CreateExpressConnectRouterAssociation - Express Connect - Alibaba Cloud Documentation Center

Associates an Express Connect Router (ECR) with a virtual private cloud (VPC) or a transit router.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

expressconnectrouter:CreateExpressConnectRouterAssociation

create

*ExpressConnectRouter

acs:expressconnectrouter::{#accountId}:expressconnectrouter/{#EcrId}

None

Request parameters

Parameter	Type	Required	Description	Example
EcrId	string	Yes	The ID of ECR.	ecr-mezk2idmsd0vx2****
AssociationRegionId	string	Yes	The region ID of the resource to associate.	cn-hangzhou
TransitRouterOwnerId	integer	No	The ID of the Alibaba Cloud account to which the transit router belongs. The default value is the ID of the current Alibaba Cloud account. Note The TransitRouterOwnerId parameter is required if you want to associate a network instance that belongs to another account.	189159362009****
TransitRouterId	string	No	The ID of the transit router.	tr-2ze4i71c6be454e2l****
CenId	string	No	The ID of Cloud Enterprise Network (CEN).	cen-of3o1the3i4gwb****
VpcOwnerId	integer	No	The ID of the Alibaba Cloud account to which the VPC belongs. The default value is the ID of the current Alibaba Cloud account. Note The parameter is required if you want to associate a network instance that belongs to another account.	132193271328****
VpcId	string	No	The ID of VPC.	vpc-bp1h37fchc6jmfyln****
AllowedPrefixes	array	No	The list of allowed prefix routes.
	string	No	An allowed prefix route.	192.0.20.0/24
CreateAttachment	boolean	No	Specifies whether to create an attachment when you associate an ECR instance with a transit router. Valid values: true: You do not need to create an attachment on the transit router. false: You need to create an attachment on the transit router.	true
DryRun	boolean	No	Specifies whether to perform a dry run. Valid values: true: Sends a check request without modifying service resources. false (Default): Sends a normal request.	false
ClientToken	string	No	The client token that is used to ensure the idempotence of the request. Make sure that the client token is unique for each request. The token can contain only ASCII characters. Note If you do not specify this parameter, the system automatically uses the RequestId of the request as the ClientToken. The RequestId may be different for each request.	02fb3da4-130e-11e9-8e44-00****
AllowedPrefixesMode	string	No	The prefix route pattern. Valid values: MatchMode: Only the configured CIDRs are advertised to the data center. More specific routes that were previously advertised are withdrawn. IncrementalMode: The configured CIDRs are advertised to the data center. More specific routes that fall within the configured CIDR blocks are withdrawn. The more specific routes that do not fall within the range are still advertised.	MatchMode
Description	string	No	The description of the linked instance. The description must be 0 to 128 characters in length.	test

Response elements

Element	Type	Description	Example
	object	RpcResponse
RequestId	string	The request ID.	05130E79-588D-5C40-A718-C4863A59****
Success	boolean	Indicates whether the call was successful. Valid values: True: The call was successful. False: The call failed.	True
Code	string	Indicates whether the call was successful. A return value of 200 indicates that the call was successful. Other values indicate that the call failed. See the Error Codes section.	200
Message	string	The message returned for the operation.	OK
HttpStatusCode	integer	The HTTP status code.	200
DynamicCode	string	The dynamic error code.	IllegalParamFormat.EcrId
DynamicMessage	string	The dynamic error message that is used to replace the `%s` placeholder in the ErrMessage parameter. Note If the ErrMessage parameter returns The Value of Input Parameter %s is not valid and the DynamicMessage parameter returns DtsJobId, the specified DtsJobId parameter is invalid.	The param format of EcrId **** is illegal.
AccessDeniedDetail	string	The details of the access denial.	Authentication is failed for ****
AssociationId	string	The ID of the association between the ECR instance and the VPC or transit router.	ecr-assoc-9p2qxx5phpca2m****

Examples

Success response

JSON format

{
  "RequestId": "05130E79-588D-5C40-A718-C4863A59****",
  "Success": true,
  "Code": "200",
  "Message": "OK",
  "HttpStatusCode": 200,
  "DynamicCode": "IllegalParamFormat.EcrId\n",
  "DynamicMessage": "The param format of EcrId **** is illegal.\n",
  "AccessDeniedDetail": "Authentication is failed for ****\n",
  "AssociationId": "ecr-assoc-9p2qxx5phpca2m****"
}

