Advertises a VPN route to a VPC.
Debugging
Authorization information
The following table shows the authorization information corresponding to the API. The authorization information can be used in the Action
policy element to grant a RAM user or RAM role the permissions to call this API operation. Description:
- Operation: the value that you can use in the Action element to specify the operation on a resource.
- Access level: the access level of each operation. The levels are read, write, and list.
- Resource type: the type of the resource on which you can authorize the RAM user or the RAM role to perform the operation. Take note of the following items:
- The required resource types are displayed in bold characters.
- If the permissions cannot be granted at the resource level,
All Resources
is used in the Resource type column of the operation.
- Condition Key: the condition key that is defined by the cloud service.
- Associated operation: other operations that the RAM user or the RAM role must have permissions to perform to complete the operation. To complete the operation, the RAM user or the RAM role must have the permissions to perform the associated operations.
Operation | Access level | Resource type | Condition key | Associated operation |
---|---|---|---|---|
vpc:PublishVpnRouteEntry | update | *VpnGateway acs:vpc:{#regionId}:{#accountId}:vpngateway/{#VpnGatewayId} |
| none |
Request parameters
Parameter | Type | Required | Description | Example |
---|---|---|---|---|
RegionId | string | Yes | The ID of the region where the VPN gateway is created. You can call the DescribeRegions operation to query the most recent region list. | cn-hangzhou |
ClientToken | string | No | The client token that is used to ensure the idempotence of the request. You can use the client to generate the token, but you must make sure that the token is unique among different requests. The token can contain only ASCII characters and cannot exceed 64 characters in length. Note
If you do not specify this parameter, the system automatically uses the request ID as the client token. The request ID may be different for each request.
| d7d24a21-f4ba-4454-9173-b382**** |
VpnGatewayId | string | Yes | The ID of the VPN gateway. | vpn-bp1a3kqjiiq9legfx**** |
RouteDest | string | Yes | The destination CIDR block of the VPN gateway route. | 10.0.0.0/24 |
NextHop | string | Yes | The next hop of the VPN gateway route. | vco-bp15oes1py4i66rmd**** |
RouteType | string | Yes | The type of the VPN gateway route. Valid values:
| pbr |
PublishVpc | boolean | Yes | Specifies whether to advertise the VPN gateway route to the VPC route table. Valid values:
| true |
Response parameters
Examples
Sample success responses
JSON
format
{
"RequestId": "5BE01CD7-5A50-472D-AC14-CA181C5C03BE\t"
}
Error codes
HTTP status code | Error code | Error message | Description |
---|---|---|---|
400 | Resource.QuotaFull | The quota of resource is full | The resource quota is exhausted. |
400 | VpnGateway.Configuring | The specified service is configuring. | The service is being configured. Try again later. |
400 | VpnGateway.FinancialLocked | The specified service is financial locked. | The service is suspended due to overdue payments. Top up your account first. |
400 | VpnRouteEntry.AlreadyExists | The specified route entry is already exist. | The route already exists. |
400 | VpnRouteEntry.Conflict | The specified route entry has conflict. | Route conflicts exist. |
400 | InvalidVpnRouteEntry.NotFound | The specified route entry does not exist. | The error message returned because the specified route does not exist. |
400 | OperationFailed.InvalidStatus | Route entry is not allowed to operate in current status. | You are not allowed to manage the route in the current state. |
400 | OperationFailed.RouteConflict | Operation failed because there is already a route in VPC route table to another VPN on the same network block. | Operation failed because there is already a route in VPC route table to another VPN on the same network block. |
400 | OperationFailed.InvalidCidrBlock | Operation failed because the specified network block is invalid. | The CIDR block is invalid. |
