ModifyTrFirewallV2RoutePolicyScope - Cloud Firewall - Alibaba Cloud Documentation Center

Modifies the effective scope of the routing policy created for the VPC firewall for a transit router.

Debugging

You can run this interface directly in OpenAPI Explorer, saving you the trouble of calculating signatures. After running successfully, OpenAPI Explorer can automatically generate SDK code samples.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
yundun-cloudfirewall:ModifyTrFirewallV2RoutePolicyScope	update	All Resources *	none	none

Request parameters

Parameter	Type	Required	Description	Example
Lang	string	No	The language of the content within the response. Valid values: zh (default): Chinese en: English	zh
TrFirewallRoutePolicyId	string	Yes	The ID of the routing policy.	policy-4d724d0139df48f18091
FirewallId	string	Yes	The instance ID of the virtual private cloud (VPC) firewall.	vfw-tr-6520de0253bc4669bbd9
SrcCandidateList	array<object>	No	The primary traffic redirection instances.
	object	No
CandidateId	string	No	The ID of the traffic redirection instance.	vpc-2ze9epancaw8t4shajuzi
CandidateType	string	No	The type of the traffic redirection instance.	VPC
DestCandidateList	array<object>	No	The secondary traffic redirection instances.
	object	No
CandidateId	string	No	The ID of the traffic redirection instance.	vpc-2ze9epancaw8t4shajuzi
CandidateType	string	No	The type of the traffic redirection instance.	VPC
ShouldRecover	string	No	Specifies whether to restore the traffic redirection configurations. Valid values: true: roll back false: withdraw	false

Response parameters

Parameter	Type	Description	Example
	object
TrFirewallRoutePolicyId	string	The ID of the routing policy.	policy-4d724d0139df48f18091
RequestId	string	The ID of the request.	E7D4D635-0C70-5CEB-A609-851E94D51FBB

Examples

Sample success responses

JSONformat

{
  "TrFirewallRoutePolicyId": "policy-4d724d0139df48f18091",
  "RequestId": "E7D4D635-0C70-5CEB-A609-851E94D51FBB"
}

Error codes

HTTP status code	Error code	Error message	Description
200	ErrorDBUpdateError	A database update error occurred.	A database update error occurred.
400	ErrorAliUid	Aliuid invalid.	The aliuid is invalid.
400	ErrorParameters	Error Parameters	The parameter is invalid.
400	ErrorAuthentication	authentication error	The authentication failed.
400	ErrorDBNoRow	No rows in database.	No data found.
400	ErrorDBSelectError	A database select error occurred.	The error message returned because an internal error has occurred in querying the database.
400	ErrorPolicySrcAndDestConflict	Policy has same destination candidate as source candidtes.	The main drainage instance conflicts with the sub-drainage instance in the drainage template.
400	ErrorDBTxError	A database transaction error occurred.	The error message returned because an internal error has occurred in the database transaction.
400	ErrorTrFirewallEndToEndTrToAll	Parameter error, point-to-multipoint scenario, TR instance does not support configuration ALL.	Parameter error. In point-to-multipoint scenarios, the TR instance does not support ALL configuration.
400	ErrorCannotEditRoutePolicyWhenClose	Can not edit route policy when policy closed.	Cannot update a drainage template when a firewall drainage template is created, deleted, or closed.
400	ErrorFirewallUpdating	Can not modify firewall, firewall is updating. Please check if there is a routing policy updating.	The firewall cannot be operated. The firewall is in an updated state. Please check whether any drainage templates are being created, deleted, updated, opened or closed.
400	ErrorIllegalRoutePolicyScopeUpdate	Can not update policy scope.	The peer-to-peer scenario cannot be configured to update the drainage template range.
400	ErrorCannotEditToAllPolicy	Can not modify policy scope for policy contains All type candidate.	You cannot edit a drainage template that contains an ALL type.
400	ErrorCandidateNoRouteTable	Please attach candidate with transit router before create routing template.	Before creating a drainage template, bind the drainage instance to a routing table of a forwarding router.
400	ErrorTrFirewallRouteMapConflict	Cen TR firewall route table has route map conflict.	The CEN routing table and the cloud firewall have routing policy conflicts.
400	ErrorUserCredentials	User credentials failed.	Unauthorized, not accessible, please first authorize firewall permissions.
400	ErrorTrFirewallDoNotSupportPrefixList	Cen TR firewall do not support prefix list.	Cloud Firewall of CEN Enterprise Edition does not support prefix lists.
400	ErrorCandidateHasStaticRoute	Tr firewall don't support candidate which associated with transit router route table contains custom route. Please retry after deleted the route.	There are custom routes in the routing table of the forwarding router bound to the drainage instance. Cloud Firewall does not support this type of drainage instance. Delete the corresponding route and try again.
400	ErrorTrRouteTableContainsRejectRoutes	There are routes conflict in transit router route table.Please resolve route conflict before create route policy.	There is a routing conflict in the routing table of the forwarding router. Resolve the routing conflict before creating a firewall drainage scenario.
400	ErrorTrFwVswCidrConflict	Illegal tr firewall cidr configuration.	Tr firewall configuration network segment is invalid.
400	ErrorFirewallCandidateReference	Firewall Candidate referrence count greater than one.	Drainage instances exist in multiple drainage scenarios.
400	ErrorDBInsertError	A database insert error occurred.	An error occurred while performing an insert operation in the database.
400	ErrorRecordLog	record operation log error.	Update operation log error.

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation
2024-03-13	The internal configuration of the API is changed, but the call is not affected	View Change Details
2024-03-01	The request parameters of the API has changed	View Change Details