Queries network access control lists (ACLs).
Debugging
Request parameters
Parameter | Type | Required | Example | Description |
NetworkAclId | String | No | nacl-bp1lhl0taikrbgnh**** | The ID of the network ACL. |
NetworkAclName | String | No | acl-1 | The name of the network ACL. The name must be 1 to 128 characters in length and cannot start with |
VpcId | String | No | vpc-m5ebpc2xh64mqm27e**** | The ID of the virtual private cloud (VPC) to which the network ACL belongs. |
ResourceType | String | No | VSwitch | The type of the associated instance. Set the value to VSwitch. This parameter is valid only if ResourceType and ResourceId are both set. |
ResourceId | String | No | vsw-bp1de348lntdwnhbg**** | The ID of the associated instance. |
PageNumber | Integer | No | 1 | The number of the page to return. Default value: 1. |
PageSize | Integer | No | 10 | The number of entries per page. Maximum value: 50. Default value: 10. |
RegionId | String | Yes | cn-hangzhou | The region ID of the network ACL. You can call the DescribeRegions operation to query the most recent region list. |
Tags.N.Key | String | No | FinanceDept | The key of tag N to add to the resource. You can specify at most 20 tag keys. The tag key cannot be an empty string. The tag key can be at most 128 characters in length. It cannot start with |
Tags.N.Value | String | No | FinanceJoshua | The value of tag N to add to the resource. You can specify at most 20 tag values. The tag value can be an empty string. The tag value can be up to 128 characters in length, and cannot contain |
ClientToken | String | No | 123e4567-e89b-12d3-a456-426655440000 | The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters. Note If you do not specify this parameter, the system automatically uses the request ID as the client token. The request ID may be different for each request. |
Action | String | Yes | DescribeNetworkAcls | The operation that you want to perform. Set the value to DescribeNetworkAcls. |
Response parameters
Parameter | Type | Example | Description |
PageSize | String | 10 | The number of entries per page. |
RequestId | String | F7DDDC17-FA06-4AC2-8F35-59D2470FCFC1 | The request ID. |
PageNumber | String | 1 | The number of the returned page. |
TotalCount | String | 2 | The total number of entries returned. |
NetworkAcls | Array of NetworkAcl | The details about the network ACL. |
|
NetworkAcl | |||
Status | String | Available | The status of the network ACL. Valid values:
|
VpcId | String | vpc-m5ebpc2xh64mqm27e**** | The ID of the associated VPC. |
CreationTime | String | 2021-12-25 11:44:17 | The time when the network ACL was created. |
Description | String | This is my NetworkAcl. | The description of the network ACL. |
NetworkAclName | String | acl-1 | The name of the network ACL. |
NetworkAclId | String | nacl-a2do9e413e0spxscd**** | The ID of the network ACL. |
OwnerId | Long | 253460731706911258 | The ID of the Alibaba Cloud account to which the network ACL belongs. |
RegionId | String | cn-hangzhou | The region ID of the network ACL. |
IngressAclEntries | Array of IngressAclEntry | The inbound rules. |
|
IngressAclEntry | |||
NetworkAclEntryId | String | nae-a2dk86arlydmezasw**** | The ID of the inbound rule. |
NetworkAclEntryName | String | acl-3 | The name of the inbound rule. |
Policy | String | accept | The action to be performed on network traffic that matches the rule. Valid values:
|
Description | String | This is IngressAclEntries. | The description of the inbound rule. |
SourceCidrIp | String | 10.0.0.0/24 | The source CIDR block. |
Protocol | String | all | The protocol. Valid values:
|
Port | String | -1/-1 | The destination port range of the inbound traffic.
|
EgressAclEntries | Array of EgressAclEntry | The outbound rules. |
|
EgressAclEntry | |||
NetworkAclEntryId | String | nae-a2d447uw4tillfvgb**** | The ID of the outbound rule. |
NetworkAclEntryName | String | acl-2 | The name of the outbound rule. |
Policy | String | accept | The action to be performed on network traffic that matches the rule. Valid values:
|
Description | String | This is EgressAclEntries. | The description of the outbound rule. |
Protocol | String | all | The protocol. Valid values:
|
DestinationCidrIp | String | 10.0.0.0/24 | The destination CIDR block. |
Port | String | -1/-1 | The destination port range of the outbound traffic.
