The Elastic IP Address (EIP) API and Virtual Private Cloud (VPC) API share the same endpoint. To call the EIP API, you must send HTTP or HTTPS GET requests to the endpoint of the EIP API. You must add the request parameters that correspond to the API operation being called. After you call the API operation, the system returns a response. Requests and responses are encoded in UTF-8.
Request structure
EIP API operations use the RPC protocol. You can call EIP API operations by sending HTTP or HTTPS GET requests.
http(s)://Endpoint/?Action=xx&Parameters- Endpoint: the endpoint of the EIP API. The endpoint is
vpc.aliyuncs.com. - Action: the name of the operation being performed. For example, to create an EIP, you must set the Action parameter to AllocateEipAddress.
- Version: the version of the API that you want to call. The current EIP API version is 2016-04-28.
- Parameters: the request parameters for the operation. Separate multiple parameters with ampersands (&).
Request parameters include both common request parameters and API operation-specific parameters. Common parameters include information such as the API version number and authentication information. For more information, see Common parameters.
https://vpc.aliyuncs.com/?Action=AllocateEipAddress
&Format=xml
&Version=2016-04-28
&Signature=xxxx%xxxx%3D
&SignatureMethod=HMAC-SHA1
&SignatureNonce=15215528852396
&SignatureVersion=1.0
&AccessKeyId=key-test
&Timestamp=2012-06-01T12:00:00Z
...API authorization
To ensure the security of your account, we recommend that you use a Resource Access Management (RAM) user to call API operations. To call the EIP API as a RAM user, you must create a permission policy that contains the required permissions and attach the policy to the RAM user.
For more information about the EIP resources and API operations that can be authorized to a RAM user, see Grant permissions to a RAM user.
Signature:
You must sign all API requests to ensure security whether the requests use HTTP or HTTPS. Alibaba Cloud uses the request signature to verify the identity of the API caller.
EIP implements symmetric encryption with an AccessKey pair to verify the identity of the request sender. An AccessKey pair is an identity credential that is issued to Alibaba Cloud accounts and RAM users. Similar to a pair of username and password, an AccessKey pair consists of an AccessKey ID and an AccessKey secret. The AccessKey ID is used to verify the identity of the user, while the AccessKey secret is used to encrypt and verify the signature string. You must keep your AccessKey secret strictly confidential.
https://endpoint/?SignatureVersion=1.0&SignatureMethod=HMAC-SHA1&Signature=XXXX%3D&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0axxxxxxxxtestid and the AccessKey secret is testsecret. The URL before the request is signed is:http://vpc.aliyuncs.com/?Action=AllocateEipAddress
&Timestamp=2016-05-23T12:46:24Z
&Format=XML
&AccessKeyId=testid
&SignatureMethod=HMAC-SHA1
&SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0axxxxxxxx
&Version=2016-04-28
&SignatureVersion=1.0- Use the request parameters to create a string-to-sign.
GET&%2F&AccessKeyId%3Dtestid&Action%3DAllocateEipAddress&Format%3DXML&SignatureMethod%3DHMAC-SHA1&SignatureNonce%3D3ee8c1b8-83d3-44af-a94f-4e0axxxxxxxx&SignatureVersion%3D1.0&TimeStamp%3D2016-02-23T12%253A46%253A24Z&Version%3D2016-04-28 - Calculate the HMAC value of the string to be signed. Append an ampersand (&) to the AccessKey secret as the key to calculate the HMAC value. In this example, the key is
testsecret&. The signature value is:CT9X0VtwR86fNWS********juE= - Set Signature in the request to this value. Note The final signature string that you add to the request must be URL encoded based on RFC 3986.
http://vpc.aliyuncs.com/?Action=AllocateEipAddress &Timestamp=2016-05-23T12:46:24Z &Format=XML &AccessKeyId=testid &SignatureMethod=HMAC-SHA1 &SignatureNonce=3ee8c1b8-83d3-44af-a94f-4e0axxxxxxxx &Version=2016-04-28 &SignatureVersion=1.0 &Signature=CT9X0VtwR86fNWS********juE=