All Products
Search
Document Center

Elastic Compute Service:ModifyInstanceVpcAttribute

Last Updated:Feb 04, 2024

Changes the virtual private cloud (VPC), private IP address, or vSwitch of an Elastic Compute Service (ECS) instance that resides in a VPC.

Operation description

The instance must be in the Stopped state.``

  • When you call this operation to change the private IP address or vSwitch of an instance, take note of the following items:

    • If the instance is a new instance, you must restart the instance before you call this operation.
    • After the private IP address or vSwitch of the instance is changed, you must restart the instance before you call this operation again.
  • When you call this operation to change the VPC of an instance, take note of the following items:

    • Instance:

      • The instance cannot be associated with Server Load Balancer (SLB) instances.
      • The instance cannot be in the Locked, To Be Released, Expired, Expired and Being Recycled, or Overdue and Being Recycled state. For more information, see ECS instance lifecycle.
      • The instance cannot be used in other Alibaba Cloud services. For example, the instance cannot be in the process of being migrated or having its VPC changed, or the databases deployed on the instance cannot be managed by Data Transmission Service (DTS).
    • Network:

      • The cut-through mode or the multi-EIP-to-ENI mode cannot be enabled for the instance.
      • The instance cannot be associated with a high-availability virtual IP address (HAVIP).
      • The vSwitch of the instance cannot be associated with a custom route table.
      • Global Accelerator (GA) cannot be activated for the instance.
      • The instance cannot have secondary ENIs.
      • The instance cannot be assigned an IPv6 address.
      • The primary ENI of the instance cannot be associated with multiple IP addresses.
      • The new vSwitch that you specify must belong to the new VPC.
      • The original and new vSwitches must reside in the same zone.
      • If you assign a private IP address to the primary ENI of the instance, the private IP address must an idle IP address within the CIDR block of the new vSwitch. If you do not assign a private IP address to the primary ENI of the instance, a private IP address is randomly assigned to the ENI. Sufficient IP addresses must be available in the CIDR block of the new vSwitch.
      • If advanced features are enabled for the new VPC, take note of the instance families that do not support advanced VPC features. For more information, see Instance families that do not support advanced VPC features.
      • The Alibaba Cloud account that owns the new VPC cannot share the VPC with other accounts.
    • Security group (SecurityGroupId.N):

      • All security groups must be of the same type.
      • The valid values of N depend on the maximum number of security groups to which an instance can belong. For more information, see Limits .
      • The security groups that you specify must belong to the new VPC.
      • You can switch the instance to a security group of a different type. If you want to switch an instance to a security group of a different type, we recommend that you familiarize yourself with the differences between the rule configurations of the two security group types to avoid impacts on the instance network. For more information, see Overview .

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

There is currently no authorization information disclosed in the API.

Request parameters

ParameterTypeRequiredDescriptionExample
InstanceIdstringYes

The ID of the instance.

i-bp1iudwa5b1tqag1****
VSwitchIdstringYes

The ID of the vSwitch.

  • If this parameter is set to the ID of the current vSwitch, the vSwitch of the instance remains unchanged.
  • If this parameter is set to the ID of a different vSwitch and the VpcId parameter is not specified, the new vSwitch must belong to the same zone and VPC as the current vSwitch.
  • If the VpcId parameter is specified, the vSwitch specified by this parameter must belong to the specified VPC and the same zone as the current vSwitch.
vsw-bp1s5fnvk4gn3tw12****
PrivateIpAddressstringNo

The new private IP address of the instance.

Note The value of PrivateIpAddress depends on the value of VSwitchId. The specified IP address must be within the CIDR block of the specified vSwitch.

By default, if this parameter is not specified, a private IP address is randomly assigned from the CIDR block of the specified vSwitch.

172.17.**.**
VpcIdstringNo

The ID of the new VPC.

vpc-bp1vwnn14rqpyiczj****
SecurityGroupIdarrayNo

The ID of security group N to which the instance belongs after the VPC is changed. This parameter is required only when the VpcId parameter is specified.

  • The specified security groups must be of the same type.
  • You can specify one or more security groups. The valid values of N depend on the maximum number of security groups to which an instance can belong. For more information, see Limits .
  • The specified security groups must belong to the VPC specified by the VpcId parameter.
stringNo

The security group ID.

sg-o6w9l8bc8dgmkw87****

Response parameters

ParameterTypeDescriptionExample
object
RequestIdstring

The request ID.

