All Products
Search

This Product

    Cloud Enterprise Network:AssociateTransitRouterAttachmentWithRouteTable

    Document Center

    Cloud Enterprise Network:AssociateTransitRouterAttachmentWithRouteTable

    Last Updated:Aug 07, 2025

    You can create a forwarding association.

    Operation description

    After you create a network instance connection, you must associate it with the route table of an Enterprise Edition transit router. After the association is created, the Enterprise Edition transit router forwards traffic from the network instance based on the routes in the associated route table. Before you call this operation, take note of the following:

    • Only route tables of Enterprise Edition transit routers support associations. For more information about the regions and zones that support Enterprise Edition transit routers, see What is Cloud Enterprise Network?.

    • A network instance connection can be associated with only one route table of an Enterprise Edition transit router.

    • The AssociateTransitRouterAttachmentWithRouteTable operation is asynchronous. After you send a request, the system returns a Request ID, but the association is not immediately created. The system creates the association in the background. You can call the ListTransitRouterRouteTableAssociations operation to query the status of the association.

      • If the association is in the Associating state, it is being created. In this state, you can only query the association and cannot perform other operations.

      • If the association is in the Active state, it is successfully created.

    Try it now

    Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

    Test

    RAM authorization

    The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

    • Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.

    • API: The API that you can call to perform the action.

    • Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.

    • Resource type: The type of the resource that support authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.

      • For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.

      • For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.

    • Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.

    • Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

    Action

    Access level

    Resource type

    Condition key

    Dependent action

    cen:AssociateTransitRouterAttachmentWithRouteTable

    create

    *TransitRouterPeerAttachment

    acs:cen:*:{#accountId}:centransitrouterattachment/{#centransitrouterattachmentId}

    		 None None

    Request parameters

    Parameter

    Type

    Required

    Description

    Example
    TransitRouterAttachmentId

    string

    Yes

    The ID of the network instance connection.

    tr-attach-nls9fzkfat8934****
    TransitRouterRouteTableId

    string

    Yes

    The ID of the route table of the Enterprise Edition transit router.

    vtb-bp1dudbh2d5na6b50****
    ClientToken

    string

    No

    The client token that is used to ensure the idempotence of the request.

    Generate a parameter value from your client to make sure that the value is unique among different requests. The client token can contain only ASCII characters.

    Note

    If you do not specify this parameter, the system automatically uses the RequestId of the request as the ClientToken. The RequestId may be different for each request.

    02fb3da4-130e-11e9-8e44-001****
    DryRun

    boolean

    No

    Specifies whether to perform a dry run to check for potential issues, such as permissions and instance status. Valid values:

    • false (default): sends a normal request. An association is created after the request passes the check.

    • true: sends a check request to perform a dry run. The system checks the required parameters, request format, and other items. No association is created. If the check fails, an error message is returned. If the check passes, the DryRunOperation error code is returned.

    false

    Response parameters

    Parameter

    Type

    Description

    Example

    object

    RequestId

    string

    The request ID.

    4EC47282-1B74-4534-BD0E-403F3EE64CAF

    Examples

    Success response

    JSON format

    {
  "RequestId": "4EC47282-1B74-4534-BD0E-403F3EE64CAF"
}

    Error codes

    HTTP status code

    Error code

    Error message

    Description
    400 AssociationExist.TransitRouterTable The specified association already exists. The error message returned because the specified route table is already associated with an associated forwarding correlation.
    400 IllegalParam.TransitRouterTableType When peer attachment is associated with a custom routeTable, the Transit Router in both regions must be enterprise. The error message returned because both the local and peer transit routers must be of Enterprise Edition when you associate the inter-region connection with a route table.
    400 OperationFailed.TransitRouterType Operation failed because transit router type not support this operation. The error message returned because this operation is not support by the specified type of transit router.
    400 IncorrectStatus.AttachmentOrRouteTable The resource is not in a valid state for the operation. The error message returned because this operation is not supported when the specified attachment or route table is in an unstable state. Try again later.
    400 IllegalParam.TransitRouterTableId The specified TransitRouterTableId is invalid. The error message returned because the TransitRouterTableId parameter is set to an invalid value.
    400 OperationUnsupported.Associate The specified attachment or routeTable is not supported by this operation. The error message returned because this operation is not supported by the specified attachment or route table.
    400 InvalidParameter Invalid parameter. The error message returned because the parameter is set to an invalid value.
    400 Unauthorized The AccessKeyId is unauthorized. The error message returned because you do not have the permissions to perform this operation.
    404 InvalidRouteTableId.NotFound The specified RouteTableId is not found. The specified route table ID does not exist.
    404 InvalidAttachmentId.NotFound The specified AttachmentId is not found. The error message returned because the specified network instance connection ID does not exist.

    See Error Codes for a complete list.

    Release notes

    See Release Notes for a complete list.