在訪問阿里雲服務時,阿里雲為每一個請求提供了一個唯一的標識符RequestId。通過RequestId,您可以在OpenAPI問題診斷或Action Trail中查看每一個請求的相關資訊。RequestId最常見的使用情境是當調用OpenAPI發生錯誤時,您可以在OpenAPI問題診斷平台上使用RequestId來診斷報錯的具體原因及相應的解決方案。本文將以常見的無許可權報錯為例,為您介紹在不同的使用情境中如何擷取RequestId。
說明
本文內容僅適用於OpenAPI 門戶提供的API。
擷取途徑
您可以通過以下途徑擷取RequestId。如果請求發生報錯,您可以通過RequestId在OpenAPI問題診斷平台上擷取解決方案。此外,對於無許可權報錯,您還可以從報錯資訊中的AccessDeniedDetail擷取具體的無許可權操作(AuthAction)以及相關的加密診斷方案(EncodedDiagnosticMessage)。
通過官網控制台的F12開發人員工具
在官網控制台進行操作時,您可以通過在瀏覽器的F12開發人員工具中篩選“api.json?”來查看請求資訊的RequestId。
例如,RAM 子使用者因許可權不足觸發 Forbidden.RAM 錯誤時,控制台會彈出 Access Denied 對話方塊,其中包含 Error Code、Request ID、Action 和 Identity Principal Type 等欄位。在網路面板中篩選 api.json?action=ModifySecurityGroupAttribute 請求,可在 JSON 響應中查看對應的 requestId 以及 accessDeniedDetail 中的錯誤詳情(包含 AuthAction、AuthPrincipalType、NoPermissionType、PolicyType 等欄位)。
通過API門戶的調試結果
在OpenAPI 門戶調試時,可以在調用結果中查看請求的RequestId。
調用結果的 JSON 響應中還包含以下關鍵字段:
HostId:服務地址
Code:錯誤碼,例如
Forbidden.RAM表示 RAM 使用者無權操作指定資源Message:錯誤資訊
Recommend:診斷資訊連結,可用於排查問題
AccessDeniedDetail:許可權拒絕詳情,包含策略類型等資訊
通過SDK
在使用阿里雲SDK時,通常可以從API返回結果中擷取RequestId。如果發生報錯,可以通過捕獲相應的異常類型來擷取錯誤資訊。
try {
ModifySecurityGroupAttributeRequest modifySecurityGroupAttributeRequest = new ModifySecurityGroupAttributeRequest()
.setRegionId("cn-chengdu")
.setSecurityGroupId("sg-2xxx")
.setDescription("only test");
ModifySecurityGroupAttributeResponse response = client.modifySecurityGroupAttributeWithOptions(modifySecurityGroupAttributeRequest, runtimeOptions);
System.out.println(new Gson().toJson(response));
} catch (Exception e) {
if (e instanceof TeaException) {
TeaException teaException = (TeaException) e;
System.err.println("Error Code: " + teaException.getCode());
System.err.println("Error Message: " + teaException.getMessage());
System.err.println("Error Data: " + teaException.getData());
throw new RuntimeException("API call failed", teaException);
}
}
} else {
//
System.err.println("Unexpected error occurred: " + e.getMessage());
throw new RuntimeException("Unexpected error", e);
}
}
}
```
錯誤輸出中的 RequestId 可用於排查定位問題。
```text
Error Code: Forbidden.RAM
Error Message: code: 403, User not authorized to operate on the specified resource, or this API doesn't support RAM. request id: EB2D2E3C-DE2D-5ABD-8F40-7FA3E6D31AF4