400 | OperationFailed.RouteConflict | Operation failed because there is already a route in VPC route table to a non-RI and non-VPN next hop on the same network block. | Routes that point to resources other than the router interface or VPN gateway already exists on the same CIDR block in the route table of the VPC. |
400 | QuotaExceeded.VpnRouteEntry | The number of route entries to the VPN gateway in the VPC routing table has reached the quota limit. | The number of route entries to the VPN gateway in the VPC routing table has reached the quota limit. |
400 | TaskConflict | The operation is too frequent, please wait a moment and try again. | Your requests are too frequent. Try again later. |
400 | IllegalParam.CidrBlock | The specified CidrBlock is illegal. | The operation failed because CidrBlock is set to an invalid value. |
400 | QuotaExceeded | Route entry quota exceeded in this route table. | The number of route entries in the route table has reached the upper limit. |
400 | MissingParameter | Miss mandatory parameter. | Some required parameters are not specified. Specify all required parameters and try again. |
400 | InvalidCidrBlock.Malformed | Specified CIDR block is not valid. | The format of the CIDR block is invalid. |
400 | InvalidCIDRBlock.Duplicate | Specified CIDR block is already exists. | This CIDR block already exists in the routing table. |
400 | IncorrectVpcStatus | Current VPC status does not support this operation. | This operation cannot be performed when the VPC is in the current state. |
400 | IncorrectInstanceStatus | Current instance status does not support this operation. | This operation cannot be performed while the instance is in the current state. |
400 | IncorrectRouteEntryStatus | Some route entry status blocked this operation. | The operation is not supported because the route table contains routes in the Pending or Modifying state. |
400 | IncorrectVSwitchStatus | The current virtual switch status does not support this operation. | The error message returned because the vSwitch is in the Pending state and cannot be deleted. |
400 | InvalidCidrBlock | Specified CIDR block is not valid. | Possible reasons for error reporting: 1. You are not in the whitelist of the 10.0.0.0/8 CIDR block and cannot use this CIDR block. 2. The target CIDR block of the added custom route cannot belong to the CIDR block of all vSwitches under the same VPC. 3. Because 100.64.0.0/10 is a cloud service address, you cannot add this CIDR block to point to the IDC under the cloud. 4. Except for 100.64.0.0/10, the detailed route network segments such as 100.64.0.0/11 and 100.96.0.0/11 cannot be used in the IDC under the cloud. |
400 | InvalidNextHopType | Specified parameter "NextHopType" is not valid | The specified next hop type is invalid. |
400 | InvalidNextHop.NotFound | Specified next hop does not exist. | The specified next hop does not exist. |
400 | InvalidVRouter.NotFound | vRouter not exists. | The specified vRouter does not exist. Check whether the specified vRouter is valid. |
400 | InvalidVPC.NotFound | vpc not exists. | The VPC does not exist. Check whether the specified VPC is valid. |
400 | InvalidNexthopTypeAndList.BothNull | both nexthopType and nextHopList are null. | NextHopType and NextHopList are not specified. |
400 | InvalidNexthopTypeAndList.BothNotNull | both nexthopType and nextHopList are not null. | You cannot leave both NextHopType and NextHopList empty. |
400 | InvalidRouterInterface | invalid router interface. | The specified router interface does not exist. |
400 | InvalidOppositeRouterType | nexthop list cannot only contain router interface whose opposite router interface is on vbr. | The specified next hop is invalid. The peer router of the router interface that you specify as the next hop must be a VBR. |
400 | InvalidNexthopListSize | nexthop size is illegal. Must be between 2 and 4. | You must specify two to four router interfaces as next hops. |
400 | InvalidEntryRuleQuota.NotFound | Route entry quota rule not exists. | The quota rules of route entries do not exist. |
400 | Forbidden.CheckEntryRuleQuota | Route entry quota rule check error. | An error occurred when the system was checking the quota of route entries. |
400 | InvalidVBRStatus | invalid virtual border router status. | The VBR is in an invalid state. |
400 | InvalidPhysicalConnectionBusinessStatus | invalid physical connection business status. | The Express Connect circuit is in an invalid state. |
