Queries virtual private cloud (VPC) firewalls. Each VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a Cloud Enterprise Network (CEN) instance.

Description

You can call the DescribeVpcFirewallCenList operation to query VPC firewalls. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance.

Limits

You can call this operation up to 10 times per second per account. When the number of calls to this operation per second exceeds the limit, throttling is triggered. Throttling may affect your business. We recommend that you take note of the limit on this operation.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters

Parameter Type Required Example Description
Action String Yes DescribeVpcFirewallCenList

The operation that you want to perform. Set the value to DescribeVpcFirewallCenList.

Lang String No zh

The language of the content within the request and response. Valid values:

  • zh: Chinese (default)
  • en: English
RegionNo String No cn-hangzhou

The ID of the region to which the VPC belongs.

Note For more information about the regions, see Supported regions.
NetworkInstanceId String No vpc-8vbwbo90rq0anm6t****

The ID of the network instance.

FirewallSwitchStatus String No opened

The status of the VPC firewall. Valid values:

  • opened: The VPC firewall is enabled.
  • closed: The VPC firewall is disabled.
  • notconfigured: The VPC firewall is not created.
  • configured: The VPC firewall is created.
Note If you do not specify this parameter, VPC firewalls in all states are queried.
VpcFirewallId String No vfw-m5e7dbc4y****

The instance ID of the VPC firewall.

VpcFirewallName String No Test firewall

The instance name of the VPC firewall.

CenId String No cen-x5jayxou71ad73****

The ID of the CEN instance.

CurrentPage String No 1

The number of the page to return.

Pages start from page 1. Default value: 1.

PageSize String No 10

The number of entries to return on each page.

Default value: 10. Maximum value: 50.

RouteMode String No auto

The routing mode of the VPC firewall. Valid values:

  • auto: automatic mode
  • manual: manual mode
Note If you do not specify this parameter, VPC firewalls in all routing modes are queried.
MemberUid String No 258039427902****

The UID of the member that is managed by your Alibaba Cloud account.

Response parameters

Parameter Type Example Description
TotalCount Integer 10

The total number of VPC firewalls.

RequestId String 850A84D6-0DE4-4797-A1E8-00090125k8g2

The ID of the request.

VpcFirewalls Array of Data

The details about the VPC firewall.

ConnectType String cen

The connection type of the VPC firewall. The value is fixed as cen, which indicates a CEN instance.

VpcFirewallId String vfw-m5e7dbc4y****

The instance ID of the VPC firewall.

RegionStatus String enable

Indicates whether you can create a VPC firewall in a region. Valid values:

  • enable: yes
  • disable: no
CenId String cen-x5jayxou71ad73****

The ID of the CEN instance.

VpcFirewallName String Test firewall

The instance name of the VPC firewall.

ResultCode String test

The result code of the operation that creates the VPC firewall. Valid values:

  • Unauthorized: Cloud Firewall is not authorized to access the VPC for which the VPC firewall is created, and the VPC firewall cannot be created.
  • RegionDisable: VPC Firewall is not supported in the region of the VPC for which the VPC firewall is created, and the VPC firewall cannot be created.
  • OpsDisable: You are not allowed to create the VPC firewall.
  • VbrNotSupport: The VPC firewall cannot be created for a VBR that is attached to the CEN instance.
  • Empty string: You can create a VPC firewall for the network instance.
CenName String Test CEN instance

The name of the CEN instance.

FirewallSwitchStatus String opened

The status of the VPC firewall. Valid values:

  • opened: The VPC firewall is enabled.
  • closed: The VPC firewall is not enabled.
  • notconfigured: The VPC firewall is not created.
LocalVpc Object

The details about the VPC.

VpcId String vpc-8vbwbo90rq0anm6t****

The ID of the VPC.

TransitRouterType String Basic

The edition of the CEN transit router. Valid values:

  • Basic: Basic Edition
  • Enterprise: Enterprise Edition
NetworkInstanceId String vpc-2zefk9fbn8j7v585g****

The ID of the network instance.

RouteMode String auto

The routing mode of the VPC firewall. Valid values:

  • auto: automatic mode
  • manual: manual mode
RegionNo String cn-hangzhou

The ID of the region to which the VPC belongs.

AuthorizationStatus String authorized

Indicates whether the VPC is authorized. The value is fixed as authorized, which indicates that the VPC is authorized.

ManualVSwitchId String vsw-zeq4o875u****

The ID of the specified vSwitch when the routing mode is manual.

OwnerId Long 158039427902****

The ID of the Alibaba Cloud account to which the VPC belongs.

NetworkInstanceType String VPC

The type of the network instance. Valid values:

  • VPC
  • VBR
  • CCN instance
VpcName String Test instance

The name of the VPC.

SupportManualMode String 0

Indicates whether the manual routing mode is supported. Valid values:

  • 1: yes
  • 0: no
NetworkInstanceName String Test VPC

The name of the network instance.

VpcCidrTableList Array of cidrTable

The CIDR block of the VPC.

RouteTableId String vtb-1234

The route table ID of the VPC.

RouteEntryList Array of routeEntry

The route entries for the VPC.

NextHopInstanceId String vrt-m5eb5me6c3l5sezae****

The instance ID of the next hop for the VPC.

