Creates one or more forwarding rules at a time.
Operation description
When you call this operation, take note of the following limits:
-
When you configure the Redirect action, you can use the default value for the HttpCode parameter but you cannot use the default values for all of the other parameters.
-
If you specify the Rewrite action and other actions in a forwarding rule, make sure that one of the actions is ForwardGroup.
-
CreateRules is an asynchronous operation. After a request is sent, the system returns a request ID and runs the task in the background. You can call the ListRules operation to query the status of forwarding rules.
- If forwarding rules are in the Provisioning state, the forwarding rules are being created.
- If forwarding rules are in the Available state, the forwarding rules have been created.
-
You can set RuleConditions and RuleActions to add conditions and actions to a forwarding rule. Take note of the following limits on the number of conditions and the number of actions in each forwarding rule:
- Limits on conditions: You can specify at most 5 conditions if you use a basic Application Load Balancer (ALB) instance, at most 10 conditions if you use a standard ALB instance, and at most 10 conditions if you use a WAF-enabled ALB instance.
- Limits on actions: You can specify at most 3 actions if you use a basic ALB instance, at most 5 actions if you use a standard ALB instance, and at most 10 actions if you use a WAF-enabled ALB instance.
Debugging
Authorization information
The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action
policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:
- Operation: the value that you can use in the Action element to specify the operation on a resource.
- Access level: the access level of each operation. The levels are read, write, and list.
- Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level,
All Resources
is used in the Resource type column of the operation.
- Condition Key: the condition key that is defined by the cloud service.
- Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
Operation | Access level | Resource type | Condition key | Associated operation |
---|---|---|---|---|
alb:CreateRules | Write |
|
| none |
Request parameters
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
ListenerId | string | Yes | The listener ID of the ALB instance. | lsr-bp1bpn0kn908w4nbw**** |
ClientToken | string | No | The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters. Note
If you do not specify this parameter, the system automatically uses the request ID as the client token. The request ID may be different for each request.
| 5A2CFF0E-5718-45B5-9D4D-70B3FF3898 |
DryRun | boolean | No | Specifies whether to perform only a dry run, without performing the actual request. Valid values:
| false |
Rules | object [] | Yes | The forwarding rules. You can specify at most 10 forwarding rules in each call. | |
Priority | integer | Yes | The priority of the forwarding rule. Valid values: 1 to 10000. A lower value specifies a higher priority. You can specify priorities for at most 10 forwarding rules. Note
The priority of each forwarding rule added to a listener must be unique.
| 10 |
RuleActions | object [] | Yes | The actions of the forwarding rule. | |
FixedResponseConfig | object | No | The configuration of the custom response. You can specify at most 20 responses. | |
Content | string | No | The content of the custom response. The content can be up to 1 KB in size and can contain only ASCII characters. | dssacav |
ContentType | string | No | The format of the content. Valid values:
| text/plain |
HttpCode | string | No | The HTTP status code in the response. Valid values: HTTP_2xx, HTTP_4xx, and HTTP_5xx. x must be a digit. | HTTP_200 |
ForwardGroupConfig | object | No | The configuration of the server group. You can add at most 20 server groups. | |
ServerGroupTuples | object [] | No | The server groups to which requests are forwarded. | |
ServerGroupId | string | No | The server group to which requests are distributed. | sgp-k86c1ov501id6p**** |
Weight | integer | No | The weight of the server group. A larger value specifies a higher weight. A server group with a higher weight receives more requests. Valid values: 0 to 100.
| 100 |
ServerGroupStickySession | object | No | The configuration of session persistence for server groups. | |
Enabled | boolean | No | Specifies whether to enable session persistence. Valid values:
| false |
Timeout | integer | No | The timeout period of sessions. Unit: seconds. Valid values: 1 to 86400. | 2 |
InsertHeaderConfig | object | No | The configuration of the header to be inserted. You can specify at most 20 headers. | |
Key | string | No | The key of the header. The key must be 1 to 40 characters in length, and can contain letters, digits, underscores (_), and hyphens (-). The header key specified by InsertHeaderConfig must be unique. Note
You cannot specify the following header keys: slb-id , slb-ip , x-forwarded-for , x-forwarded-proto , x-forwarded-eip , x-forwarded-port , x-forwarded-client-srcport , connection , upgrade , content-length , transfer-encoding , keep-alive , te , host , cookie , remoteip , and authority . The header keys are case-insensitive.
| key |
Value | string | No | The value of the header.
