Creates an endpoint.
Operation description
CreateVpcEndpoint is an asynchronous operation. After you call the operation, the system returns an instance ID while the endpoint is still being created as a background node. You can call GetVpcEndpointAttribute to query the creation status of the endpoint:
If the endpoint is in the Creating state, the endpoint is being created.
If the endpoint is in the Active state, the endpoint is created.
Try it now
Test
RAM authorization
|
Action |
Access level |
Resource type |
Condition key |
Dependent action |
|
privatelink:CreateVpcEndpoint |
create |
*VpcEndpoint
*SecurityGroup
*VSwitch
*VPC
|
|
None |
Request parameters
|
Parameter |
Type |
Required |
Description |
Example |
| RegionId |
string |
Yes |
The region ID of the endpoint. You can call DescribeRegions to query the most recent region list. |
cn-huhehaote |
| ClientToken |
string |
No |
The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters. |
0c593ea1-3bea-11e9-b96b-88e9fe637760 |
| DryRun |
boolean |
No |
Specifies whether to perform only a dry run, without performing the actual request. Valid values:
|
false |
| EndpointName |
string |
No |
The name of the endpoint. The name must be 2 to 128 characters in length, and can contain letters, digits, hyphens (-), and underscores (_). It must start with a letter. |
test |
| EndpointType |
string |
No |
The endpoint type. Valid values:
Note
Services that support reverse endpoints can be provided only by Alibaba Cloud and ecosystem partners. By default, you cannot create reverse endpoints on your own. To create a reverse endpoint, contact your account manager. |
Interface |
| ZonePrivateIpAddressCount |
integer |
No |
The number of private IP addresses per endpoint ENI in each zone. Set the value to 1. |
1 |
| EndpointDescription |
string |
No |
The description of the endpoint. The description must be 2 to 256 characters in length and cannot start with |
This is my Endpoint. |
| VpcId |
string |
Yes |
The ID of the virtual private cloud (VPC) to which the endpoint belongs. |
vpc-hp356stwkxg3fn2xe**** |
| ServiceId |
string |
No |
The ID of the endpoint service with which the endpoint is associated. |
epsrv-hp3xdsq46ael67lo**** |
| ServiceName |
string |
No |
The name of the endpoint service with which the endpoint is associated. |
com.aliyuncs.privatelink.cn-huhehaote.epsrv-hp3vpx8yqxblby3i**** |
| Zone |
array<object> |
No |
The endpoint zones. |
|
|
object |
No |
The zone ID in the current region. The system creates resources in the specified zone. |
||
| VSwitchId |
string |
No |
The ID of the vSwitch in the zone where you want to create an endpoint elastic network interface (ENI). You can configure up to 10 vSwitches. |
vsw-hp3uf6045ljdhd5zr**** |
| ZoneId |
string |
No |
The zone of the endpoint. You can specify up to 10 zones. |
cn-huhehaote-b |
| ip |
string |
No |
The IPv4 address of the ENI in the specified endpoint zone. |
192.168.XX.XX |
| Ipv6Address |
string |
No |
The IPv6 address of the ENI in the specified endpoint zone. Note
This parameter can be specified only when the AddressIpVersion parameter is set to DualStack. |
2408:4005:34d:****:a58b:62a3:6b55:**** |
| SecurityGroupId |
array |
No |
The security groups associated with the endpoint elastic network interface (ENI). |
sg-hp33bw6ynvm2yb0e**** |
|
string |
No |
The security group associated with the endpoint elastic network interface (ENI). The security group controls data communication between the VPC and the endpoint ENI. |
sg-bp1fg655nh68xyz9**** |
|
| ProtectedEnabled |
boolean |
No |
Specifies whether to enable managed protection. This parameter takes effect only for STS-based calls. Valid values:
|
false |
| RegionId |
string |
Yes |
The region ID of the endpoint. You can call DescribeRegions to query the most recent region list. |
cn-huhehaote |
| Tag |
array<object> |
No |
The tags. |
|
|
object |
No |
The tags. |
||
| Key |
string |
No |
The tag key. |
env |
| Value |
string |
No |
The tag value. |
prod |
| ResourceGroupId |
string |
No |
The resource group ID. |
rg-acfmy***** |
| PolicyDocument |
string |
No |
The RAM access policy. For more information about the policy definition, see Basic elements of a policy. |
{ "Version": "1", "Statement": [ { "Effect": "Allow", "Action": [ "oss:List*", "oss:PutObject", "oss:GetObject" ], "Resource": [ "acs:oss:oss-*:*:pvl-policy-test/policy-test.txt" ], "Principal": { "RAM": [ "acs:ram::14199xxxxxx:*" ] } } ] } |
| AddressIpVersion |
string |
No |
