0axxxxxxxx
    &Version=2016-04-28
    &SignatureVersion=1.0
    &Signature=CT9X0VtwR86fNWS********juE=