Queries network access control lists (ACLs).
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
---|---|---|---|---|
NetworkAclId | String | Yes | nacl-a2do9e413e0spzasx**** | The ID of the network ACL. |
RegionId | String | Yes | cn-hangzhou | The region ID of the network ACL. You can call the DescribeRegions operation to query the most recent region list. |
ClientToken | String | No | 123e4567-e89b-12d3-a456-426655440000 | The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must make sure that it is unique among different requests. ClientToken can contain only ASCII characters. Note If you do not set this parameter, the system sets ClientToken to the value of RequestId. The value of RequestId for each API request may be different. |
Action | String | Yes | DescribeNetworkAclAttributes | The operation that you want to perform. Set the value to DescribeNetworkAclAttributes. |
Response parameters
Parameter | Type | Example | Description |
---|---|---|---|
RequestId | String | F5905F9C-0161-4E72-9CB1-1F3F3CF6268A | The ID of the request. |
NetworkAclAttribute | Object | The details about the network ACL. |
|
Status | String | Available | The status of the associated resource. Valid values:
|
VpcId | String | vpc-a2d33rfpl72k5defr**** | The ID of the virtual private cloud (VPC) with which the network ACL is associated. |
CreationTime | String | 2021-12-25 11:33:27 | The time when the network ACL was created. |
Description | String | This is my NetworkAcl. | The description of the network ACL. |
NetworkAclName | String | acl-1 | The name of the network ACL. |
NetworkAclId | String | nacl-a2do9e413e0spnhmj**** | The ID of the network ACL. |
OwnerId | Long | 253460731706911258 | The ID of the Alibaba Cloud account to which the network ACL belongs. |
RegionId | String | cn-hangzhou | The region ID of the network ACL. |
IngressAclEntries | Array of IngressAclEntry | The information about the inbound rules of the network ACL. |
|
IngressAclEntry | |||
NetworkAclEntryId | String | nae-a2dk86arlydmevfbg**** | The ID of the inbound rule. |
NetworkAclEntryName | String | acl-3 | The name of the inbound rule. |
Policy | String | accept | The action to be performed on network traffic that matches the rule. Valid values:
|
Description | String | This is IngressAclEntries. | The description of the inbound rule. |
SourceCidrIp | String | 10.0.0.0/24 | The source CIDR block. |
Protocol | String | all | The protocol. Valid values:
|
Port | String | -1/-1 | The destination port range of the inbound traffic.
|
EgressAclEntries | Array of EgressAclEntry | The information about the outbound rules of the network ACL. |
|
EgressAclEntry | |||
NetworkAclEntryId | String | nae-a2d447uw4tillxdcv**** | The ID of the outbound rule. |
NetworkAclEntryName | String | acl-2 | The name of the outbound rule. |
Policy | String | accept | The action to be performed on network traffic that matches the rule. Valid values:
|
Description | String | This is EgressAclEntries. | The description of the outbound rule. |
Protocol | String | all | The protocol. Valid values:
|
DestinationCidrIp | String | 10.0.0.0/24 | The destination CIDR block. |
Port | String | -1/-1 | The destination port range of the outbound traffic.
