All Products
Search
Document Center

PrivateLink:CreateVpcEndpointService

Last Updated:Sep 26, 2024

Creates an endpoint service.

Operation description

  • Before you create an endpoint service, make sure that you have created a Server Load Balancer (SLB) instance that supports PrivateLink. For more information, see CreateLoadBalancer .

  • CreateVpcEndpointService is an asynchronous operation. After a request is sent, the system returns a request ID and an instance ID and runs the task in the background. You can call the GetVpcEndpointServiceAttribute operation to query the status of the endpoint service.

    • If the endpoint service is in the Creating state, the endpoint service is being created.
    • If the endpoint service is in the Active state, the endpoint service is created.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
privatelink:CreateVpcEndpointServicecreate
  • VpcEndpointService
    acs:privatelink:{#regionId}:{#accountId}:vpcendpointservice/*
  • LoadBalancer
    acs:alb:{#regionId}:{#accountId}:loadbalancer/{#LoadBalancerId}
  • LoadBalancer
    acs:nlb:{#regionId}:{#accountId}:loadbalancer/{#LoadBalancerId}
  • NatGateway
    acs:vpc:{#regionId}:{#accountId}:natgateway/{#NatGatewayId}
  • LoadBalancer
    acs:slb:{#regionId}:{#accountId}:loadbalancer/{#LoadBalancerId}
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
RegionIdstringYes

The region ID of the endpoint service.

You can call the DescribeRegions operation to query the most recent region list.

cn-huhehaote
ClientTokenstringNo

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters.

0c593ea1-3bea-11e9-b96b-88e9fe637760
DryRunbooleanNo

Specifies whether to perform only a dry run, without performing the actual request.

  • true: performs only a dry run. The system checks the request for potential issues, including missing parameter values, incorrect request syntax, and service limits. If the request fails the dry run, an error message is returned. If the request passes the dry run, the DryRunOperation error code is returned.
  • false (default): performs a dry run and performs the actual request. If the request passes the dry run, a 2xx HTTP status code is returned and the operation is performed.
false
ServiceDescriptionstringNo

The description of the endpoint service.

This is my EndpointService.
AutoAcceptEnabledbooleanNo

Specifies whether to automatically accept endpoint connection requests. Valid values:

  • true
  • false (default)
false
PayerstringNo

The payer. Valid values:

  • Endpoint: service consumer
  • EndpointService: service provider
Endpoint
ZoneAffinityEnabledbooleanNo

Specifies whether to first resolve the domain name of the nearest endpoint that is associated with the endpoint service. Valid values:

  • true
  • false (default)
false
ServiceResourceTypestringNo

The type of the service resource. Valid values:

  • slb: Classic Load Balancer (CLB) instance
  • alb: Application Load Balancer (ALB) instance
  • nlb: Network Load Balancer (NLB) instance
Note You cannot access TCP/SSL listeners configured for NLB instances.
slb
Resourcearray<object>No

The service resources of the endpoint service.

objectNo

The information about the array object.

ResourceTypestringNo

The type of the service resource that is added to the endpoint service. You can add up to 20 service resources to the endpoint service. Valid values:

  • slb: CLB instance
  • alb: ALB instance
  • nlb: NLB instance
Note In regions where PrivateLink is supported, CLB instances deployed in virtual private clouds (VPCs) can serve as the service resources of the endpoint service. You cannot access TCP/SSL listeners configured for NLB instances.
slb
ResourceIdstringNo

The ID of the service resource that is added to the endpoint service. You can specify up to 20 service resource IDs.

lb-hp32z1wp5peaoox2q****
ZoneIdstringNo

The ID of the zone.

cn-huhehaote-a
ServiceSupportIPv6deprecatedbooleanNo

Specifies whether to enable IPv6 for the endpoint service. Valid values:

  • true
  • false (default)
false
ResourceGroupIdstringNo

The resource group ID.

rg-acfmy*****
Tagarray<object>No

The tags to add to the resource.

objectNo

The list of tags.

KeystringNo

The key of the tag to add to the resource. You can specify up to 20 tag keys. The tag key cannot be an empty string.

The tag key can be up to 64 characters in length and cannot contain http:// or https://. The tag key cannot start with aliyun or acs:.

env
ValuestringNo

The value of the tag to add to the resource. You can specify up to 20 tag values. The tag value can be an empty string.

The tag value can be up to 128 characters in length and cannot contain http:// or https://. The tag value cannot start with aliyun or acs:.

prod

Response parameters

ParameterTypeDescriptionExample
object
ServiceBusinessStatusstring

The service state of the endpoint service. Valid values:

  • Normal: The endpoint service runs as expected.
  • FinancialLocked: The endpoint service is locked due to overdue payments.
Normal
RequestIdstring

The request ID.

8D8992C1-6712-423C-BAC5-E5E817484C6B
ServiceNamestring

The name of the endpoint service.

com.aliyuncs.privatelink.cn-huhehaote.epsrv-hp3vpx8yqxblby3i****
ServiceStatusstring

The state of the endpoint service. Valid values:

  • Creating: The endpoint service is being created.
  • Pending: The endpoint service is being modified.
  • Active: The endpoint service is available.
  • Deleting: The endpoint service is being deleted.
Active
ServiceDescriptionstring

The description of the endpoint service.

