CreateVpcEndpointService - PrivateLink - Alibaba Cloud Documentation Center

Creates an endpoint service.

Operation description

Before you create an endpoint service, make sure that you have created a Server Load Balancer (SLB) instance that supports PrivateLink. For more information, see CreateLoadBalancer .
CreateVpcEndpointService is an asynchronous operation. After a request is sent, the system returns a request ID and an instance ID and runs the task in the background. You can call the GetVpcEndpointServiceAttribute operation to query the status of the endpoint service.
- If the endpoint service is in the Creating state, the endpoint service is being created.
- If the endpoint service is in the Active state, the endpoint service is created.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Debug

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

Operation: the value that you can use in the Action element to specify the operation on a resource.
Access level: the access level of each operation. The levels are read, write, and list.
Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
Condition Key: the condition key that is defined by the cloud service.
Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.

Operation	Access level	Resource type	Condition key	Associated operation
privatelink:CreateVpcEndpointService	create	VpcEndpointService acs:privatelink:{#regionId}:{#accountId}:vpcendpointservice/* LoadBalancer acs:alb:{#regionId}:{#accountId}:loadbalancer/{#LoadBalancerId} LoadBalancer acs:nlb:{#regionId}:{#accountId}:loadbalancer/{#LoadBalancerId} NatGateway acs:vpc:{#regionId}:{#accountId}:natgateway/{#NatGatewayId} LoadBalancer acs:slb:{#regionId}:{#accountId}:loadbalancer/{#LoadBalancerId}	none	none

Request parameters

Parameter	Type	Required	Description	Example
RegionId	string	Yes	The region ID of the endpoint service. You can call the DescribeRegions operation to query the most recent region list.	cn-huhehaote
ClientToken	string	No	The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters.	0c593ea1-3bea-11e9-b96b-88e9fe637760
DryRun	boolean	No	Specifies whether to perform only a dry run, without performing the actual request. true: performs only a dry run. The system checks the request for potential issues, including missing parameter values, incorrect request syntax, and service limits. If the request fails the dry run, an error message is returned. If the request passes the dry run, the `DryRunOperation` error code is returned. false (default): performs a dry run and performs the actual request. If the request passes the dry run, a 2xx HTTP status code is returned and the operation is performed.	false
ServiceDescription	string	No	The description of the endpoint service.	This is my EndpointService.
AutoAcceptEnabled	boolean	No	Specifies whether to automatically accept endpoint connection requests. Valid values: true false (default)	false
Payer	string	No	The payer. Valid values: Endpoint: service consumer EndpointService: service provider	Endpoint
ZoneAffinityEnabled	boolean	No	Specifies whether to first resolve the domain name of the nearest endpoint that is associated with the endpoint service. Valid values: true false (default)	false
ServiceResourceType	string	No	The type of the service resource. Valid values: slb: Classic Load Balancer (CLB) instance alb: Application Load Balancer (ALB) instance nlb: Network Load Balancer (NLB) instance Note You cannot access TCP/SSL listeners configured for NLB instances.	slb
Resource	array<object>	No	The service resources of the endpoint service.
	object	No	The information about the array object.
ResourceType	string	No	The type of the service resource that is added to the endpoint service. You can add up to 20 service resources to the endpoint service. Valid values: slb: CLB instance alb: ALB instance nlb: NLB instance Note In regions where PrivateLink is supported, CLB instances deployed in virtual private clouds (VPCs) can serve as the service resources of the endpoint service. You cannot access TCP/SSL listeners configured for NLB instances.	slb
ResourceId	string	No	The ID of the service resource that is added to the endpoint service. You can specify up to 20 service resource IDs.	lb-hp32z1wp5peaoox2q****
ZoneId	string	No	The ID of the zone.	cn-huhehaote-a
ServiceSupportIPv6`deprecated`	boolean	No	Specifies whether to enable IPv6 for the endpoint service. Valid values: true false (default)	false
ResourceGroupId	string	No	The resource group ID.	rg-acfmy*****
Tag	array<object>	No	The tags to add to the resource.
	object	No	The list of tags.
Key	string	No	The key of the tag to add to the resource. You can specify up to 20 tag keys. The tag key cannot be an empty string. The tag key can be up to 64 characters in length and cannot contain `http://` or `https://`. The tag key cannot start with `aliyun` or `acs:`.	env
Value	string	No	The value of the tag to add to the resource. You can specify up to 20 tag values. The tag value can be an empty string. The tag value can be up to 128 characters in length and cannot contain `http://` or `https://`. The tag value cannot start with `aliyun` or `acs:`.	prod