Error Data: {RequestId=EB2D2E3C-DE2D-5ABD-8F40-7FA3E6D31AF4, HostId=ecs-cn-hangzhou.aliyuncs.com, Code=Forbidden.RAM, Message=User not authorized to operate on the specified resource, or this API doesn't support RAM., Recommend=https://api.aliyun.com/troubleshoot?q=Forbidden.RAM&product=Ecs&requestId=EB2D2E3C-DE2D-5ABD-8F40-7FA3E6D31AF4, AccessDeniedDetail={PolicyType=ResourceGroupLevelIdentityBasedPolicy, AuthPrincipalOwnerId=1xxx6, EncodedDiagnosticMessage=AQIBIAAAAH13IrZA790Zkpi90wMZV/djLrVZYZ095+ad/t9KTHUamUspajhw3fLk2bPC33jhm9N7YhLxJBLwB4TzYmXq/afb6N916JVS3yCOw+TECTGjZr4QglIZsFA+h+ReEbwG+LpVFh12zZJrS8kkCW+8VNSLM1cfBKkNon9hAUyA5WK3ONRSCPFoDPplynjQ3qsYUTdtXHgsAxIEOZa6xCr+e56B0wmhm3x3ZjcRznY1D8u0Yfwn0cPf1oLFC4F1A1B2UeJBxzhn2t7s8NTAYcNBZp03zLu8VuL6gkAwJyZSEabaXs1bhidwZDrTc/JkToX/0AhHh0b8j/qqTZ6K9KtcZ7PJT0bESMPjXxezm4fr0CvozoHb9zAcyZkoRg1XkJfV9bcxvoWPaRcOdbyQSHMbRV089VUY4h8Cb5L8IblQt8TKREwrJJijrF80HfFiAfYORLQWCptgA/LeTZJisebTTNNcwmhdOy23NhFFWORjL9t4uhygqRWZqgwLb7FZMenr9PiTP4xVYcYELs/fsHKAbnIcn+XAKjaucIxqFucbmMLi1fuaeYJa0YY7FyAuxyuiCRwFHMtCRj191R1R2FSin3OXfsPd0K1u30m1Zi10XTaOmn69mScRe/NYGw5WW+pC/y7itJyLztHZp+S2o9kTEH6e1kNSV4FwsSwf4/+SKWa}}通過CLI
在使用阿里雲CLI時,您可以在CLI的輸出結果中查看請求的 RequestId。
shell@Alicloud:~$ aliyun ecs ModifySecurityGroupAttribute --region cn-chengdu --RegionId 'cn-chengdu' --SecurityGroupId 'sg-2xxx' xxx 'k' --De
scription 'test sg'
ERROR: SDK.ServerError
ErrorCode: Forbidden.RAM
Recommend: https://api.aliyun.com/troubleshoot?q=Forbidden.RAM&product=Ecs&requestId=9F1F4997-A1E7-5B35-A5B7-7D668F4F4A51
RequestId: 9F1F4997-A1E7-5B35-A5B7-7D668F4F4A51
Message: User not authorized to operate on the specified resource, or this API doesn't support RAM.
RespHeaders: map[Access-Control-Allow-Origin:[*] Access-Control-Expose-Headers:[*] Connection:[keep-alive] Content-Length:[1898] Content-Type:[applica
tion/json;charset=utf-8] Date:[Mon, 22 Sep 2025 06:09:05 GMT] Keep-Alive:[timeout=25] Vary:[Accept-Encoding] X-Acs-Request-Id:[9F1F4997-A1E7-5B35-A5B7
-7D668F4F4A51] X-Acs-Trace-Id:[06140130ef99e54579652c9ced2e0a79]]
AccessDeniedDetail: map[AuthAction:ecs:ModifySecurityGroupAttribute AuthPrincipalDisplayName:2xxx 4 AuthPrincipalOwnerId:14xxx 6
AuthPrincipalType:SubUser EncodedDiagnosticMessage:AQIBIAAAAHuT4vB154DXED4KADE6tXWFYoyd8scM82aU3wC8JzzunFbX8kwIN/xENJ1WATBDNUtY78L36rFULZW8rdyVWUFz
bCH7x5h2xWFfHyDPKCdt2ZHzedv7omxldyK4Km22h0MbxxlWXee5VCd3nbBSB53GWs/DQ8R20fUcTs7nBQ6qq/LC/0PMtqwPnuQFr1s92ZrwXX6LoooqJtq7V5BsIgnUItjqqc6x4m6xZLr9PHEVDnN