|
Resources | Array of Resource | The resources that are associated with the network ACL. |
|
Resource | |||
Status | String | BINDED | The association status of the resource. Valid values:
|
ResourceType | String | VSwitch | The type of the associated resource. |
ResourceId | String | vsw-bp1de348lntdwcdf**** | The ID of the associated resource. |
Tags | Array of Tag | The tag list. |
|
Tag | |||
Key | String | FinanceDept | The key of tag N. |
Value | String | FinanceJoshua | The value of tag N. |
Examples
Sample requests
http(s)://[Endpoint]/?NetworkAclId=nacl-bp1lhl0taikrbgnh****
&NetworkAclName=acl-1
&VpcId=vpc-m5ebpc2xh64mqm27e****
&ResourceType=VSwitch
&ResourceId=vsw-bp1de348lntdwnhbg****
&PageNumber=1
&PageSize=10
&RegionId=cn-hangzhou
&Tags=[{"Key":"FinanceDept","Value":"FinanceJoshua"}]
&ClientToken=123e4567-e89b-12d3-a456-426655440000
&Action=DescribeNetworkAcls
&Common request parameters
Sample success responses
XML
format
HTTP/1.1 200 OK
Content-Type:application/xml
<DescribeNetworkAclsResponse>
<PageSize>10</PageSize>
<RequestId>F7DDDC17-FA06-4AC2-8F35-59D2470FCFC1</RequestId>
<PageNumber>1</PageNumber>
<TotalCount>2</TotalCount>
<NetworkAcls>
<Status>Available</Status>
<VpcId>vpc-m5ebpc2xh64mqm27e****</VpcId>
<CreationTime>2021-12-25 11:44:17</CreationTime>
<Description>This is my NetworkAcl.</Description>
<NetworkAclName>acl-1</NetworkAclName>
<NetworkAclId>nacl-a2do9e413e0spxscd****</NetworkAclId>
<OwnerId>253460731706911260</OwnerId>
<RegionId>cn-hangzhou</RegionId>
<IngressAclEntries>
<NetworkAclEntryId>nae-a2dk86arlydmezasw****</NetworkAclEntryId>
<NetworkAclEntryName>acl-3 </NetworkAclEntryName>
<Policy>accept</Policy>
<Description>This is IngressAclEntries.</Description>
<SourceCidrIp>10.0.0.0/24 </SourceCidrIp>
<Protocol>all</Protocol>
<Port>-1/-1 </Port>
</IngressAclEntries>
<EgressAclEntries>
<NetworkAclEntryId>nae-a2d447uw4tillfvgb****</NetworkAclEntryId>
<NetworkAclEntryName>acl-2 </NetworkAclEntryName>
<Policy>accept</Policy>
<Description>This is EgressAclEntries.</Description>
<Protocol>all</Protocol>
<DestinationCidrIp>10.0.0.0/24 </DestinationCidrIp>
<Port>-1/-1 </Port>
</EgressAclEntries>
<Resources>
<Status>BINDED</Status>
<ResourceType>VSwitch</ResourceType>
<ResourceId>vsw-bp1de348lntdwcdf****</ResourceId>
</Resources>
<Tags>
<Key>FinanceDept</Key>
<Value>FinanceJoshua</Value>
</Tags>
</NetworkAcls>
</DescribeNetworkAclsResponse>
JSON
format
HTTP/1.1 200 OK
Content-Type:application/json
{
"PageSize" : "10",
"RequestId" : "F7DDDC17-FA06-4AC2-8F35-59D2470FCFC1",
"PageNumber" : "1",
"TotalCount" : "2",
"NetworkAcls" : [ {
"Status" : "Available",
"VpcId" : "vpc-m5ebpc2xh64mqm27e****",
"CreationTime" : "2021-12-25 11:44:17",
"Description" : "This is my NetworkAcl.",
"NetworkAclName" : "acl-1",
"NetworkAclId" : "nacl-a2do9e413e0spxscd****",
"OwnerId" : 253460731706911260,
"RegionId" : "cn-hangzhou",
"IngressAclEntries" : [ {
"NetworkAclEntryId" : "nae-a2dk86arlydmezasw****",
"NetworkAclEntryName" : "acl-3\t",
"Policy" : "accept",
"Description" : "This is IngressAclEntries.",
"SourceCidrIp" : "10.0.0.0/24\t",
"Protocol" : "all",
"Port" : "-1/-1\t"
} ],
"EgressAclEntries" : [ {
"NetworkAclEntryId" : "nae-a2d447uw4tillfvgb****",
"NetworkAclEntryName" : "acl-2\t",
"Policy" : "accept",
"Description" : "This is EgressAclEntries.",
"Protocol" : "all",
"DestinationCidrIp" : "10.0.0.0/24\t",
"Port" : "-1/-1\t"
} ],
"Resources" : [ {
"Status" : "BINDED",
"ResourceType" : "VSwitch",
"ResourceId" : "vsw-bp1de348lntdwcdf****"
} ],
"Tags" : [ {
"Key" : "FinanceDept",
"Value" : "FinanceJoshua"
} ]
} ]
}
Error codes
HttpCode | Error code | Error message | Description |
500 | InternalError | The request processing has failed due to some unknown error. | The error message returned because some unknown errors occurred. |
For a list of error codes, see Service error codes.