Response parameters

Parameter	Type	Description	Example
	object
ServiceBusinessStatus	string	The service state of the endpoint service. Valid values: Normal: The endpoint service runs as expected. FinancialLocked: The endpoint service is locked due to overdue payments.	Normal
RequestId	string	The request ID.	8D8992C1-6712-423C-BAC5-E5E817484C6B
ServiceName	string	The name of the endpoint service.	com.aliyuncs.privatelink.cn-huhehaote.epsrv-hp3vpx8yqxblby3i****
ServiceStatus	string	The state of the endpoint service. Valid values: Creating: The endpoint service is being created. Pending: The endpoint service is being modified. Active: The endpoint service is available. Deleting: The endpoint service is being deleted.	Active
ServiceDescription	string	The description of the endpoint service.	This is my EndpointService.
CreateTime	string	The time when the endpoint service was created.	2022-01-02T19:11:12Z
ServiceDomain	string	The domain name of the endpoint service.	epsrv-hp3vpx8yqxblby3i****.cn-huhehaote.privatelink.aliyuncs.com
ZoneAffinityEnabled	boolean	Indicates whether the domain name of the nearest endpoint that is associated with the endpoint service is resolved first. Valid values: true false	false
AutoAcceptEnabled	boolean	Indicates whether the endpoint service automatically accepts endpoint connection requests. Valid values: true false	false
ServiceId	string	The endpoint service ID.	epsrv-hp3vpx8yqxblby3i****
ServiceSupportIPv6	boolean	Indicates whether IPv6 was enabled for the endpoint service. Valid values: true false	false
ResourceGroupId	string	The resource group ID.	rg-acfmy*****

Examples

Sample success responses

JSONformat

{
  "ServiceBusinessStatus": "Normal",
  "RequestId": "8D8992C1-6712-423C-BAC5-E5E817484C6B",
  "ServiceName": "com.aliyuncs.privatelink.cn-huhehaote.epsrv-hp3vpx8yqxblby3i****",
  "ServiceStatus": "Active",
  "ServiceDescription": "This is my EndpointService.",
  "CreateTime": "2022-01-02T19:11:12Z",
  "ServiceDomain": "epsrv-hp3vpx8yqxblby3i****.cn-huhehaote.privatelink.aliyuncs.com",
  "ZoneAffinityEnabled": false,
  "AutoAcceptEnabled": false,
  "ServiceId": "epsrv-hp3vpx8yqxblby3i****",
  "ServiceSupportIPv6": false,
  "ResourceGroupId": "rg-acfmy*****",
  "AddressIpVersion": ""
}

Error codes

HTTP status code	Error code	Error message	Description
400	EndpointServiceExist	The specified Endpoint Service already exists.	The specified Endpoint Service already exists.
400	AlbNotFound	The specified Alb does not exist.	The specified Alb does not exist.
400	LoadBalancerNotFound	The specified load balancer does not exist.	The specified Alb does not exist.
400	LoadBalancerNotSupportPrivateLink	The specified SLB does not support PrivateLink.	The specified SLB does not support PrivateLink.
400	GenerateResourceIdFailed	Failed to generate ResourceId.	Failed to generate ResourceId.
400	QuotaMisMatched	The resource you applied for has exceeded the quota.	The resource you applied for has exceeded the quota.
400	VSwitchNotFound	The specified VSwitch does not exist.	The vSwitch is not found.
400	EndpointServicePayerForbidden	The parameter EndpointServicePayer is forbidden. The user is not in the whitelist.	-
400	NeedOpenProduct	The product is not activated.	The product is not activated.
400	EndpointServiceNotSupportedZone	The specified endpoint service does not support the zone.	The specified endpoint service does not support the zone.
400	IllegalParamFormat.%s	The param format of %s is illegal.	The parameter format of %s is illegal.
400	MissingParam.%s	The param of %s is missing.	The parameter %s is missing.
400	ResourceNotFound.NatGateway	The specified resource %s is not found.	-
400	Mismatch.ResourceType	The %s is mismatched for %s and %s.	-
400	EndpointServiceNotSupportIpv6	The param supportIpv6 of EndpointService is forbidden , resource is not support ipv6.	The endpoint service does not support IPv6.
400	OperationDenied.PrivateDomainNotSupport	The operation is not allowed because of PrivateDomainNotSupport.	-
400	Conflict.ServiceName	The ServiceName %s is conflict.	-
400	InvalidParam.PrivateDnsName	The parameter of PrivateDnsName is illegal, which needs to end with aliyun.com, aliyun-inc.com, or aliyuncs.com.	-
400	OperationDenied.ZoneAffinityNotSupport	The operation is not allowed because of zone affinity not support.	The operation is not allowed because zone affinity is not supported.
400	OperationDenied.RamPolicyNotSupport	The operation is not allowed because of RamPolicyNotSupport.	The operation is not allowed because ram policy are not supported.
400	OperationDenied.ResourceTypeNotSupportDualStack	The specified resource type does not support dualstack.	The specified resource type does not support dualstack.
400	OperationDenied.ServiceResourceIpVersionMismatch	The endpoint service and service resource AddressIpVersion do not match.	The endpoint service and service resource AddressIpVersion do not match.
400	IllegalParam.AddressIpVersion	The specified parameter AddressIpVersion is invalid.	The specified parameter AddressIpVersion does not meet the requirements.

For a list of error codes, visit the Service error codes.

Change history

Change time	Summary of changes	Operation
2024-09-18	The Error code has changed	View Change Details
2024-09-12	The Error code has changed. The request parameters of the API has changed. The response structure of the API has changed	View Change Details
2024-03-11	The Error code has changed	View Change Details
2023-09-19	The Error code has changed	View Change Details
2022-11-30	API Description Update. The Error code has changed. The request parameters of the API has changed	View Change Details