DescribeTrFirewallsV2List - Cloud Firewall - Alibaba Cloud Documentation Center

Queries the list of VPC firewalls for a transit router.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

No authorization for this operation. If you encounter issues with this operation, contact technical support.

Request parameters

Parameter	Type	Required	Description	Example
Lang	string	No	The language of the response message. Valid values: zh (default): Chinese en: English	zh
RegionNo	string	No	The region ID of the transit router instance.	cn-hangzhou
FirewallSwitchStatus	string	No	The status of the VPC firewall. Valid values: opened: Enabled closed: Disabled notconfigured: The VPC firewall is not configured. configured: The VPC firewall is configured. creating: The VPC firewall is being created. opening: The VPC firewall is being enabled. deleting: The VPC firewall is being deleted. Note If you do not specify this parameter, VPC firewalls in all states are queried.	opened
CurrentPage	integer	No	The page number for a paged query. Default value: 1.	1
PageSize	integer	No	The maximum number of entries to return on each page in a paged query. Default value: 10.	10
FirewallId	string	No	The instance ID of the VPC firewall.	vfw-tr-f1799baa9e254651****
FirewallName	string	No	The instance name of the VPC firewall.	VPC边界防火墙云企业网企业版
RouteMode	string	No	The routing mode. Valid values: managed: automatic mode. manual: manual mode. Note If you do not specify this parameter, VPC firewalls in all routing modes are queried.	managed
CenId	string	No	The ID of the Cloud Enterprise Network (CEN) instance.	cen-rig0t5zi96crkl****
TransitRouterId	string	No	The instance ID of the transit router.	tr-uf6egtvyaedvt20xl****

Response elements

Element	Type	Description	Example
	object
TotalCount	string	The total number of entries returned.	6
RequestId	string	The request ID.	1471E2EC-F706-5F11-A79B-BD583ACB8297
VpcTrFirewalls	array<object>	The list of VPC firewalls.
	array<object>	The VPC firewall.
CenId	string	The ID of the CEN instance.	cen-03f8s0z052ka3v****
CenName	string	The name of the CEN instance.	cen_swas
CloudFirewallVpcOrderType	string	The payer for the transit router (TR) instance that is created for the VPC firewall. Valid values: PayByCloudFirewall: Cloud Firewall PayByCenOwner: The account that owns the CEN instance	PayByCenOwner
FirewallId	string	The instance ID of the VPC firewall.	vfw-tr-99bc4f0fc88b4d00****
FirewallSwitchStatus	string	The status of the VPC firewall. Valid values: opened: Enabled closed: Disabled notconfigured: The VPC firewall is not configured. configured: The VPC firewall is configured. creating: The VPC firewall is being created. opening: The VPC firewall is being enabled. deleting: The VPC firewall is being deleted. Note If you do not specify this parameter, VPC firewalls in all states are queried.	opened
IpsConfig	object	The configurations of the intrusion prevention system (IPS).
BasicRules	integer	Indicates whether to enable the basic protection feature. Valid values: 1: enabled 0: disabled	1
EnableAllPatch	integer	Indicates whether to enable virtual patching. Valid values: 1: enabled 0: disabled	1
RuleClass	integer	The IPS rule group. Valid values: 1: loose 2: medium 3: strict	3
RunMode	integer	The IPS mode. Valid values: 1: block mode 0: monitor mode	1
OwnerId	integer	The ID of the Alibaba Cloud account that owns the VPC.	171761785151****
PrecheckStatus	string	Indicates whether the VPC firewall can be automatically created. Valid values: passed: The VPC firewall can be automatically created. failed: The VPC firewall cannot be automatically created. unknown: The status is unknown.	passed
ProtectedResource	object	The list of protected resources.
Count	integer	The number of protected resources.	1
EcrList	array	The list of protected Express Connect Router (ECR) instances.
	string	The list of protected ECR instances.	[ "ecr-d6yi3kl5qxmvkz****" ]
PeerTrList	array	The list of protected peer transit routers.
	string	The list of protected peer transit routers.	[ "tr-2zegxdvs5f2je81ph****" ]
VbrList	array	The list of protected virtual border routers (VBRs).
	string	The list of protected VBRs.	[ "vbr-2zegxdvs5f2je81ph****" ]
VpcList	array	The list of protected VPCs.
	string	The list of protected VPCs.	["vpc-2zegxdvs5f2je81ph****"]
VpnList	array	The list of protected VPN gateways.
	string	The list of protected VPN gateways.	[ "vpn-2zegxdvs5f2je81ph****" ]
RegionNo	string	The region ID of the transit router instance.	cn-hangzhou
RegionStatus	string	The status of the region. Valid values: enable: The VPC firewall is available in the region. disable: The VPC firewall is not available in the region.	enable
ResultCode	string	The result code of the operation to create the VPC firewall. Valid values: RegionDisable: The VPC firewall is not supported in the region where the network instance resides. The VPC firewall cannot be created. An empty string: The VPC firewall can be created for the network instance.	RegionDisable
RouteMode	string	The routing mode. Valid values: managed: automatic mode manual: manual mode	managed
TransitRouterId	string	The instance ID of the transit router.	tr-2vcmhjs88nil55fvu****
UnprotectedResource	object	The list of unprotected resources.
Count	integer	The number of unprotected resources.	1
EcrList	array	The list of unprotected Express Connect Router (ECR) instances.
	string	The list of unprotected ECR instances.	[ "ecr-d6yi3kl5qxmvkz****" ]
PeerTrList	array	The list of unprotected peer transit routers.
	string	The list of unprotected peer transit routers.	[ "tr-2zegxdvs5f2je81ph****" ]
VbrList	array	The list of unprotected virtual border routers (VBRs).
	string	The list of unprotected VBRs.	[ "vbr-2zegxdvs5f2je81ph****" ]
VpcList	array	The list of unprotected VPCs.
	string	The list of unprotected VPCs.	[ "vpc-2zegxdvs5f2je81ph****" ]
VpnList	array	The list of unprotected VPN gateways.
	string	The list of unprotected VPN gateways.	[ "vpn-2zegxdvs5f2je81ph****" ]
VpcFirewallName	string	The instance name of the VPC firewall.	VPC边界防火墙
AclConfig	object	The mode of the access control list (ACL) engine.
StrictMode	integer	Indicates whether the strict mode is enabled. 1: enabled 0: disabled	1