| UserDefined |
ValueType | string | No | The type of the header. Valid values:
| UserDefined |
Order | integer | Yes | The priority of the action. Valid values: 1 to 50000. A lower value indicates a higher priority. The actions of a forwarding rule are applied in descending order of priority. This parameter is required. The priority of each action within a forwarding rule must be unique. You can specify priorities for at most 20 actions. | 1 |
RedirectConfig | object | No | The redirect configuration. You can specify at most 20 redirects. | |
Host | string | No | The hostname to which requests are redirected. Valid values:
| www.example.com |
HttpCode | string | No | The HTTP status code that indicates the redirect type. Valid values: 301, 302, 303, 307, and 308. | 301 |
Path | string | No | The path to which requests are redirected. Valid values:
| /test |
Port | string | No | The port to which requests are distributed.
| 10 |
Protocol | string | No | The redirect protocol. Valid values:
Note
HTTPS listeners support only HTTPS to HTTPS redirects.
| HTTP |
Query | string | No | The query string of the URL to which requests are redirected.
| quert |
RewriteConfig | object | No | The rewrite configuration. You can specify at most 20 rewrites. | |
Host | string | No | The hostname to which requests are redirected. Valid values:
| www.example.com |
Path | string | No | The path to which requests are redirected. Valid values:
| /tsdf |
Query | string | No | The query string of the URL to which requests are redirected.
| quedsa |
Type | string | Yes | The action type. You can specify at most 11 types of actions. Valid values:
The following action types are supported:
| ForwardGroup |
TrafficLimitConfig | object | No | The configuration of traffic throttling. You can add at most 20 configuration records. | |
QPS | integer | No | The queries per second (QPS). Value range: 1 to 1000000. | 100 |
PerIpQps | integer | No | The QPS of each IP address. Value range: 1 to 1000000. Note
If QPS and PerIpQps are specified, the value of PerIpQps must be smaller than the value of QPS.
| 80 |
TrafficMirrorConfig | object | No | The configuration of traffic mirroring. You can add at most 20 traffic mirrors. | |
TargetType | string | No | The type of destination to which network traffic is mirrored. Valid values:
| ForwardGroupMirror |
MirrorGroupConfig | object | No | The configuration of the server group to which traffic is mirrored. | |
ServerGroupTuples | object [] | No | The server group to which traffic is mirrored. | |
ServerGroupId | string | No | The ID of the server group. | srg-00mkgijak0w4qgz9**** |
RemoveHeaderConfig | object | No | The configuration of the header to be removed. | |
Key | string | No | The key of the header to be removed. The key must be 1 to 40 characters in length and can contain letters, digits, underscores, and hyphens (-). The header key must be unique.
| test |
CorsConfig | object | No | The CORS configuration. | |
AllowOrigin | array | No | The allowed origins of CORS requests. | |
string | No | The allowed origin of CORS requests. You can specify an asterisk (
| http://example.com | |
AllowMethods | array | No | The allowed HTTP methods for CORS requests. | |
string | No | The allowed HTTP method for CORS requests. Valid values:
| GET | |
AllowHeaders | array | No | The allowed headers for CORS requests. | |
string | No | The allowed header for CORS requests. You can specify | test_123 | |
ExposeHeaders | array | No | The headers that can be exposed. | |
string | No | The header that can be exposed. You can specify | test_123 | |
AllowCredentials | string | No | Specifies whether to allow credentials to be carried in CORS requests. Valid values:
| on |
MaxAge | long | No | The maximum cache time of preflight requests in the browser. Unit: seconds. Valid values: -1 to 172800. | 1000 |
RuleConditions | object [] | Yes | The conditions of the forwarding rule. | |
CookieConfig | object | No | The configurations of the cookies. You can add at most 20 cookies. | |
Values | object [] | No | The key-value pairs of cookies. | |
Key | string | No | The key of the cookie.
| test |
Value | string | No | The value of the cookie.
| test |
HeaderConfig | object | No | The configuration of the header. You can add at most 20 headers. | |
Key | string | No | The key of the header.
| Port |
Values | array | No | The values of the header. | |
string | No | The value of the header. The header values within a forwarding rule must be unique.
| 5006 | |
HostConfig | object | No | The configurations of the hosts. You can specify up to 20 resources. | |
Values | array | No | The hostnames. | |
string | No | The hostname. A forwarding rule can contain only one unique hostname.
| www.example.com | |
MethodConfig | object | No | The configurations of the request methods. You can specify at most 20 request methods. | |
Values | array | No | The request methods. | |
string | No | The request method. Valid values: HEAD, GET, POST, OPTIONS, PUT, PATCH, and DELETE. | PUT | |
PathConfig | object | No | The configurations of the paths. You can specify at most 20 paths. | |
Values | array | No | The paths. | |
string | No | The path. Limits on the value:
| /test | |
QueryStringConfig | object | No | The configuration of the query conditions. You can specify at most 20 query conditions. | |
Values | object [] | No | The configurations of the query string. | |
Key | string | No | They key of the query string.
| test |
Value | string | No | The value of the query string.
