Queries the details about a virtual private cloud (VPC) firewall. The VPC firewall controls mutual access traffic between a VPC and a network instance that is attached to a Cloud Enterprise Network (CEN) instance.

Usage notes

You can call the DescribeVpcFirewallCenDetail operation to query the details about a VPC firewall. The VPC firewall controls mutual access traffic between a specified VPC and a network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance.

Limits

You can call this operation up to 10 times per second per account. If the number of the calls per second exceeds the limit, throttling is triggered. As a result, your business may be affected. We recommend that you take note of the limit when you call this operation.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeVpcFirewallCenDetail

The operation that you want to perform. Set the value to DescribeVpcFirewallCenDetail.

Lang String No zh

The language of the content within the request and response. Valid values:

  • zh: Chinese (default)
  • en: English
VpcFirewallId String Yes vfw-m5e7dbc4y****

The instance ID of the VPC firewall.

Note You can call the DescribeVpcFirewallCenList operation to query the instance IDs of VPC firewalls.
NetworkInstanceId String No vpc-2zefk9fbn8j7v585g****

The ID of the VPC for which the VPC firewall is created.

Response parameters

Parameter Type Example Description
ConnectType String cen

The connection type of the VPC firewall. The value is fixed as cen, which indicates CEN instances.

VpcFirewallName String Test firewall

The instance name of the VPC firewall.

VpcFirewallId String vfw-m5e7dbc4y****

The instance ID of the VPC firewall.

FirewallSwitchStatus String opened

The status of the VPC firewall. Valid values:

  • opened: enabled
  • closed: disabled
  • notconfigured: not configured
RequestId String 850A84D6-0DE4-4797-A1E8-00090125g4d2

The ID of the request.

LocalVpc Object

The details about the VPC.

VpcId String vpc-8vbwbo90rq0anm6t****

The ID of the VPC.

TransitRouterType String Basic

The edition of the CEN transit router. Valid values:

  • Basic: Basic Edition
  • Enterprise: Enterprise Edition
RouteMode String auto

The routing mode. Valid values:

  • auto
  • manual
NetworkInstanceId String vpc-2zefk9fbn8j7v585g****

The ID of the VPC for which the VPC firewall is created.

RegionNo String cn-hangzhou

The ID of the region in which the VPC resides.

ManualVSwitchId String vsw-zeq4o875u****

The ID of the vSwitch. The value of this parameter is returned only when the RouteMode parameter is set to manual.

OwnerId String 158039427902****

The UID of the Alibaba Cloud account to which the VPC belongs.

NetworkInstanceType String VPC

The type of the network instance. The value is fixed as VPC.

VpcName String Test instance

The name of the VPC.

SupportManualMode String 0

Indicates whether the routing mode can be set to manual. Valid values:

  • 1: yes
  • 0: no
TransitRouterId String tr-2zetwxskej633l3u1****

The instance ID of the CEN transit router.

AttachmentId String tr-attach-sxig7bye51fid5****

The ID of the connection between two network instances.

NetworkInstanceName String Test VPC

The name of the network instance.

AttachmentName String Local test

The name of the connection between two network instances.
VpcCidrTableList Array of cidrTable

The CIDR blocks of the VPC.

RouteTableId String vtb-1234

The ID of the route table for the VPC.

RouteEntryList Array of routeEntry

The route entries of the VPC.

NextHopInstanceId String vrt-m5eb5me6c3l5sezae****

The instance ID of the next hop for the VPC.

DestinationCidr String 192.168.XX.XX/24

The destination CIDR block of the VPC.

EniList Array of eniInfo

The Elastic Network Interfaces (ENIs).

EniId String eni-8vbhfosfqv2rff42****

The ID of the ENI that belongs to the VPC.

EniPrivateIpAddress String 192.168.XX.XX

The private IP address of the ENI that belongs to the VPC.

