All Products
Search
Document Center

Virtual Private Cloud:CreateTrafficMirrorSession

Last Updated:Aug 29, 2024

Creates a traffic mirror session.

Operation description

CreateTrafficMirrorSession is an asynchronous operation. After a request is sent, the system returns a request ID and runs the task in the background. You can call ListTrafficMirrorSessions to query the status of the task.

  • If the traffic mirror session is in the Creating state, it is being created.
  • If the traffic mirror session is in the Created state, it is created.

Debugging

OpenAPI Explorer automatically calculates the signature value. For your convenience, we recommend that you call this operation in OpenAPI Explorer.

Authorization information

The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:

  • Operation: the value that you can use in the Action element to specify the operation on a resource.
  • Access level: the access level of each operation. The levels are read, write, and list.
  • Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
    • The required resource types are displayed in bold characters.
    • If the permissions cannot be granted at the resource level, All Resources is used in the Resource type column of the operation.
  • Condition Key: the condition key that is defined by the cloud service.
  • Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
OperationAccess levelResource typeCondition keyAssociated operation
vpc:CreateTrafficMirrorSessioncreate
  • TrafficMirrorSession
    acs:vpc:{#regionId}:{#accountId}:trafficmirrorsession/*
  • TrafficMirrorFilter
    acs:vpc:{#regionId}:{#accountId}:trafficmirrorfilter/{#TrafficMirrorFilterId}
    none
none

Request parameters

ParameterTypeRequiredDescriptionExample
TrafficMirrorSessionDescriptionstringNo

The description of the traffic mirror session.

The description must be 1 to 256 characters in length and cannot start with http:// or https://.

This is a trafficmirrorsession.
TrafficMirrorSessionNamestringNo

The name of the traffic mirror session.

The name must be 1 to 128 characters in length, and cannot start with http:// or https://.

test
ClientTokenstringNo

The client token that is used to ensure the idempotence of the request.

You can use the client to generate the value, but you must ensure that the value is unique among all requests. The client token can contain only ASCII characters.

Note If you do not set this parameter, the system uses RequestId as ClientToken. RequestId might be different for each API request.
0c593ea1-3bea-11e9-b96b-88e9fe63****
DryRunbooleanNo

Specifies whether to perform a dry run. Valid values:

  • true: performs a dry run. The system checks the required parameters, request format, and limits. If the request fails the dry run, an error message is returned. If the request passes the dry run, the DryRunOperation error code is returned.
  • false (default): performs a dry run and sends the request. If the request passes the dry run, the operation is performed.
false
TrafficMirrorTargetIdstringYes

The ID of the traffic mirror destination. You can specify only an elastic network interface (ENI) or a Server Load Balancer (SLB) instance as a traffic mirror destination.

eni-j6c8znm5l1yt4sox****
TrafficMirrorTargetTypestringYes

The type of the traffic mirror destination. Valid values:

  • NetworkInterface: an ENI
  • SLB: an SLB instance
NetworkInterface
TrafficMirrorFilterIdstringYes

The ID of the filter.

tmf-j6cmls82xnc86vtpe****
VirtualNetworkIdintegerNo

The VXLAN network identifier (VNI). Valid values: 0 to 16777215.

You can use VNIs to identify mirrored traffic from different sessions at the traffic mirror destination. You can specify a custom VNI or use a random VNI allocated by the system. If you want the system to randomly allocate a VNI, do not enter a value.

1
PriorityintegerYes

The priority of the traffic mirror session. Valid values: 1 to 32766.

A smaller value indicates a higher priority. You cannot specify identical priorities for traffic mirror sessions that are created in the same region by using the same account.

1
EnabledbooleanNo

Specifies whether to enable the traffic mirror session. Valid values:

  • false (default): does not enable the traffic mirror session.
  • true: enables the traffic mirror session.
false
PacketLengthintegerNo

The maximum transmission unit.

Valid values: 64 to 9600. Default value: 1500.

1500
TrafficMirrorSourceIdsarrayYes

The ID of the traffic mirror source. You can specify only an elastic network interface (ENI) as the traffic mirror source. The default value of N is 1, which indicates that you can add only one traffic mirror source to a traffic mirror session.

stringYes

The ID of the traffic mirror source. You can specify only an ENI as the traffic mirror source. The default value of N is 1, which means that you can add only one traffic mirror source to a traffic mirror session.

eni-j6c2fp57q8rr47rp****
RegionIdstringYes

The ID of the region to which the traffic mirror session belongs. You can call the DescribeRegions operation to query the most recent region list. For more information about regions that support traffic mirroring, see Overview of traffic mirroring.

cn-hongkong
ResourceGroupIdstringNo

The ID of the resource group to which the mirrored traffic belongs.

rg-bp67acfmxazb4ph****
Tagarray<object>No

The tag of the resource.

objectNo

The tag of the resource.

KeystringNo

The tag key. You can specify at most 20 tag keys. The tag key cannot be an empty string.

The tag key can be up to 128 characters in length. It cannot start with aliyun or acs:, and cannot contain http:// or https://.

FinanceDept
ValuestringNo

The tag value. You can specify at most 20 tag values. The tag value can be an empty string.