This is my EndpointService.
CreateTimestring

The time when the endpoint service was created.

2022-01-02T19:11:12Z
ServiceDomainstring

The domain name of the endpoint service.

epsrv-hp3vpx8yqxblby3i****.cn-huhehaote.privatelink.aliyuncs.com
ZoneAffinityEnabledboolean

Indicates whether the domain name of the nearest endpoint that is associated with the endpoint service is resolved first. Valid values:

  • true
  • false
false
AutoAcceptEnabledboolean

Indicates whether the endpoint service automatically accepts endpoint connection requests. Valid values:

  • true
  • false
false
ServiceIdstring

The endpoint service ID.

epsrv-hp3vpx8yqxblby3i****
ServiceSupportIPv6boolean

Indicates whether IPv6 was enabled for the endpoint service. Valid values:

  • true
  • false
false
ResourceGroupIdstring

The resource group ID.

rg-acfmy*****

Examples

Sample success responses

JSONformat

{
  "ServiceBusinessStatus": "Normal",
  "RequestId": "8D8992C1-6712-423C-BAC5-E5E817484C6B",
  "ServiceName": "com.aliyuncs.privatelink.cn-huhehaote.epsrv-hp3vpx8yqxblby3i****",
  "ServiceStatus": "Active",
  "ServiceDescription": "This is my EndpointService.",
  "CreateTime": "2022-01-02T19:11:12Z",
  "ServiceDomain": "epsrv-hp3vpx8yqxblby3i****.cn-huhehaote.privatelink.aliyuncs.com",
  "ZoneAffinityEnabled": false,
  "AutoAcceptEnabled": false,
  "ServiceId": "epsrv-hp3vpx8yqxblby3i****",
  "ServiceSupportIPv6": false,
  "ResourceGroupId": "rg-acfmy*****",
  "AddressIpVersion": ""
}

Error codes

HTTP status codeError codeError messageDescription
400EndpointServiceExistThe specified Endpoint Service already exists.The specified Endpoint Service already exists.
400AlbNotFoundThe specified Alb does not exist.The specified Alb does not exist.
400LoadBalancerNotFoundThe specified load balancer does not exist.The specified Alb does not exist.
400LoadBalancerNotSupportPrivateLinkThe specified SLB does not support PrivateLink.The specified SLB does not support PrivateLink.
400GenerateResourceIdFailedFailed to generate ResourceId.Failed to generate ResourceId.
400QuotaMisMatchedThe resource you applied for has exceeded the quota.The resource you applied for has exceeded the quota.
400VSwitchNotFoundThe specified VSwitch does not exist.The vSwitch is not found.
400EndpointServicePayerForbiddenThe parameter EndpointServicePayer is forbidden. The user is not in the whitelist.-
400NeedOpenProductThe product is not activated.The product is not activated.
400EndpointServiceNotSupportedZoneThe specified endpoint service does not support the zone.The specified endpoint service does not support the zone.
400IllegalParamFormat.%sThe param format of %s is illegal.The parameter format of %s is illegal.
400MissingParam.%sThe param of %s is missing.The parameter %s is missing.
400ResourceNotFound.NatGatewayThe specified resource %s is not found.-
400Mismatch.ResourceTypeThe %s is mismatched for %s and %s.-
400EndpointServiceNotSupportIpv6The param supportIpv6 of EndpointService is forbidden , resource is not support ipv6.The endpoint service does not support IPv6.
400OperationDenied.PrivateDomainNotSupportThe operation is not allowed because of PrivateDomainNotSupport.-
400Conflict.ServiceNameThe ServiceName %s is conflict.-
400InvalidParam.PrivateDnsNameThe parameter of PrivateDnsName is illegal, which needs to end with aliyun.com, aliyun-inc.com, or aliyuncs.com.-
400OperationDenied.ZoneAffinityNotSupportThe operation is not allowed because of zone affinity not support.The operation is not allowed because zone affinity is not supported.
400OperationDenied.RamPolicyNotSupportThe operation is not allowed because of RamPolicyNotSupport.The operation is not allowed because ram policy are not supported.
400OperationDenied.ResourceTypeNotSupportDualStackThe specified resource type does not support dualstack.The specified resource type does not support dualstack.
400OperationDenied.ServiceResourceIpVersionMismatchThe endpoint service and service resource AddressIpVersion do not match.The endpoint service and service resource AddressIpVersion do not match.
400IllegalParam.AddressIpVersionThe specified parameter AddressIpVersion is invalid.The specified parameter AddressIpVersion does not meet the requirements.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-09-18The Error code has changedView Change Details
2024-09-12The Error code has changed. The request parameters of the API has changed. The response structure of the API has changedView Change Details
2024-03-11The Error code has changedView Change Details
2023-09-19The Error code has changedView Change Details
2022-11-30API Description Update. The Error code has changed. The request parameters of the API has changedView Change Details