DefendCidrList Array of String 10.0.XX.XX/24

The CIDR blocks that are protected by the VPC firewall.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeVpcFirewallCenDetail
&Lang=zh
&VpcFirewallId=vfw-m5e7dbc4y****
&NetworkInstanceId=vpc-2zefk9fbn8j7v585g****
&Common request parameters

Sample success responses

XML format 

HTTP/1.1 200 OK
Content-Type:application/xml

<DescribeVpcFirewallCenDetailResponse>
    <ConnectType>cen</ConnectType>
    <VpcFirewallName>Test firewall</VpcFirewallName>
    <VpcFirewallId>vfw-m5e7dbc4y****</VpcFirewallId>
    <FirewallSwitchStatus>opened</FirewallSwitchStatus>
    <RequestId>850A84D6-0DE4-4797-A1E8-00090125g4d2</RequestId>
    <LocalVpc>
        <VpcId>vpc-8vbwbo90rq0anm6t****</VpcId>
        <TransitRouterType>Basic</TransitRouterType>
        <RouteMode>auto</RouteMode>
        <NetworkInstanceId>vpc-2zefk9fbn8j7v585g****</NetworkInstanceId>
        <RegionNo>cn-hangzhou</RegionNo>
        <ManualVSwitchId>vsw-zeq4o875u****</ManualVSwitchId>
        <OwnerId>158039427902****</OwnerId>
        <NetworkInstanceType>VPC</NetworkInstanceType>
        <VpcName>Test instance</VpcName>
        <SupportManualMode>0</SupportManualMode>
        <TransitRouterId>tr-2zetwxskej633l3u1****</TransitRouterId>
        <AttachmentId>tr-attach-sxig7bye51fid5****</AttachmentId>
        <NetworkInstanceName>Test VPC</NetworkInstanceName>
        <AttachmentName>Local test</AttachmentName>
        <VpcCidrTableList>
            <RouteTableId>vtb-1234</RouteTableId>
            <RouteEntryList>
                <NextHopInstanceId>vrt-m5eb5me6c3l5sezae****</NextHopInstanceId>
                <DestinationCidr>192.168.XX.XX/24</DestinationCidr>
            </RouteEntryList>
        </VpcCidrTableList>
        <EniList>
            <EniId>eni-8vbhfosfqv2rff42****</EniId>
            <EniPrivateIpAddress>192.168.XX.XX</EniPrivateIpAddress>
        </EniList>
        <DefendCidrList>10.0.XX.XX/24</DefendCidrList>
    </LocalVpc>
</DescribeVpcFirewallCenDetailResponse>

JSON format 

HTTP/1.1 200 OK
Content-Type:application/json

{
  "ConnectType" : "cen",
  "VpcFirewallName" : "Test firewall",
  "VpcFirewallId" : "vfw-m5e7dbc4y****",
  "FirewallSwitchStatus" : "opened",
  "RequestId" : "850A84D6-0DE4-4797-A1E8-00090125g4d2",
  "LocalVpc" : {
    "VpcId" : "vpc-8vbwbo90rq0anm6t****",
    "TransitRouterType" : "Basic",
    "RouteMode" : "auto",
    "NetworkInstanceId" : "vpc-2zefk9fbn8j7v585g****",
    "RegionNo" : "cn-hangzhou",
    "ManualVSwitchId" : "vsw-zeq4o875u****",
    "OwnerId" : "158039427902****",
    "NetworkInstanceType" : "VPC",
    "VpcName" : "Test instance",
    "SupportManualMode" : "0",
    "TransitRouterId" : "tr-2zetwxskej633l3u1****",
    "AttachmentId" : "tr-attach-sxig7bye51fid5****",
    "NetworkInstanceName" : "Test VPC",
    "AttachmentName" : "Local test",
    "VpcCidrTableList" : [ {
      "RouteTableId" : "vtb-1234",
      "RouteEntryList" : [ {
        "NextHopInstanceId" : "vrt-m5eb5me6c3l5sezae****",
        "DestinationCidr" : "192.168.XX.XX/24"
      } ]
    } ],
    "EniList" : [ {
      "EniId" : "eni-8vbhfosfqv2rff42****",
      "EniPrivateIpAddress" : "192.168.XX.XX"
    } ],
    "DefendCidrList" : [ "10.0.XX.XX/24" ]
  }
}