The tag value can be up to 128 characters in length. It cannot start with aliyun or acs:, and cannot contain http:// or https://.

FinanceJoshua

Response parameters

ParameterTypeDescriptionExample
object
TrafficMirrorSessionIdstring

The ID of the traffic mirror session.

tms-j6ce5di4w7nvigfjz****
RequestIdstring

The ID of the request.

0ED8D006-F706-4D23-88ED-E11ED28DCAC0
ResourceGroupIdstring

The ID of the resource group to which the mirrored traffic belongs.

rg-bp67acfmxazb4ph****

Examples

Sample success responses

JSONformat

{
  "TrafficMirrorSessionId": "tms-j6ce5di4w7nvigfjz****",
  "RequestId": "0ED8D006-F706-4D23-88ED-E11ED28DCAC0",
  "ResourceGroupId": "rg-bp67acfmxazb4ph****"
}

Error codes

HTTP status codeError codeError messageDescription
400IncorrectBusinessStatus.TrafficMirrorThe business status of traffic mirror is incorrect.Traffic mirroring is in an invalid state.
400OptInRequired.TrafficMirrorYou need to subscribe to the traffic mirror service first.Traffic mirroring is disabled.
400DuplicatedParam.SourceInstanceIdsThe parameter of source instance IDs contains duplicate values.Duplicate values are set for TrafficMirrorSourceIds.N.
400OperationDenied.DuplicateRoleThe network interface must not be the source and the target of traffic mirror sessions at the same time.-
400ResourceNotFound.NetworkInterfaceThe specified resource of %s is not found.The error message returned because NetworkInterface is set to an invalid value.
400ResourceNotFound.EcsInstanceThe specified resource of ECS instance is not found.-
400ResourceNotFound.SlbThe specified resource of SLB is not found.-
400OperationDenied.SlbNotInVpcThe specified SLB is not in any VPC.-
400ResourceNotFound.TrafficMirrorFilterThe specified resource of traffic mirror filter is not found.The specified filter does not exist.
400IncorrectStatus.TrafficMirrorFilterThe status of traffic mirror filter is incorrect.The filter is in an invalid state.
400OperationDenied.EcsNotSupportTrafficMirrorThe ECS instance does not support traffic mirroring.-
400QuotaExceeded.SessionNumThe quota of the number of traffic mirror sessions is exceeded.The number of traffic mirror sessions has reached the upper limit.
400QuotaExceeded.FilterRelatedSessionThe quota of the number of traffic mirror sessions related to one filter is exceeded.The number of traffic mirror sessions associated with the filter has reached the upper limit.
400QuotaExceeded.SourceNumPerSessionThe quota of the number of traffic mirror sources per session is exceeded.The number of traffic mirror sources associated with a traffic mirror session has reached the upper limit.
400QuotaExceeded.NetworkInterfaceRelatedSessionThe quota of the number of traffic mirror sessions related to one network interface is exceeded.The number of traffic mirror sessions associated with an ENI has reached the upper limit.
400QuotaExceeded.SlbRelatedSessionThe quota of the number of traffic mirror sessions related to one SLB is exceeded.The number of traffic mirror sessions associated with an SLB instance has reached the upper limit.
400UnsupportedRegionThe feature is not supported in current region.The feature is not supported in the current region.
400InvalidLoadBalancerId.NotFoundThe specified resource of load balancer is not found.The SLB instance does not exist.
400OperationDenied.FreeNetworkInterfaceThe network interface is not attached to any ECS instance.The ENI is not associated with an ECS instance.
400OperationDenied.ClassicSLBThe operation is not allowed because of ClassicSLB.The error message returned because you cannot perform the operation on a CLB instance.
400ResourceNotFound.TargetInstanceThe specified target instance for traffic mirroring is not found.The specified traffic mirror destination does not exist.
400QuotaExceeded.SourceNumPerTargetThe maximum number of traffic mirror sources for a target is exceeded.The number of traffic mirror sources associated with the image exceeds the upper limit.
400IncorrectStatus.NetworkInterfaceThe status of network interface is incorrect.The status of the ENI is invalid.
400OperationFailed.NotSupportBizTypeThe specified instance type does not support the operation.The specified instance type does not support the operation.
400IllegalParam.PriorityThe specified Priority is illegal or the same as other mirroring sessions.The specified Priority is illegal or identical to another mirroring session
400OperationDenied.UnsupportedTargetTypeTraffic mirror target must be SLB if traffic mirror sources contain nat gateway network interface.When a NAT gateway NIC exists in the traffic mirroring source, the traffic mirroring purpose must be SLB type.

For a list of error codes, visit the Service error codes.

Change history

Change timeSummary of changesOperation
2024-01-15The Error code has changedView Change Details
2023-09-26The Error code has changedView Change Details
2023-09-21The Error code has changedView Change Details
2023-09-14The Error code has changedView Change Details
2023-08-30The Error code has changedView Change Details
2023-07-10The Error code has changed. The request parameters of the API has changedView Change Details
2023-06-25The Error code has changedView Change Details
2023-04-14The Error code has changedView Change Details
2023-03-16The Error code has changedView Change Details