RfLOWKPNq+tUEDgsamChTuvV/JZqwxsszCt7KShc9igo0UNfdH3mhO6Fr9w9ohG0YNcpjyiUJeWvNkOmHrXPznbSFmCqNLDeOtGevBy8iMyha/gRG8G9HBHc6pRJBhI1i9qq4tSR6R2DkWZBG7MhPLGfey6
dbEyRlMhvrpT1HODx+3JMJY0gyQ6li9XtKuttioWKkXV4LVANK6sx0U5I1BJUOJCFaPstPOxBk8x8zUEdAQxkgpQ1M9zrw/HAZlaIzwp/r969SryaKEwSkUsVUbcMyr8Y23ertzD16I185p998eOSLM
Y4q1Lnc9d5zxuuRh12eHWZSGNczpAGRY7qpYAYuPnWQ0/Mi0HfBbb5+pf1obhd5hml5TShcDbhMhy2j/GtoBoh/9KPpv57rk7baub0C/FRRs/CeKUciG0KtBTO1oTx6YHiv/vTOuSbBzAzh+Njrg+HoPS
c1iE9jgymUB4YGr7QoMay0BBD8CkPIvj7j3xNLeNlKNKNlAnxGtB4KXlA2OZqxolWXlavWPmVDzYP80Ux8R+uPbBhG+oZhJblWQ62igP8bkBtt83ifGSPtVQq5D7/U4w1DHjBAKS3YOPsvGtJBUbNNs
jSZUALRBeLe+0SQIud/mTPXIMkP6DiPa6nIObsWi0c8Na3nTVsYcsWpMtsXiX4SXmmtVGo9Xh3ti/+v/Aou6X9FuG+J67D/sD73D1ifAoDx2yWdA5W1/7BqCtWr1l01lJs5W51gyNd36SCnwLQHfmht
NLiaZOv4U7VUB1G31mR0fMVVC29VQ6Yq/QjtSZI3HQwILWlrzSE+4ShbqdJrOT2ifDma4CJWmj274NsaxzCpTc/nlExiWhn1nHMJVQ7OtssRCsrEcxyaknzqMZBLWDdOWJ1j9JWJ+HtaKZXPjLU+03
GJ5JZ4o97YutOwBtPi4Q9A4b0v+nCahKPLbOHLtGSeJOVnxFk1PIQGK/h6a6dabJPF8XXwNww9hJsgcK2+huCjsB1NcDq7/uI= NoPermissionType:ImplicitDeny PolicyType:ResourceG
roupLevelIdentityBasedPolicy]
shell@Alicloud:~$通過Terraform
由於Terraform涉及對多個資源的編排,因此在Terraform執行成功時,系統不會直接輸出請求的RequestId。若在Terraform執行過程中出現報錯,系統將會輸出相關的報錯資訊,您可以在這些報錯資訊中尋找RequestId。
Error: [ERROR] terraform-provider-alicloud/alicloud/resource_alicloud_security_group_rule.go:209:
SDK.ServerError
ErrorCode: Forbidden.RAM
Recommend: https://api.aliyun.com/troubleshoot?q=Forbidden.RAM&product=Ecs&requestId=F7A01BD7-5771-544D-A80F-CD290806BBFA
RequestId: F7A01BD7-5771-544D-A80F-CD290806BBFA
Message: User not authorized to operate on the specified resource, or this API doesn't support RAM.
RespHeaders: map[Access-Control-Allow-Origin:[*] Access-Control-Expose-Headers:[*] Connection:[keep-alive] Content-Type:[application/json;charset=utf-8] Date:[Mon, 22 Sep 2025 06:28:49 GMT] Keep-Alive:[timeout=25] Vary:[Accept-Encoding Accept-Encoding] X-Acs-Request-Id:[F7A01BD7-5771-544D-A80F-CD290806BBFA] X-Acs-Trace-Id:[56259f4ddd3121273aedd3539554b295]]
AccessDeniedDetail: map[AuthAction:ecs:DescribeSecurityGroupAttribute AuthPrincipalDisplayName:2 ]44 AuthPrincipalOwnerId:1 1
6 AuthPrincipalType:SubUser EncodedDiagnosticMessage:AQIBIAAAAMAMz25m9UV+V73fYm+VwVpWAWalMx3dMLYLsDdvHje27uM8nS3Cfm+foIiXEIK+O0WPs41Aaw6QjwBXBjhN7c+N1A
g2FtPaTVWqa8gcqjDQUMO2nzu2orWnfdi12kFfrOZTOQQ1HU97svdvaB+dqur96J8MycNt5UBfp2Afq2H2loKzgNKftodLq6Bcpvxpax76L2MwQD2WpInUU/7i2DfrsI29NehSsDorBmnB+/z9Vjx