The protocol version. Valid values:
Note
To use dual-stack for the endpoint, the endpoint service connected to the endpoint and the VPC in which the endpoint resides must both support dual-stack. |
IPv4 |
| ZoneAffinityEnabled |
boolean |
No |
Specifies whether to enable zone affinity for the endpoint domain name of the connected service. Valid values:
|
false |
| ServiceRegionId |
string |
No |
The region ID of the endpoint service. The default value is the current region where you create an endpoint. |
cn-huhehaote |
| CrossRegionBandwidth |
integer |
No |
The cross-region bandwidth. This parameter is required only when the endpoint and the endpoint service are in different regions. Unit: Mbps. Valid values:
Note
Specify this parameter only when you create a cross-region endpoint. |
1000 |
Response elements
|
Element |
Type |
Description |
Example |
|
object |
|||
| EndpointDomain |
string |
The endpoint domain name. |
ep-hp33b2e43fays7s8****.epsrv-hp3xdsq46ael67lo****.cn-huhehaote.privatelink.aliyuncs.com |
| RequestId |
string |
The request ID. |
0ED8D006-F706-4D23-88ED-E11ED28DCAC0 |
| CreateTime |
string |
The time when the endpoint was created. |
2022-01-02T19:11:12Z |
| EndpointBusinessStatus |
string |
The business status of the endpoint. Valid values:
|
Normal |
| EndpointDescription |
string |
The description of the endpoint. |
This is my Endpoint. |
| ServiceId |
string |
The ID of the endpoint service with which the endpoint is associated. |
epsrv-hp3vpx8yqxblby3i**** |
| EndpointStatus |
string |
The endpoint status. Valid values:
|
Active |
| VpcId |
string |
The ID of the virtual private cloud (VPC) to which the endpoint belongs. |
vpc-hp356stwkxg3fn2xe**** |
| EndpointName |
string |
The name of the endpoint. |
test |
| ServiceName |
string |
The name of the endpoint service with which the endpoint is associated. |
com.aliyuncs.privatelink.cn-huhehaote.epsrv-hp3xdsq46ael67lo**** |
| Bandwidth |
integer |
The connection bandwidth of the endpoint. Unit: Mbps. |
200 |
| EndpointId |
string |
The endpoint ID. |
ep-hp33b2e43fays7s8**** |
| ConnectionStatus |
string |
The endpoint connection status. Valid values:
|
Disconnected |
| AddressIpVersion |
string |
The protocol version. Valid values:
|
IPv4 |
| ZoneAffinityEnabled |
boolean |
Indicates whether zone affinity is enabled for the endpoint domain name of the connected service. Valid values:
|
false |
| ServiceRegionId |
string |
The region ID of the endpoint service. |
cn-huhehaote |
| CrossRegionBandwidth |
integer |
The cross-region bandwidth of the endpoint. This parameter is returned only when the endpoint and the endpoint service are in different regions. Unit: Mbps. |
1000 |
Examples
Success response
JSON format
{
"EndpointDomain": "ep-hp33b2e43fays7s8****.epsrv-hp3xdsq46ael67lo****.cn-huhehaote.privatelink.aliyuncs.com",
"RequestId": "0ED8D006-F706-4D23-88ED-E11ED28DCAC0",
"CreateTime": "2022-01-02T19:11:12Z",
"EndpointBusinessStatus": "Normal",
"EndpointDescription": "This is my Endpoint.",
"ServiceId": "epsrv-hp3vpx8yqxblby3i****",
"EndpointStatus": "Active",
"VpcId": "vpc-hp356stwkxg3fn2xe****",
"EndpointName": "test",
"ServiceName": "com.aliyuncs.privatelink.cn-huhehaote.epsrv-hp3xdsq46ael67lo****",
"Bandwidth": 200,
"EndpointId": "ep-hp33b2e43fays7s8****",
"ConnectionStatus": "Disconnected",
"AddressIpVersion": "IPv4",
"ZoneAffinityEnabled": false,
"ServiceRegionId": "cn-huhehaote",
"CrossRegionBandwidth": 1000
}
Error codes
|
HTTP status code |
Error code |
Error message |
Description |
|---|---|---|---|
| 400 | EndpointExist | The specified Endpoint already exists. | The specified Endpoint already exists. |
| 400 | EndpointZoneDuplicated | The zone is duplicated for the Endpoint. | The zone is duplicated for the Endpoint. |
| 400 | EndpointServiceNotFound | The specified Service does not exist. | The specified Service does not exist. |
| 400 | EndpointServiceNotSupportedZone | The specified endpoint service does not support the zone. | The specified endpoint service does not support the zone. |
| 400 | VSwitchNotFound | The specified VSwitch does not exist. | |
| 400 | SecurityGroupNotFound | The specified security group does not exist. | The specified security group does not exist. |
| 400 | VpcTunnelNotFound | The specified VPC tunnel does not exist. | The specified VPC tunnel does not exist. |
| 400 | VpcNotFound | The specified VPC does not exist. | The specified VPC does not exist. |
| 400 | GenerateResourceIdFailed | Failed to generate ResourceId. | Failed to generate ResourceId. |
