All Products
Search

This Product

    Cloud Firewall:CreateTrFirewallV2RoutePolicy

    Document Center

    Cloud Firewall:CreateTrFirewallV2RoutePolicy

    Last Updated:Dec 16, 2025

    Creates a routing rule for a VPC firewall for a transit router.

    Try it now

    Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

    Test

    RAM authorization

    No authorization for this operation. If you encounter issues with this operation, contact technical support.

    Request parameters

    Parameter

    Type

    Required

    Description

    Example
    Lang

    string

    No

    The language of the response. Valid values:

    • zh (default): Chinese

    • en: English

    zh
    PolicyType

    string

    No

    The traffic redirection scenario of the Enterprise Edition transit router. Valid values:

    • fullmesh: full-mesh

    • one_to_one: point-to-point

    • end_to_end: point-to-multipoint

    fullmesh
    PolicyName

    string

    No

    The name of the routing policy.

    新加坡点到多点
    PolicyDescription

    string

    No

    The description of the routing policy.

    新加坡点到多点
    FirewallId

    string

    No

    The ID of the VPC firewall instance.

    vfw-tr-f8ce36689b224f77****
    SrcCandidateList

    array<object>

    No

    The list of source network instances.

    object

    No

    The network instance.

    CandidateId

    string

    No

    The ID of the network instance.

    vpc-2ze9epancaw8t4sha****
    CandidateType

    string

    No

    The type of the network instance.

    VPC
    DestCandidateList

    array<object>

    No

    The list of destination network instances.

    object

    No

    The destination network instance.

    CandidateId

    string

    No

    The ID of the network instance.

    vpc-2ze9epancaw8t4sha****
    CandidateType

    string

    No

    The type of the network instance.

    VPC

    Response elements

    Element

    Type

    Description

    Example

    object

    TrFirewallRoutePolicyId

    string

    The ID of the routing policy for the VPC firewall.

    policy-8ebed27e13e14ce2****
    RequestId

    string

    The ID of the request.

    C91D68BA-A0BE-51BF-A0F1-1CB5C57FE58D

    Examples

    Success response

    JSON format

    {
  "TrFirewallRoutePolicyId": "policy-8ebed27e13e14ce2****",
  "RequestId": "C91D68BA-A0BE-51BF-A0F1-1CB5C57FE58D"
}

    Error codes

    HTTP status code

    Error code

    Error message

    Description
    200 ErrorDBUpdateError A database update error occurred. A database update error occurred.
    400 ErrorAliUid Aliuid invalid. The aliuid is invalid.
    400 ErrorParameters Error Parameters The parameter is invalid.
    400 ErrorAuthentication authentication error The authentication failed.
    400 ErrorDBNoRow No rows in database. No data found.
    400 ErrorDBSelectError A database select error occurred. The error message returned because an internal error has occurred in querying the database.
    400 ErrorPolicySrcAndDestConflict Policy has same destination candidate as source candidtes. The main drainage instance conflicts with the sub-drainage instance in the drainage template.
    400 ErrorUserCredentials User credentials failed. Unauthorized, not accessible, please first authorize firewall permissions.
    400 ErrorTrFirewallEndToEndTrToAll Parameter error, point-to-multipoint scenario, TR instance does not support configuration ALL. Parameter error. In point-to-multipoint scenarios, the TR instance does not support ALL configuration.
    400 ErrorDBInsertError A database insert error occurred. An error occurred while performing an insert operation in the database.
    400 ErrorCandidateNoRouteTable Please attach candidate with transit router before create routing template. Before creating a drainage template, bind the drainage instance to a routing table of a forwarding router.
    400 ErrorTrFirewallRouteMapConflict Cen TR firewall route table has route map conflict. The CEN routing table and the cloud firewall have routing policy conflicts.
    400 ErrorTrFirewallCenManegedRouteMapConflict Cen TR firewall route table has cen managed route map conflict. if a routing policy of the old version of cen enterprise edition with a priority of 5000 exists, contact after-sales service to update the routing policy.
    400 ErrorCandidateHasStaticRoute Tr firewall don't support candidate which associated with transit router route table contains custom route. Please retry after deleted the route. There are custom routes in the routing table of the forwarding router bound to the drainage instance. Cloud Firewall does not support this type of drainage instance. Delete the corresponding route and try again.
    400 ErrorFirewallUpdating Can not modify firewall, firewall is updating. Please check if there is a routing policy updating. The firewall cannot be operated. The firewall is in an updated state. Please check whether any drainage templates are being created, deleted, updated, opened or closed.
    400 ErrorDuplicateTrFwPolicyName Duplicate firewall policy Name. Duplicate drainage scene name.
    400 ErrorCandidateAlreadyInToALlPolicy Candidate already in to aLl policy. a drainage instance already exists in a drainage template with type all.
    400 ErrorFirewallCandidateReference Firewall Candidate referrence count greater than one. Drainage instances exist in multiple drainage scenarios.
    400 ErrorDBTxError A database transaction error occurred. The error message returned because an internal error has occurred in the database transaction.
    400 ErrorRecordLog record operation log error. Update operation log error.
    400 ErrorTrFirewallOnlyContainsEcrAndTrCandidate TR firewall cannot only contain both ECR and TR. TR firewall cannot only contain both ECR and TR.
    400 ErrorTrFirewallDoNotSupportPrefixList Cen TR firewall do not support prefix list. Cloud Firewall of CEN Enterprise Edition does not support prefix lists.
    400 ErrorTrFirewallEcmpRoute Cen TR ecmp next hop must add to route policy at the same time. The next hop of the CEN medium-price route must be added to the cloud firewall drainage scenario at the same time.
    400 ErrorTrFirewallNotExist Cen TR firewall not exist
    400 ErrorCrossRegionCloudServiceStaticRoute The CEN-TR routing table contains cross-region cloud service static routes. Please delete them and try again. The CEN-TR routing table contains cross-region cloud service static routes. Please delete them and try again.
    400 ErrorTrRouteTableContainsRejectRoutes There are routes conflict in transit router route table. Please resolve route conflict before create route policy. There is a routing conflict in the routing table of the forwarding router. Resolve the routing conflict before creating a firewall drainage scenario.
    400 ErrorCandidateHasIPv6Route Cloud Enterprise Network TR enterprise firewall don't support ipv6 route. Cloud Enterprise Network TR Enterprise Firewall does not support Ipv6 routing

    See Error Codes for a complete list.

    Release notes

    See Release Notes for a complete list.