Examples

Success response

JSON format

{
  "TotalCount": "6",
  "RequestId": "1471E2EC-F706-5F11-A79B-BD583ACB8297",
  "VpcTrFirewalls": [
    {
      "CenId": "cen-03f8s0z052ka3v****",
      "CenName": "cen_swas",
      "CloudFirewallVpcOrderType": "PayByCenOwner",
      "FirewallId": "vfw-tr-99bc4f0fc88b4d00****",
      "FirewallSwitchStatus": "opened",
      "IpsConfig": {
        "BasicRules": 1,
        "EnableAllPatch": 1,
        "RuleClass": 3,
        "RunMode": 1
      },
      "OwnerId": 0,
      "PrecheckStatus": "passed",
      "ProtectedResource": {
        "Count": 1,
        "EcrList": [
          "[\n    \"ecr-d6yi3kl5qxmvkz****\"\n]"
        ],
        "PeerTrList": [
          "[\n      \"tr-2zegxdvs5f2je81ph****\"\n]"
        ],
        "VbrList": [
          "[\n      \"vbr-2zegxdvs5f2je81ph****\"\n]"
        ],
        "VpcList": [
          "[\"vpc-2zegxdvs5f2je81ph****\"]"
        ],
        "VpnList": [
          "[\n      \"vpn-2zegxdvs5f2je81ph****\"\n]"
        ]
      },
      "RegionNo": "cn-hangzhou",
      "RegionStatus": "enable",
      "ResultCode": " RegionDisable",
      "RouteMode": "managed",
      "TransitRouterId": "tr-2vcmhjs88nil55fvu****",
      "UnprotectedResource": {
        "Count": 1,
        "EcrList": [
          "[\n    \"ecr-d6yi3kl5qxmvkz****\"\n]"
        ],
        "PeerTrList": [
          "[\n      \"tr-2zegxdvs5f2je81ph****\"\n]"
        ],
        "VbrList": [
          "[\n      \"vbr-2zegxdvs5f2je81ph****\"\n]"
        ],
        "VpcList": [
          "[\n      \"vpc-2zegxdvs5f2je81ph****\"\n]"
        ],
        "VpnList": [
          "[\n      \"vpn-2zegxdvs5f2je81ph****\"\n]"
        ]
      },
      "VpcFirewallName": "VPC边界防火墙",
      "AclConfig": {
        "StrictMode": 1
      }
    }
  ]
}

Error codes

HTTP status code	Error code	Error message	Description
400	ErrorUserNotFound	User not found	The user does not exist.
400	ErrorUserCredentials	User credentials failed.	Unauthorized, not accessible, please first authorize firewall permissions.
400	ErrorDBTxError	A database transaction error occurred.	The error message returned because an internal error has occurred in the database transaction.
400	ErrorDBSelectError	A database select error occurred.	The error message returned because an internal error has occurred in querying the database.
400	ErrorUnMarshalJSON	internal error.	Internal Error

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.