|
Resources | Array of Resource | The details about the resource that is associated with the network ACL. |
|
Resource | |||
Status | String | BINDED | The status of the associated resource. Valid values:
|
ResourceType | String | VSwitch | The type of resource with which you want to associate the network ACL. The value is set to VSwitch. |
ResourceId | String | vsw-bp1de348lntdwxscd**** | The ID of the associated resource. |
Tags | Array of Tag | The tag list. |
|
Tag | |||
Key | String | FinanceDept | The tag key. |
Value | String | FinanceJoshua | The tag value. |
Examples
Sample requests
http(s)://[Endpoint]/?NetworkAclId=nacl-a2do9e413e0spzasx****
&RegionId=cn-hangzhou
&ClientToken=123e4567-e89b-12d3-a456-426655440000
&Action=DescribeNetworkAclAttributes
&Common request parameters
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<DescribeNetworkAclAttributesResponse>
<RequestId>F5905F9C-0161-4E72-9CB1-1F3F3CF6268A</RequestId>
<NetworkAclAttribute>
<Status>Available</Status>
<VpcId>vpc-a2d33rfpl72k5defr****</VpcId>
<CreationTime>2021-12-25 11:33:27</CreationTime>
<Description>This is my NetworkAcl.</Description>
<NetworkAclName>acl-1</NetworkAclName>
<NetworkAclId>nacl-a2do9e413e0spnhmj****</NetworkAclId>
<OwnerId>253460731706911260</OwnerId>
<RegionId>cn-hangzhou</RegionId>
<IngressAclEntries>
<NetworkAclEntryId>nae-a2dk86arlydmevfbg****</NetworkAclEntryId>
<NetworkAclEntryName>acl-3</NetworkAclEntryName>
<Policy>accept</Policy>
<Description>This is IngressAclEntries.</Description>
<SourceCidrIp>10.0.0.0/24</SourceCidrIp>
<Protocol>all</Protocol>
<Port>-1/-1</Port>
</IngressAclEntries>
<EgressAclEntries>
<NetworkAclEntryId>nae-a2d447uw4tillxdcv****</NetworkAclEntryId>
<NetworkAclEntryName>acl-2</NetworkAclEntryName>
<Policy>accept</Policy>
<Description>This is EgressAclEntries.</Description>
<Protocol>all</Protocol>
<DestinationCidrIp>10.0.0.0/24</DestinationCidrIp>
<Port>-1/-1</Port>
</EgressAclEntries>
<Resources>
<Status>BINDED</Status>
<ResourceType>VSwitch</ResourceType>
<ResourceId>vsw-bp1de348lntdwxscd****</ResourceId>
</Resources>
<Tags>
<Key>FinanceDept</Key>
<Value>FinanceJoshua</Value>
</Tags>
</NetworkAclAttribute>
</DescribeNetworkAclAttributesResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"RequestId" : "F5905F9C-0161-4E72-9CB1-1F3F3CF6268A",
"NetworkAclAttribute" : {
"Status" : "Available",
"VpcId" : "vpc-a2d33rfpl72k5defr****",
"CreationTime" : "2021-12-25 11:33:27",
"Description" : "This is my NetworkAcl.",
"NetworkAclName" : "acl-1",
"NetworkAclId" : "nacl-a2do9e413e0spnhmj****",
"OwnerId" : 253460731706911260,
"RegionId" : "cn-hangzhou",
"IngressAclEntries" : [ {
"NetworkAclEntryId" : "nae-a2dk86arlydmevfbg****",
"NetworkAclEntryName" : "acl-3",
"Policy" : "accept",
"Description" : "This is IngressAclEntries.",
"SourceCidrIp" : "10.0.0.0/24",
"Protocol" : "all",
"Port" : "-1/-1"
} ],
"EgressAclEntries" : [ {
"NetworkAclEntryId" : "nae-a2d447uw4tillxdcv****",
"NetworkAclEntryName" : "acl-2",
"Policy" : "accept",
"Description" : "This is EgressAclEntries.",
"Protocol" : "all",
"DestinationCidrIp" : "10.0.0.0/24",
"Port" : "-1/-1"
} ],
"Resources" : [ {
"Status" : "BINDED",
"ResourceType" : "VSwitch",
"ResourceId" : "vsw-bp1de348lntdwxscd****"
} ],
"Tags" : [ {
"Key" : "FinanceDept",
"Value" : "FinanceJoshua"
} ]
}
}
Error codes
HttpCode | Error code | Error message | Description |
---|---|---|---|
400 | InvalidNetworkAcl.NotFound | The special Network Acl is not found. | The error message returned because the network ACL is not found. |
500 | InternalError | The request processing has failed due to some unknown error. | The error message returned because some unknown errors occurred. |
For a list of error codes, see Service error codes.