CreateTransitRouterVbrAttachment - Cloud Enterprise Network

Connects a virtual border router (VBR) to an Enterprise Edition transit router.

Operation Description

For more information about the regions and zones that support Enterprise Edition transit routers, see What is CEN?
You can use the following methods to connect a VBR to an Enterprise Edition transit router:
- If an Enterprise Edition transit router is already created in the region where you want to create a VBR connection, set the VbrId and TransitRouterId parameters.
- If no Enterprise Edition transit router is created in the region where you want to create a VBR connection, set the VbrId, CenId, and RegionId parameters. Then, the system automatically creates an Enterprise Edition transit router in the specified region.
CreateTransitRouterVbrAttachment is an asynchronous operation. After you send a request, the system returns a VBR connection ID and runs the task in the background. You can call the ListTransitRouterVbrAttachments operation to query the status of a VBR connection.
- If a VBR connection is in the Attaching state, the VBR connection is being created. You can query the VBR connection but cannot perform other operations.
- If a VBR connection is in the Attached state, the VBR connection is created.

debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

debugging

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
cen:CreateTransitRouterVbrAttachment	Write	CenInstance acs:cen::{#accountId}:ceninstance/ CenInstance acs:cen::{#accountId}:ceninstance/{#ceninstanceId} TransitRouterVbrAttachment acs:cen::{#accountId}:centransitrouterattachment/*	none	none

Request parameters

Parameter	Type	Required	Description	Example
ClientToken	string	No	The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters. Note If you do not set this parameter, ClientToken is set to the value of RequestId. The value of RequestId for each API request may be different.	02fb3da4-130e-11e9-8e44-001****
CenId	string	No	The ID of the Cloud Enterprise Network (CEN) instance.	cen-j3jzhw1zpau2km****
TransitRouterId	string	No	The ID of the Enterprise Edition transit router.	tr-bp1su1ytdxtataupl****
RegionId	string	No	The region ID of the VBR. You can call the DescribeRegions operation to query the most recent region list.	cn-hangzhou
TransitRouterAttachmentName	string	No	The name of the VBR connection. The name must be 2 to 128 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). It must start with a letter.	testname
TransitRouterAttachmentDescription	string	No	The description of the VBR connection. The description must be 2 to 256 characters in length. The description must start with a letter but cannot start with `http://` or `https://`.	testdesc
VbrId	string	Yes	The ID of the VBR.	vbr-bp1svadp4lq38janc****
VbrOwnerId	long	No	The ID of the Alibaba Cloud account to which the VBR belongs. The default value is the ID of the current Alibaba Cloud account. Note If the network instance and CEN instance belong to different Alibaba Cloud accounts, this parameter is required.	1250123456123456
AutoPublishRouteEnabled	boolean	No	Specifies whether to enable the Enterprise Edition transit router to automatically advertise routes to the VBR. Valid values: false (default): no true: yes	false
DryRun	boolean	No	Specifies whether to perform a dry run. Default values: false (default): performs a dry run and sends the request. true: performs a dry run. The system checks the required parameters and request syntax. If the request fails the dry run, an error message is returned. If the request passes the dry run, the system returns the ID of the request.	false
Tag	object []	No	The information about the tags. You can specify at most 20 tags in each call.
Key	string	No	The tag key. The tag key cannot be an empty string. The tag key can be up to 64 characters in length and cannot start with `acs:` or `aliyun`. It cannot contain `http://` or `https://`. You can specify at most 20 tag keys.	TagKey
Value	string	No	The tag value. The tag value can be 0 to 128 characters in length, and cannot start with `aliyun` or `acs:`. It cannot contain `http://` or `https://`. Each tag key must have a unique tag value. You can specify at most 20 tag values in each call.	TagValue

Response parameters

Parameter	Type	Description	Example
	object	The response.
TransitRouterAttachmentId	string	The ID of the VBR connection.	tr-attach-ia340z7xis7t5s****
RequestId	string	The ID of the request.	C087A369-82B9-43EF-91F4-4B63A9C6E6B6

Examples

Sample success responses

JSONformat

{
  "TransitRouterAttachmentId": "tr-attach-ia340z7xis7t5s****",
  "RequestId": "C087A369-82B9-43EF-91F4-4B63A9C6E6B6"
}