| test |
ResponseHeaderConfig | object | No | The configuration of the header. You can add at most 20 headers. | |
Key | string | No | The key of the header.
| Port |
Values | array | No | The values of the header. | |
string | No | The value of the header.
| 5006 | |
ResponseStatusCodeConfig | object | No | The configurations of the response status codes. | |
Values | array | No | The response status codes. | |
string | No | The response status code. | 200 | |
Type | string | Yes | The type of forwarding rule. You can specify at most seven types. Valid values:
| Host |
SourceIpConfig | object | No | The configuration of the source IP addresses based on which user traffic is matched. This parameter is required and takes effect only when Type is set to SourceIP. You can specify at most five values for SourceIp. | |
Values | array | No | The configuration of the source IP addresses based on which user traffic is matched. | |
string | No | The IP address or CIDR block based on which user traffic is matched. You can specify at most five values for SourceIp. | 192.168.0.0/32 | |
RuleName | string | Yes | The name of the forwarding rule. You can name at most 20 forwarding rules.
| test |
Direction | string | No | The direction to which the forwarding rule is applied. You can specify only one direction. Valid values:
Note
Basic ALB instances do not support forwarding rules of the Response type.
| Request |
Tag | object [] | No | The tag that you want to add. | |
Key | string | No | The key of the tag. The tag key can be up to 128 characters in length, and cannot start with acs: or aliyun. It cannot contain http:// or https://. | env |
Value | string | No | The value of the tag. The tag value can be up to 128 characters in length, and cannot start with acs: or aliyun. It cannot contain http:// or https://. | product |
Response parameters
Examples
Sample success responses
JSON
format
{
"JobId": "72dcd26b-f12d-4c27-b3af-18f6aed5****",
"RequestId": "365F4154-92F6-4AE4-92F8-7FF34B540710",
"RuleIds": [
{
"RuleId": "rule-a3x3pg1yohq3lq****",
"Priority": 10
}
]
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
400 | IncorrectStatus.Listener | The status of %s [%s] is incorrect. | The status of %s [%s] is incorrect. |
400 | OperationDenied.IpGroupCanNotUsedForMirrorAction | The operation is not allowed because of %s. | The operation is not allowed because of %s. |
400 | OperationDenied.SameGroupForForwardAndMirrorAction | The operation is not allowed because of %s. | The operation is not allowed because of %s. |
400 | OperationDenied.GRPCServerGroup | The operation is not allowed because of %s. | The operation is not allowed because of %s. |
400 | Conflict.Priority | There is already %s having the same configuration with %s. | There is already %s having the same configuration with %s. |
400 | ResourceQuotaExceeded.LoadBalancerRulesNum | The quota of %s is exceeded for resource %s, usage %s/%s. | The quota of %s is exceeded for resource %s. Usage: %s/%s. |
400 | ResourceQuotaExceeded.ServerGroupAttachedNum | The quota of %s is exceeded for resource %s, usage %s/%s. | The quota of %s is exceeded for resource %s, usage %s/%s. |
400 | ResourceQuotaExceeded.LoadBalancerServersNum | The quota of %s is exceeded for resource %s, usage %s/%s. | The quota of %s is exceeded for resource %s. Usage: %s/%s. |
400 | ResourceQuotaExceeded.ServerAddedNum | The quota of %s is exceeded for resource %s, usage %s/%s. | The quota of %s is exceeded for resource %s. Usage: %s/%s. |
400 | QuotaExceeded.RuleWildcardsNum | The quota of %s is exceeded, usage %s/%s. | The quota of %s is exceeded, usage %s/%s. |
400 | QuotaExceeded.RuleMatchEvaluationsNum | The quota of %s is exceeded, usage %s/%s. | The quota of %s is exceeded. Usage: %s/%s. |
400 | QuotaExceeded.RuleActionsNum | The quota of %s is exceeded, usage %s/%s. | The quota of %s is exceeded. Usage: %s/%s. |
400 | Mismatch.VpcId | The %s is mismatched for %s and %s. | The %s is mismatched for %s and %s. |
400 | Mismatch.Protocol | The %s is mismatched for %s and %s. | The %s is mismatched for %s and %s. |
400 | OperationDenied.RewriteMissingForwardGroup | The operation is not allowed because of RewriteMissingForwardGroup. | The operation is not allowed because rewrite is missing the forward group. |
404 | ResourceNotFound.Listener | The specified resource %s is not found. | The specified resource %s is not found. |
404 | ResourceNotFound.ServerGroup | The specified resource %s is not found. | The specified resource %s is not found. |
For a list of error codes, visit the Service error codes.
Change history
Change time | Summary of changes | Operation | ||||||
---|---|---|---|---|---|---|---|---|
2024-01-18 | The Error code has changed | see changesets | ||||||
| ||||||||
2023-11-09 | The Error code has changed | see changesets | ||||||
|