| 400 | QuotaMisMatched | The resource you applied for has exceeded the quota. | The resource you applied for has exceeded the quota. |
| 400 | EndpointMustContainSecurityGroup | The specified endpoint must have at least one security group. | The specified endpoint must have at least one security group. |
| 400 | EndpointDuplicated | The endpoint of the service already exists and cannot be created again. | |
| 400 | EndpointServiceDeleted | The specified Service is already deleted. | The specified Service is already deleted. |
| 400 | EndpointServiceResourceNotFound | The specified service resource is not found. | |
| 400 | SecurityGroupTypeNotSupport | The specified security group type is not supported. | |
| 400 | EniIpUnavailable | The specified IP address is unavailable. | The specified IP address is unavailable. |
| 400 | EndpointServiceNotAuthorized | The specified endpoint service is not authorized to user. | The specified endpoint service is not authorized to user. |
| 400 | SecurityGroupTypeOnlySingleTypeSupporteded | The specified security group only support one type. | |
| 400 | QuotaExceeded.IpQuotaPerEp | The quota of %s is exceeded, usage %s/%s. | |
| 400 | Mismatch.EndpointType | The %s is mismatched for %s and %s. | |
| 400 | IncorrectStatus.VpcEndpointService | The status of %s [%s] is incorrect. | |
| 400 | CheckServiceLinkRoleError | The ServiceLink role check error. | ServiceLinkRole check error |
| 400 | ResourceNotEnough.VSwitchIp | The specified resource of VSwitchIp is not enough. | The number of vSwitch IP addresses is insufficient. |
| 400 | VSwitchStatusNotAllowed | The specified vswitch status is not Available. | The status of the vSwitch is not available. |
| 400 | QuotaExceeded.epZonePerEndpoint | The quota of %s is exceeded, usage %s/%s. | The number of endpoints in a zone has reached the upper limit. |
| 400 | QuotaExceeded.totalEpPerVpc | The quota of %s is exceeded, usage %s/%s. | The number of VPC endpoints has reached the upper limit. |
| 400 | QuotaExceeded.totalIdleEndpoint | The quota of %s is exceeded, usage %s/%s. | The total number of idle endpoints has reached the upper limit. |
| 400 | OperationDenied.EndpointPolicyNotSupport | The operation is not allowed because of EndpointPolicyNotSupport. | |
| 400 | OperationDenied.PrivateDomainStatusNotSupport | The operation is not allowed because of %s. | |
| 400 | OperationDenied.PrivateDomainNotSupport | The operation is not allowed because of PrivateDomainNotSupport. | |
| 400 | DependencyViolation.PrivateDnsName | The specified resource of %s depends on %s, so the operation cannot be completed. | |
| 400 | GatewayLoadBalancerNotSupportSecurityGroup | The gateway load balancer not support security group. | The gateway load balancer type does not support setting a security group. |
| 400 | GatewayLoadBalancerZoneCountDeny | The GatewayLoadBalancer zone count not support | The number of available zones does not meet the limit and cannot be operated. |
| 400 | OperationDenied.EndpointTypeNotSupportDualstack | The specified endpoint type does not support dualstack, only the Interface and GatewayLoadBalancer types support dual stack. | The specified endpoint type does not support dualstack, only the Interface and GatewayLoadBalancer types support dual stack. |
| 400 | OperationDenied.EndpointServiceNotSupportDualstack | The specified endpoint service does not support dualstack. | The specified endpoint service does not support dualstack. |
| 400 | OperationDenied.VSwitchNotSupportDualstack | The specified VSwitch does not support dualstack. | The specified VSwitch does not support dualstack. |
| 400 | OperationDenied.AddressIpVersionNotSupportSpecifyIpv6 | The AddressIpVersion of the endpoint does not support specifying IPv6 address. | The AddressIpVersion of the endpoint does not support specifying an IPv6 address. |
| 400 | IllegalParam.Ip | The specified parameter IP is invalid. | The specified parameter IP is invalid. |
| 400 | IllegalParam.Ipv6Address | The specified parameter Ipv6Address is invalid. | The specified parameter Ipv6Address is invalid. |
| 400 | IllegalParam.AddressIpVersion | The specified parameter AddressIpVersion is invalid. | The specified parameter AddressIpVersion does not meet the requirements. |
| 400 | SpecifiedAlbNotSupport | The specified alb %s is not supported. | the specified alb instance is not supported. |
See Error Codes for a complete list.
Release notes
See Release Notes for a complete list.