l19FZ2yUYQmj/Mbzdsn8aOxkeNwggYEJHnwEgNc9ZcklkEONxzthR/g/plHkRwCjWFjTpUm4i09ss/hMcQW4Z7OiubloCS93JtdP1A1IMTwSD7z5/hjWRHVa1Ud00hI73Sg+iZEb0gaf970xSQ
k+Bdzu7+RXMsP0LYd9VDjmShlTT5Mw65yGPeYKFLA/iweIaeMiBf4LoVorY+3RYZglqW2qEcHVdhb8tLDMMp0/7KRiLAOpKyYb4tCyVUaOC9E14Xda0UxJNBGVKJFCZwaHK9q2p0Yu6MrJkDB2g3kx
mt54nm9e5W1gnm/Ub4tqeOCrte6JOWkFNQyW8tscoxon/aeYBB1pxsf+Mj1Ah2gNQ2/7DjOeZvR8IgNIN9gj5asSy1XxyevVjcS+EJYdX8OWeuIq93kPItw/+u9CGIJVNcl1vMJaBIrJ1fqf+/z0QN
Z5Ivd5gr4VwUGk7bghwkzNCArirvMfsgGrSa7UHRtjooNdwteFAuxH92UPpiaqhx0/uf3n3Hn3AKLQWsnRZtBsapDv4KQP0Qe/r0WXWAgz2/4dBckU5LItHaOEjB8qFmfH8xoHh7infBnfe7injUafTkT
X1wfv1g+0PTTEmpb8xNAd7rY2LTZ/mzAxUOWKmst6KmgXyAMLBrkyw2q+FkmnTBnCf3P9G6l7yfj2jI/OSUULdIC1RkdVocxALi1IHXOEP8IA41L2nV+IWBh38OOzXXP2E7y7+sT9miDxiwrbatbrL
UGkTCMcNAtBD84Xg7QKuzi7Kxev9uuOq36DLOSObzbfMzurts2Kxivq3syaIVVxVaI1gSz2OhEiov3qC5MWOhAWqHdzJVVwJX3zeYwp54XH5IGBnjDi3Fqi1DcD7hw/Ga/5JsSUrLC8hcOu3ahdPvfq
66TTX+k07FgWKTyScGf1ybj2XZnTus9dwcWbKYK3muAxb5vQnYGoP6LLMj5biUZToDKd8yVsZDRguiSurCD/ONULjA511JdM3Z4= NoPermissionType:ImplicitDeny PolicyType:Resource
eGroupLevelIdentityBasedPolicy]其他
例如使用V3簽名調用API時報錯。
使用 V3 簽名調用 ECS ModifySecurityGroupAttribute 介面的 Java 範例程式碼:
private static final String ALGORITHM = "ACS3-HMAC-SHA256";
public static void main(String[] args) {
String httpMethod = "POST";
String canonicalUri = "/";
String host = "ecs.cn-chengdu.aliyuncs.com";
String xAcsAction = "ModifySecurityGroupAttribute";
String xAcsVersion = "2014-05-26";
SignatureRequest signatureRequest = new SignatureRequest(httpMethod, canonicalUri, host, xAcsAction, xAcsVersion);
signatureRequest.queryParam.put("SecurityGroupId", "sg-2vxxx");
signatureRequest.queryParam.put("Description", "test sg");
signatureRequest.queryParam.put("RegionId", "cn-chengdu");
}調用返回 Forbidden.RAM 錯誤,可通過 RequestId E172420D-62F4-5B54-879B-6926F779ED38 排查問題,控制台完整輸出:
authorization========>ACS3-HMAC-SHA256 Credential=LTAxxx ,SignedHeaders=host;x-acs-action;x-acs-content-sha256;x-acs-date;x-acs-signature-nonce;x-acs-version,Signature=fd3ba03422d195df95992f351cbe8bdc73de34cee61c6d94e1cf720406cfdbe4
V3 signature invoke result:
{"RequestId":"E172420D-62F4-5B54-879B-6926F779ED38","HostId":"ecs.cn-chengdu.aliyuncs.com","Code":"Forbidden.RAM","Message":"User not authorized to operate on the specified resource, or this API doesn't support RAM.","Recommend":"https://api.aliyun.com/troubleshoot?q=Forbidden.RAM&product=Ecs&requestId=E172420D-62F4-5B54-879B-6926F779ED38","AccessDeniedDetail":{"PolicyType":"ResourceGroupLevelIdentityBasedPolicy","AuthPrincipalOwnerId":"1xxx","EncodedDiagnosticMessage":"AQBIAAAAAQBSngosi X6fJmgifT84XorhK4BRg2Sou2s7OrXC9gig3UsY8fkC1px/q5sZZaE8SQv+FJtVx+ltT8dX11y2rIqnsfTIQtXqtCN3oFWFzs2TVg64/YnzemB0e/r4zyRuGT98DajQhDtfv2J/ua9WmgLpdv90n5OA4hctr/zabwYW1VokhLwLWfCvmYm6Q/A2/9hXf9EVSxqASL09qyAdafRBw6WTWOYh6o0+sJK6Cd17eXYJUEwKRtdXY8he0nXCO0SKzgghrhm/Qc58JqryqdgZ66RXqRKDK3oippMDc+4bQzkUEsOw1QPjmDGEsTWUC9eHtkRSgcMtVotMUzjViB30I2M5x5bRANHRHKCAzn0gA2vxMo9y+Dvyc8o6GdRo2x51kzZh/0Ij2Vio9KtbSUr2qpFyo4Fi+5Z/pLGPen9ucKAVBTKb5FS1znrbiuFsoK5izdz27SwRTjngwO/WmOdficf0OtRkVfEmrERkZX4k20WYeL0Ze62L+yD35c0y6Uof4pUb4+hMw870k3f3OZq4ffAT3eQW7G6qRxrKNzd9mBWUU/wESttsX2/FI//A1FP/FV40dvmvKJnUH/gNwxPTbiz5tzhMHM0LM0iq3V1xM9U/N/6ifZMfN11e8
+k3JZkg0ij9yraOgy3kR2RBNQbRewV7euGsWk8G3KCCKEhBgo6GkadmFf7tLA5vUkfBUnxaU0ZwWb3oy19KssITAtdwVbJ7VajFn9dN8zirz TfFYXx58jgu93tW0196EeKhG9epxtE6PdkTVtXLJQSQoNMYKbS4oMvtI9D/6IkoNABkfQ6jGT89EnPzsdYWpomamsSVLy3tkIU29AIMuc1bMTKAwtfrcyweIK0mcu6GUVqd+JANGe2OV7v3rMLvaQ2Oi6+5avOF7ddnLg82iNSwtyyriXPO0djRdSAEs6o0PUtSc/8tU0WHEsfLxZM4+6CNABN9O6GpPeo5/7m6ft75FS+XRgAqdPxJvAm9QO8mnIwCRymTqGO5Sdnx1hg6vOuDf1wvxDQ2T2HqU4RPB4mdyWTRLQrJhrBhVxN2UkhS3MFqvIczKx+t4gZQ7o7xYaWe365DaeI6I+5mdmvYRvaD+HXixY+wDbUHLJ9MEHBOprfmBD76K+9WgPELYDtjmt3dGV4jaXuLmTX0e+9/LUBBvIqu84MPUA+FZlR4fXsRXxbtA+c9WDFJ3MkOZcTORU9ZkokpksF6h2e1AjXXLNDA1pNQrkfvHdvVHwgc=","AuthPrincipalType":"SubUser","AuthPrincipalDisplayName":"2xxx4","NoPermissionType":"ImplicitDeny","AuthAction":"ecs:ModifySecurityGroupAttribute"}}通過RequestId查詢請求資訊
OpenAPI問題診斷
頁面輸入RequestId,您可以查詢該請求的調用鏈、基本資料、認證資訊以及請求的相應內容。在請求發生報錯的情況下,您還可以通過診斷方案擷取相應的解決方案。
說明
針對因無RAM許可權導致的請求被拒絕訪問的情況,您還可以從報錯資訊中擷取參數EncodedDiagnosticMessage,並調用DecodeDiagnosticMessage介面解碼無許可權診斷資訊。
以 RAM 許可權不足錯誤為例,診斷方案頁簽顯示 ErrorCode(如 Forbidden.RAM)、ErrorMessage、許可權診斷結果(包括操作身份、授權操作及推薦的系統策略),日誌資訊頁簽展示從調用方 IP 經 UserAgent、Endpoint 到目標雲產品的調用鏈可視化分析及 HTTP StatusCode。
Action Trail
您可以通過調用LookupEvents並傳入RequestId來查詢事件的詳細資料。當調用該API時,您只需在LookupAttribute中傳入以下值:
參數 | 說明 |
Key | 固定為EventId。 |
Value | 填入實際的RequestId。 |
在阿里雲 API Workbench 中調用該介面,服務地址選擇目標地區(如 西南1(成都))。調用成功後(狀態代碼 200),返回的 JSON 響應體 Events 數組包含事件詳情,其中 responseElements 的 AccessDeniedDetail 欄位包含 PolicyType、AuthPrincipalOwnerId 及 EncodedDiagnosticMessage 等診斷資訊,可用於排查許可權拒絕原因。