DestinationCidr String 192.168.XX.XX/24

The destination CIDR block of the VPC.

DefendCidrList Array of String 10.0.XX.XX/24

The CIDR blocks that are protected by the VPC firewall.

IpsConfig Object

The information about the intrusion prevention system (IPS) configuration.

BasicRules Integer 1

Indicates whether basic protection is enabled. Valid values:

  • 1: yes
  • 0: no
EnableAllPatch Integer 1

Indicates whether virtual patching is enabled. Valid values:

  • 1: yes
  • 0: no
RunMode Integer 0

The mode of the intrusion prevention system (IPS). Valid values:

  • 1: block mode
  • 0: monitor mode
MemberUid String 258039427902****

The UID of the member that is managed by your Alibaba Cloud account.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeVpcFirewallCenList
&Lang=zh
&RegionNo=cn-hangzhou
&NetworkInstanceId=vpc-8vbwbo90rq0anm6t****
&FirewallSwitchStatus=opened
&VpcFirewallId=vfw-m5e7dbc4y****
&VpcFirewallName=Test firewall
&CenId=cen-x5jayxou71ad73****
&CurrentPage=1
&PageSize=10
&RouteMode=auto
&MemberUid=258039427902****
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<DescribeVpcFirewallCenListResponse>
    <TotalCount>10</TotalCount>
    <RequestId>850A84D6-0DE4-4797-A1E8-00090125k8g2</RequestId>
    <VpcFirewalls>
        <ConnectType>cen</ConnectType>
        <VpcFirewallId>vfw-m5e7dbc4y****</VpcFirewallId>
        <RegionStatus>enable</RegionStatus>
        <CenId>cen-x5jayxou71ad73****</CenId>
        <VpcFirewallName>Test firewall</VpcFirewallName>
        <ResultCode>test</ResultCode>
        <CenName>Test CEN instance</CenName>
        <FirewallSwitchStatus>opened</FirewallSwitchStatus>
        <LocalVpc>
            <VpcId>vpc-8vbwbo90rq0anm6t****</VpcId>
            <TransitRouterType>Basic</TransitRouterType>
            <NetworkInstanceId>vpc-2zefk9fbn8j7v585g****</NetworkInstanceId>
            <RouteMode>auto</RouteMode>
            <RegionNo>cn-hangzhou</RegionNo>
            <AuthorizationStatus>authorized</AuthorizationStatus>
            <ManualVSwitchId>vsw-zeq4o875u****</ManualVSwitchId>
            <NetworkInstanceType>VPC</NetworkInstanceType>
            <VpcName>Test instance</VpcName>
            <SupportManualMode>0</SupportManualMode>
            <NetworkInstanceName>Test VPC</NetworkInstanceName>
            <VpcCidrTableList>
                <RouteTableId>vtb-1234</RouteTableId>
                <RouteEntryList>
                    <NextHopInstanceId>vrt-m5eb5me6c3l5sezae****</NextHopInstanceId>
                    <DestinationCidr>192.168.XX.XX/24</DestinationCidr>
                </RouteEntryList>
            </VpcCidrTableList>
            <DefendCidrList>10.0.XX.XX/24</DefendCidrList>
        </LocalVpc>
        <IpsConfig>
            <BasicRules>1</BasicRules>
            <EnableAllPatch>1</EnableAllPatch>
            <RunMode>0</RunMode>
        </IpsConfig>
        <MemberUid>258039427902****</MemberUid>
    </VpcFirewalls>
</DescribeVpcFirewallCenListResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "TotalCount" : 10,
  "RequestId" : "850A84D6-0DE4-4797-A1E8-00090125k8g2",
  "VpcFirewalls" : [ {
    "ConnectType" : "cen",
    "VpcFirewallId" : "vfw-m5e7dbc4y****",
    "RegionStatus" : "enable",
    "CenId" : "cen-x5jayxou71ad73****",
    "VpcFirewallName" : "Test firewall",
    "ResultCode" : "test",
    "CenName" : "Test CEN instance",
    "FirewallSwitchStatus" : "opened",
    "LocalVpc" : {
      "VpcId" : "vpc-8vbwbo90rq0anm6t****",
      "TransitRouterType" : "Basic",
      "NetworkInstanceId" : "vpc-2zefk9fbn8j7v585g****",
      "RouteMode" : "auto",
      "RegionNo" : "cn-hangzhou",
      "AuthorizationStatus" : "authorized",
      "ManualVSwitchId" : "vsw-zeq4o875u****",
      "NetworkInstanceType" : "VPC",
      "VpcName" : "Test instance",
      "SupportManualMode" : "0",
      "NetworkInstanceName" : "Test VPC",
      "VpcCidrTableList" : [ {
        "RouteTableId" : "vtb-1234",
        "RouteEntryList" : [ {
          "NextHopInstanceId" : "vrt-m5eb5me6c3l5sezae****",
          "DestinationCidr" : "192.168.XX.XX/24"
        } ]
      } ],
      "DefendCidrList" : [ "10.0.XX.XX/24" ]
    },
    "IpsConfig" : {
      "BasicRules" : 1,
      "EnableAllPatch" : 1,
      "RunMode" : 0
    },
    "MemberUid" : "258039427902****"
  } ]
}