DescribeVpcFirewallCenList - API Reference| Alibaba Cloud Documentation Center

Description

You can call the DescribeVpcFirewallCenList operation to query VPC firewalls. The VPC firewall protects mutual access traffic between a VPC and a specified network instance that is attached to a CEN instance. The network instance can be a VPC, a virtual border router (VBR), or a Cloud Connect Network (CCN) instance.

Limits

You can call this operation up to 10 times per second per account. When the number of calls to this operation per second exceeds the limit, throttling is triggered. Throttling may affect your business. We recommend that you take note of the limit on this operation.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer. OpenAPI Explorer dynamically generates the sample code of the operation for different SDKs.

Request parameters


Parameter	Type	Required	Example	Description
Action	String	Yes	DescribeVpcFirewallCenList	The operation that you want to perform. Set the value to DescribeVpcFirewallCenList.
Lang	String	No	zh	The language of the content within the request and response. Valid values: zh: Chinese (default) en: English
RegionNo	String	No	cn-hangzhou	The ID of the region to which the VPC belongs. Note For more information about the regions, see Supported regions.
NetworkInstanceId	String	No	vpc-8vbwbo90rq0anm6t****	The ID of the network instance.
FirewallSwitchStatus	String	No	opened	The status of the VPC firewall. Valid values: opened: The VPC firewall is enabled. closed: The VPC firewall is disabled. notconfigured: The VPC firewall is not created. configured: The VPC firewall is created. Note If you do not specify this parameter, VPC firewalls in all states are queried.
VpcFirewallId	String	No	vfw-m5e7dbc4y****	The instance ID of the VPC firewall.
VpcFirewallName	String	No	Test firewall	The instance name of the VPC firewall.
CenId	String	No	cen-x5jayxou71ad73****	The ID of the CEN instance.
CurrentPage	String	No	1	The number of the page to return. Pages start from page 1. Default value: 1.
PageSize	String	No	10	The number of entries to return on each page. Default value: 10. Maximum value: 50.
RouteMode	String	No	auto	The routing mode of the VPC firewall. Valid values: auto: automatic mode manual: manual mode Note If you do not specify this parameter, VPC firewalls in all routing modes are queried.
MemberUid	String	No	258039427902****	The UID of the member that is managed by your Alibaba Cloud account.

Response parameters


Parameter	Type	Example	Description
TotalCount	Integer	10	The total number of VPC firewalls.
RequestId	String	850A84D6-0DE4-4797-A1E8-00090125k8g2	The ID of the request.
VpcFirewalls	Array of Data		The details about the VPC firewall.
ConnectType	String	cen	The connection type of the VPC firewall. The value is fixed as cen, which indicates a CEN instance.
VpcFirewallId	String	vfw-m5e7dbc4y****	The instance ID of the VPC firewall.
RegionStatus	String	enable	Indicates whether you can create a VPC firewall in a region. Valid values: enable: yes disable: no
CenId	String	cen-x5jayxou71ad73****	The ID of the CEN instance.
VpcFirewallName	String	Test firewall	The instance name of the VPC firewall.
ResultCode	String	test	The result code of the operation that creates the VPC firewall. Valid values: Unauthorized: Cloud Firewall is not authorized to access the VPC for which the VPC firewall is created, and the VPC firewall cannot be created. RegionDisable: VPC Firewall is not supported in the region of the VPC for which the VPC firewall is created, and the VPC firewall cannot be created. OpsDisable: You are not allowed to create the VPC firewall. VbrNotSupport: The VPC firewall cannot be created for a VBR that is attached to the CEN instance. Empty string: You can create a VPC firewall for the network instance.
CenName	String	Test CEN instance	The name of the CEN instance.
FirewallSwitchStatus	String	opened	The status of the VPC firewall. Valid values: opened: The VPC firewall is enabled. closed: The VPC firewall is not enabled. notconfigured: The VPC firewall is not created.
LocalVpc	Object		The details about the VPC.
VpcId	String	vpc-8vbwbo90rq0anm6t****	The ID of the VPC.
TransitRouterType	String	Basic	The edition of the CEN transit router. Valid values: Basic: Basic Edition Enterprise: Enterprise Edition
NetworkInstanceId	String	vpc-2zefk9fbn8j7v585g****	The ID of the network instance.
RouteMode	String	auto	The routing mode of the VPC firewall. Valid values: auto: automatic mode manual: manual mode
RegionNo	String	cn-hangzhou	The ID of the region to which the VPC belongs.
AuthorizationStatus	String	authorized	Indicates whether the VPC is authorized. The value is fixed as authorized, which indicates that the VPC is authorized.
ManualVSwitchId	String	vsw-zeq4o875u****	The ID of the specified vSwitch when the routing mode is manual.
OwnerId	Long	158039427902****	The ID of the Alibaba Cloud account to which the VPC belongs.
NetworkInstanceType	String	VPC	The type of the network instance. Valid values: VPC VBR CCN instance
VpcName	String	Test instance	The name of the VPC.
SupportManualMode	String	0	Indicates whether the manual routing mode is supported. Valid values: 1: yes 0: no
NetworkInstanceName	String	Test VPC	The name of the network instance.
VpcCidrTableList	Array of cidrTable		The CIDR block of the VPC.
RouteTableId	String	vtb-1234	The route table ID of the VPC.
RouteEntryList	Array of routeEntry		The route entries for the VPC.
NextHopInstanceId	String	vrt-m5eb5me6c3l5sezae****	The instance ID of the next hop for the VPC.
DestinationCidr	String	192.168.XX.XX/24	The destination CIDR block of the VPC.
DefendCidrList	Array of String	10.0.XX.XX/24	The CIDR blocks that are protected by the VPC firewall.
IpsConfig	Object		The information about the intrusion prevention system (IPS) configuration.
BasicRules	Integer	1	Indicates whether basic protection is enabled. Valid values: 1: yes 0: no
EnableAllPatch	Integer	1	Indicates whether virtual patching is enabled. Valid values: 1: yes 0: no
RunMode	Integer	0	The mode of the intrusion prevention system (IPS). Valid values: 1: block mode 0: monitor mode
MemberUid	String	258039427902****	The UID of the member that is managed by your Alibaba Cloud account.