Error codes

HTTP status code	Error code	Error message	Description
400	NoPermission.AliyunServiceRolePolicyForCEN	You are not authorized to create the service linked role. Role Name: AliyunServiceRolePolicyForCEN. Service Name: cen.aliyuncs.com. Make sure that the user has been granted the ram:CreateServiceLinkedRole permission.	The error message returned because you do not have the permissions to create the service-linked role whose role name is AliyunServiceRolePolicyForCEN and service name is cen.aliyuncs.com. You must acquire the ram:CreateServiceLinkedRole permission before you can create the service-linked role.
400	OperationUnsupported.TransitRouterRegionId	The specified TransitRouterRegion does not support the operation.	-
400	InvalidCenId.NotFound	CenId is not found.	The error message returned because the specified CEN instance does not exist.
400	InvalidStatus.ResourceStatus	The resource is not in a valid state for the attachment operation.	The error message returned because the status of the specified resource does not support this operation. Try again later.
400	InvalidTransitRouterId.NotFound	TransitRouterId is not found.	The error message returned because the ID of the transit router does not exist.
400	Forbbiden.TransitRouterServiceNotOpen	The user has not open transit router service.	The error message returned because the transit router is disabled. Enable the transit router and try again.
400	OperationUnsupported.TransitRouterType	The specified TransitRouterType does not support the operation.	The error message returned because this operation is not supported by the specified type of transit router.
400	MissingParam.CenIdOrRegionId	Either CenId or RegionId must be specified.	The error message returned because the CenId or RegionId parameter is not set.
400	IncorrectStatus.Vpc	The resource is not in a valid state for the attachment operation.	The error message returned because the status of the VPC does not support this operation. Try again later.
400	Forbidden.VbrDeviceModel	Attach VBR on some access device models are forbidden.	The error message returned because the mode of the VBR does not support this operation.
400	IllegalParam.AssociateRouteTableId	The specified AssociateRouteTableId is illegal.	The error message returned because the specified route table ID (AssociateRouteTableId) is invalid.
400	Forbbiden.AttachChildInstanceAcrossBid	Operation is invalid, please apply for cross-bid attaching.	-
400	IllegalParam.RegionId	RegionId is illegal.	The error message returned because the specified region is invalid.
400	OperationUnsupported.CenFullLevel	CEN full level does not support TransitRouter	The error message returned because CEN instances of the Full type do not support Enterprise Edition transit routers.
400	OperationUnsupported.VbrAttachment	This region not support vbr attachment.	The error message returned because VBR attachments are not supported in the specified region.
400	InvalidOperation.CenInstanceStatus	The CEN instance is not in a valid state for the operation.	-
400	OperationUnsupported.CloudBoxVbrNotSupport	Cloud Box Vbr does not support.	The error message returned because the instance cannot be connected to a CloudBox.
400	IncorrectStatus.VbrResource	The resource is not in a valid state for the attachment operation.	The error message returned because this operation is not supported when the specified VBR is in an unstable state. Wait until all operations related to the VBR are completed.
400	IncorrectStatus.TransitRouter	The status of TransitRouter is incorrect.	The error message returned because the status of the transit router does not support this operation. Try again later.
400	QuotaExceeded.CenQuotaVbrAttachPerTransitRouter	The maximum number of VBR attachment per Transit Router is exceeded.	The error message returned because specified number of VBRs to be attache to the transit router exceeds the upper limit. You can submit a ticket to request a quota increase.
400	QuotaFull.ChildInstanceRelatedCen	The childinstance has exceed the quota of the times that a childinstance can be attached as an attachment.	The error message returned because the number of CEN instances to which the instance is attached has reached the upper limit. You cannot attach the instance to more CEN instances.
400	InvalidParameter	Invalid parameter.	The error message returned because the parameter is set to an invalid value.
400	Unauthorized	The AccessKeyId is unauthorized.	The error message returned because you do not have the permissions to perform this operation.
403	Forbidden.VbrDeviceModel	The attached VBR on some access device models are not supported. Please submit a ticket to continue using this VBR on CEN.	The error message returned because the mode of the VBR does not support this operation.

For a list of error codes, visit the Service error codes.

Change history

Change time

Summary of changes

Operation

2023-10-20

The error codes of the API operation change.

see changesets

Change item	Change content
Error Codes	The error codes of the API operation change.
	delete Error Codes: 400
	delete Error Codes: 403

2023-01-04

The error codes of the API operation change.

see changesets

Change item	Change content
Error Codes	The error codes of the API operation change.
	delete Error Codes: 400
	delete Error Codes: 403

2022-12-22

The error codes of the API operation change.

see changesets

Change item	Change content
Error Codes	The error codes of the API operation change.
	Error Codes 400 change
	delete Error Codes: 403