Error codes

HTTP status code	Error code	Error message	Description
400	IncorrectStatus.Ecr	Ecr Status does not allow current operation.	The status of the express connect gateway instance does not allow the current operation. Currently, other operations are being performed or the express connect gateway instance is being deleted. Please try again later.
400	OperationDenied.ForceDeleting	The current instance is being deleted.	Your current operation is rejected and the leased line gateway instance is being forcibly deleted. Please try again later.
400	UnsupportedRegion	Feature not supported in specified region.	The specified region does not support the leased line gateway function.
400	QuotaExceeded.VpcCountPerEcr	The number of VPC bound to the ECR exceeds the quota.	The number of VPCs that can be bound to a dedicated gateway instance has reached the quota limit. Please contact your business manager to apply for a larger quota.
400	QuotaExceeded.TrCountPerEcr	The number of TR bound to the ECR exceeds the quota.	The number of TRs that can be bound to a dedicated gateway instance has reached the quota limit. Please contact your business manager to apply for a larger quota.
400	IllegalParamFormat.AllowedPrefixes	The prefix parameter format is invalid. Procedure.	The format of the specified prefix route segment is incorrect.
400	OperationDenied.NotGrantedByNodeOwner	The node owner is not authorized.	Your current operation is rejected, and the leased line gateway product is not authorized.
400	OperationFailed.CdtNotOpened	The Cdt function is disabled.	The current operation fails, and the Alibaba Cloud data transmission function is not enabled.
400	OperationFailed.CdtCrossBoarderNotOpened	The Cdt cross-border transmission function is disabled.	The current operation fails. The cross-border data transmission function of Alibaba Cloud is not enabled.
400	OperationFailed.CrossBorderNotAllowed	There is no qualification for creating cross-border links.	The operation failed. The current enterprise does not have the permission to create cross-border links. Please contact your business manager to add this permission.
400	ResourceNotFound.CenId	CenId not found.	Cen instance does not exist
400	ResourceNotFound.TrId	TRId not found.	TR instance does not exist
400	Conflict.ASNOfVBR	ASN already used by other VBR.	The current VBR BgpGroup localAsn is inconsistent with the ECR asn. Adjust the consistency and rebind.
400	MissingParam.%s	The param of %s is missing.	The request parameters are not specified. Please check the corresponding parameters and try again.
400	IllegalParamFormat.%s	The param format of %s is illegal.	Illegal parameter format
400	IllegalParamFormat.CenId	The format of the entered Cen instance ID is incorrect.	The format of the currently entered Cen instance ID is incorrect
400	OperationDenied.CrossBidAssociating	Cross-border binding of resources is subject to compliance constraints.	Your current binding resources involve cross-Chinese site resources and overseas site resources. Due to compliance constraints, please contact your business manager for communication and handling.
400	ExclusiveParam.TransitRouterIdAndVpcId	A private network instance cannot be bound to a forwarding router instance at the same time.	The VPC instance and the forwarding router instance cannot be bound at the same time, please select one of the instances to bind after adjustment.
400	IllegalParamSize.AllowedPrefixes	The number of prefix routes exceeded the quota.	The number of prefix routes you have entered exceeds the quota. Please apply for expansion.
400	OperationDenied.CrossAccountAttaching	If the forwarding router is bound to another account, perform this operation on the same account.	The current operation is rejected. When you bind another account to the forwarding router, you need to do this operation under this account.
400	OperationDenied.AttachmentInCurrentRegionExisted	Only one forwarding router can be bound to an area.	The current operation is rejected. The leased line gateway instance can only bind one forwarding router in the same region.
400	Conflict.Lock	There are other unfinished operations.	You currently have other unfinished operations, please try again later
400	OperationFailed.CallingVpcYaochi	The system is abnormal. Please try again later.	The operation failed and the system is abnormal. Please try again later. If the retry still fails, please contact your business manager for help.
400	ResourceAlreadyExist.TransitRouterId	The specified resource of transit router already exists.	The specified TR resource has been associated with the leased line gateway ECR. Check and try again.
400	ResourceAlreadyExist.VpcId	The specified resource of VpcId already exists.	The specified VPC resource has been associated with the leased line gateway ECR. Please check and try again.
400	Conflict.AllowedPrefixes	The allowed route prefixes [%s] is conflict.	The currently configured AllowedPrefixes already exists. Please confirm and submit it again.
400	UnsupportedFeature.JumboFrame	The region where the sub-instance is located does not support the jumbo frame feature and cannot be attached to the express connect router.
400	InternalErrorTemp	The request processing has failed due to some unknown error.	The request processing has failed due to some unknown error.
404	ResourceNotFound.EcrId	EcrId not found.	ECR instance does not exist

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.