Examples

Sample requests

http(s)://[Endpoint]/?Action=DescribeVpcFirewallCenList
&Lang=zh
&RegionNo=cn-hangzhou
&NetworkInstanceId=vpc-8vbwbo90rq0anm6t****
&FirewallSwitchStatus=opened
&VpcFirewallId=vfw-m5e7dbc4y****
&VpcFirewallName=Test firewall
&CenId=cen-x5jayxou71ad73****
&CurrentPage=1
&PageSize=10
&RouteMode=auto
&MemberUid=258039427902****
&Common request parameters

Sample success responses

XML format

HTTP/1.1 200 OK
Content-Type:application/xml

<DescribeVpcFirewallCenListResponse>
    <TotalCount>10</TotalCount>
    <RequestId>850A84D6-0DE4-4797-A1E8-00090125k8g2</RequestId>
    <VpcFirewalls>
        <ConnectType>cen</ConnectType>
        <VpcFirewallId>vfw-m5e7dbc4y****</VpcFirewallId>
        <RegionStatus>enable</RegionStatus>
        <CenId>cen-x5jayxou71ad73****</CenId>
        <VpcFirewallName>Test firewall</VpcFirewallName>
        <ResultCode>test</ResultCode>
        <CenName>Test CEN instance</CenName>
        <FirewallSwitchStatus>opened</FirewallSwitchStatus>
        <LocalVpc>
            <VpcId>vpc-8vbwbo90rq0anm6t****</VpcId>
            <TransitRouterType>Basic</TransitRouterType>
            <NetworkInstanceId>vpc-2zefk9fbn8j7v585g****</NetworkInstanceId>
            <RouteMode>auto</RouteMode>
            <RegionNo>cn-hangzhou</RegionNo>
            <AuthorizationStatus>authorized</AuthorizationStatus>
            <ManualVSwitchId>vsw-zeq4o875u****</ManualVSwitchId>
            <NetworkInstanceType>VPC</NetworkInstanceType>
            <VpcName>Test instance</VpcName>
            <SupportManualMode>0</SupportManualMode>
            <NetworkInstanceName>Test VPC</NetworkInstanceName>
            <VpcCidrTableList>
                <RouteTableId>vtb-1234</RouteTableId>
                <RouteEntryList>
                    <NextHopInstanceId>vrt-m5eb5me6c3l5sezae****</NextHopInstanceId>
                    <DestinationCidr>192.168.XX.XX/24</DestinationCidr>
                </RouteEntryList>
            </VpcCidrTableList>
            <DefendCidrList>10.0.XX.XX/24</DefendCidrList>
        </LocalVpc>
        <IpsConfig>
            <BasicRules>1</BasicRules>
            <EnableAllPatch>1</EnableAllPatch>
            <RunMode>0</RunMode>
        </IpsConfig>
        <MemberUid>258039427902****</MemberUid>
    </VpcFirewalls>
</DescribeVpcFirewallCenListResponse>

JSON format

HTTP/1.1 200 OK
Content-Type:application/json

{
  "TotalCount" : 10,
  "RequestId" : "850A84D6-0DE4-4797-A1E8-00090125k8g2",
  "VpcFirewalls" : [ {
    "ConnectType" : "cen",
    "VpcFirewallId" : "vfw-m5e7dbc4y****",
    "RegionStatus" : "enable",
    "CenId" : "cen-x5jayxou71ad73****",
    "VpcFirewallName" : "Test firewall",
    "ResultCode" : "test",
    "CenName" : "Test CEN instance",
    "FirewallSwitchStatus" : "opened",
    "LocalVpc" : {
      "VpcId" : "vpc-8vbwbo90rq0anm6t****",
      "TransitRouterType" : "Basic",
      "NetworkInstanceId" : "vpc-2zefk9fbn8j7v585g****",
      "RouteMode" : "auto",
      "RegionNo" : "cn-hangzhou",
      "AuthorizationStatus" : "authorized",
      "ManualVSwitchId" : "vsw-zeq4o875u****",
      "NetworkInstanceType" : "VPC",
      "VpcName" : "Test instance",
      "SupportManualMode" : "0",
      "NetworkInstanceName" : "Test VPC",
      "VpcCidrTableList" : [ {
        "RouteTableId" : "vtb-1234",
        "RouteEntryList" : [ {
          "NextHopInstanceId" : "vrt-m5eb5me6c3l5sezae****",
          "DestinationCidr" : "192.168.XX.XX/24"
        } ]
      } ],
      "DefendCidrList" : [ "10.0.XX.XX/24" ]
    },
    "IpsConfig" : {
      "BasicRules" : 1,
      "EnableAllPatch" : 1,
      "RunMode" : 0
    },
    "MemberUid" : "258039427902****"
  } ]
}