473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E

Examples

Sample success responses

JSONformat

{
  "RequestId": "473469C7-AA6F-4DC5-B3DB-A3DC0DE3C83E"
}

Error codes

HTTP status codeError codeError messageDescription
400InvalidTarget.TrafficMirrorSessionInstance is target of traffic mirror session.-
400InvalidSource.TrafficMirrorSessionInstance is source of traffic mirror session.-
400InvalidPrivateIpAddress.MalformedSpecified private IP address is malformed.The specified private IP address is invalid.
400InvalidPrivateIpAddress.DuplicatedSpecified private IP address is duplicated.The specified private IP address is already in use. Try a different IP address.
400IncorrectVSwitchStatusThe current status of virtual switch does not support this operation.The specified vSwitch is in the Pending state and cannot be deleted.
400IncorrectInstanceStatusThe current status of instance does not support this operation.The instance is in a state that does not support the current operation.
400OperationDeniedSpecified operation is denied as your instance is not in VPC.The specified instance does not reside in a VPC.
400InvalidVSwitchId.MismatchSpecified instance and virtual switch are not in the same zone.The specified instance and vSwitch are not in the same zone.
400InvalidPrivateIpAddress.MismatchSpecified private IP address is not in the CIDR block of virtual switch.The specified private IP address is not in the CIDR block of the specified vSwitch.
400InvalidPrivateIp.ChangingPrevious action is not finished yet.The private IP address is being modified.
400InvalidPrivateIpAddress.DuplicatedThe specified IP address already exists on current ENI.-
400OperationDeniedThe operation is denied due to existence of an SNAT entity.-
400PrimaryEniHasSubIpPrimary network interface of the specified instance has more than one private ip.The primary ENI has multiple secondary private IP addresses.
400VSwitchIdNotMatchThe subnet of private ip is different to the instance, please unbind ha vip.-
400InvalidOperation.EniCountExceededThe number of ENIs in an enterprise security group has reached the maximum limit.-
403OperationDeniedThe Specified operation is denied as your instance is locked for security reasons.The operation is denied because the instance is locked for security reasons.
403InvalidIp.Ipv6AssignedThe specified instance has been assigned IPv6 address.-
403OperationDenied%sThe operation is denied.
403SecurityGroupInstanceLimitExceed%s-
403InvalidInstance.HasTransitionRecordThe operation is denied because the specified instance has a migration plan.-
403InvalidInstanceStatus.NotNormalThe Specified operation is denied due to instance status.-
403InvalidVpcId.SharedVpcThe Specified operation is denied as your targe vpc is SharedVpc.-
403InvalidOperation.NotAllowedThe operation is denied because the specified VPC has advanced features enabled.-
403InvalidParameter.ToSecurityGroupId%s-
403InvalidOperation.ResourceManagedByCloudProduct%sYou cannot modify security groups managed by cloud services.
404InvalidInstanceId.NotFoundThe specified InstanceId does not exist.The specified instance does not exist.
404InvalidVSwitchId.NotFoundSpecified virtual switch does not exist.The specified vSwitch ID does not exist.
404InvalidVSwitchId.NotFoundSpecified virtual switch is not found in current VPC.The specified vSwitch does not exist in the current VPC.
404NoSuchResourceThe specified resource is not found.The specified resource does not exist.
404InvalidParameter.InvalidInstanceIdThe specified InstanceId does not exist.-
404InvalidParameter.VSwitchIdThe specified virtual vswitch does not exist.The specified vSwitch does not exist.
404InvalidRegion.ValueNotSupportedThe specified Region does not exist.-
404InvalidInstance.AttachedEniThe Specified operation is denied due to elastic network interface.The VPC cannot be changed while the instance has secondary ENIs bound.
404InvalidIp.MultiPrimaryIpThe Specified operation is denied due to multi private ip.This operation is not allowed while the primary ENI has multiple private IP addresses.
404InvalidIp.Ipv6The Specified operation is denied due to ipv6.-
404InvalidVSwitch.NotBelongToVpc%s-
404InvalidParameter.EniNo%s-
404InvalidSecurityGroupId.NotFound%sThe specified security group ID does not exist.
404InvalidParameter.SecurityGroupIdRepeated%s-
404InvalidSecurityGroupType.NotSupportClassicThe specified SecurityGroupIds have classic group type.The specified security group is in the classic network. Check whether the specified SecurityGroupIds.N parameter is valid.
404InvalidSecurityGroupVpc.NotBelongToOneVpcThe specified SecurityGroupIds are belong to different vpc.The specified security groups belong to different VPCs. Check whether the specified SecurityGroupIds.N parameter is valid. You can call the DescribeSecurityGroups operation to query the VPCs to which the security groups belong.
404EnterpriseGroupLimited.MutliGroupTypeThe specified instance can not join multi SecurityGroup types.The specified instance cannot belong to both a basic and an advanced security group. You can call the DescribeSecurityGroups operation to query the type of security groups.
404InvalidParameter.AlreadyInTargetVpcThe specified instance is already in the destination VPC.-
404InvalidParameter.SecurityGroupIdThe specified SecurityGroupId.N is invalid or does not exist.-
404JoinedGroupLimitExceedThe specified instance has exceed quota of SecurityGroup.-
404InvalidParameter.MustBeEmptyThe specified parameter SecurityGroupId.N and VpcId need be empty.The SecurityGroupId.N and VpcId parameters must be left empty.
404InvalidParameter.NotEnoughIpInVSwitchThe specified virtual switch has not enough available ip.-
404InvalidDependence.MutliDirectlyEipThe Specified operation is denied due to multi directly Eips.-
404InvalidDependence.HaVipThe Specified operation is denied due to HaVip.-
404InvalidDependence.NextHopOfCustomRouterThe Specified operation is denied due to next hop of Custom Router.This operation is not allowed when the instance is the next hop of custom routes.
404InvalidDependence.BeenUsedAsAppServerThe Specified operation is denied due to AppServer.-
404InvalidDependence.GrantAccessThe Specified operation is denied due to grant access.-
404InvalidDependence.BindGAThe Specified operation is denied due to GA.-
404InvalidDependence.SLBThe Specified operation is denied as your instance with alb or clb.The operation is denied because the instance is associated with an ALB instance or a CLB instance.
500InternalErrorThe request processing has failed due to some unknown error.An internal error has occurred. Try again later.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-01-23The Error code has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    Error Codes 400 change
    delete Error Codes: 403
    delete Error Codes: 404
    delete Error Codes: 500
    Added Error Codes: 401
2023-12-19The Error code has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    Error Codes 403 change
    delete Error Codes: 400
    delete Error Codes: 404
    delete Error Codes: 500
2023-12-15The Error code has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    Error Codes 403 change
    delete Error Codes: 400
    delete Error Codes: 404
    delete Error Codes: 500
2023-04-27The Error code has changedsee changesets
Change itemChange content
Error CodesThe Error code has changed.
    Error Codes 400 change
    Error Codes 403 change
    Error Codes 404 change
    delete Error Codes: 500