400 | IncorrectHaVipStatus | This operation is denied because satus of the specified HaVip is neither Available nor InUse. | You cannot perform the operation when the specified HAVIP is in the Available or InUse state. |
400 | CountLimitExceed.HaVipRouteEntry | There can be 5 route entry to HaVip at most in one route table. | The number of route entries that point to the HAVIP has reached the upper limit. |
400 | InvalidRouteEntry.Duplicate | The route entry already exist. | The specified route entry already exists. |
400 | IncorrectRouteEntryStatus | Specified routeEntry status error. | The operation is not supported because the route table contains routes in the Pending or Modifying state. |
400 | IncorrectRouteEntryStatus | VBR has NotStable route entry. | The operation is not supported because the route table contains routes in the Pending or Modifying state. |
400 | INVALID_WEIGHT_PARAM | Specified value of weight invalid | The specified weight is invalid. |
400 | FORBIDDEN_USE_VPC_AS_INTERNET_GATEWAY | The Specified CIDR must be in vpc CIDR. | The specified CIDR block must be a subset of the VPC CIDR block. |
400 | INVALID_VPC_ID | The Specified VpcId not match. | The specified VPC does not exist. |
400 | InvalidRouteEntrySize | The Specified routerEntry size not legal. | You must specify two to four router interfaces as next hops if you want to configure ECMP routing. |
400 | RouteConflict.AlreadyExist | Route conflict exists in routing table. | Route conflicts exist in the route table. |
400 | InvalidRouteEntryName.Malformed | Specified RouteEntry name is not valid. | The new name of the route is invalid. |
400 | Duplicated.VpcNextHop | Route entry nexthop duplicate. | Duplicate next hops are specified. |
400 | InvalidNexthop.DirectEni | The direct Eni cannot be nexthop. | An ENI in cut-through mode cannot be specified as a next hop. |
400 | InvalidAttachment.NotFound | The attachment is not found. | The specified transit router does not exist. |
400 | OperationFailed.ActiveNetworkInterfaceNotFound | No active network interface is found on the attachment. | No ENI is available on the specified transit router. |
400 | InvalidNetworkInterface.NotFound | The network interface is not found on the attachment. | No ENI is associated with the specified transit router. |
400 | OperationFailed.QueryAttachmentInfo | Failed to query attachment information. | The system fails to query the transit router. |
400 | IllegalParam.AttachmentId | The attachment is invalid. | The specified transit router is invalid. |
400 | OperationFailed.NotSupportIPV6 | The specified next hop does not support IPv6. | The specified next hop does not support IPv6. |
400 | IncorrectStatus.Ipv6Address | The IPv6 address of the specified next hop is being assigned or deleted. | The IPv6 address that is specified as the next hop is being created or being deleted. |
400 | OperationUnsupported.Ipv6EntryOnPrimaryNetworkInterface | You cannot create IPv6 route entries on a primary network interface. | You cannot create an IPv6 route whose next hop is a primary ENI. |
400 | OperationUnsupported.SpecifyIpOnIpv6Entry | You cannot specify the private IP address when you create IPv6 route entries. | You cannot specify a private IPv6 address as the destination CIDR block. |
400 | OperationUnsupported.MutipleIpv6Address | You cannot specify a next hop that has bound multiple IPv6 addresses. | You cannot specify a next hop that is assigned multiple IPv6 addresses. |
400 | OperationDenied.Ipv6EntryOnCustomTable | You cannot create any IPv6 route entry on a custom route table. | - |
403 | Forbbiden.SubUser | User not authorized to operate on the specified resource as your account is created by another user. | You are unauthorized to perform this operation on the specified resource. Acquire the required permissions and try again. |
403 | Forbidden | User not authorized to operate on the specified resource. | You do not have the permissions to manage the specified resource. Apply for the permissions and try again. |
404 | InvalidVpnGatewayInstanceId.NotFound | The specified vpn gateway instance id does not exist. | The specified VPN gateway does not exist. Check whether the specified VPN gateway is valid. |
For a list of error codes, visit the Service error codes.
Change history
Change time | Summary of changes | Operation |
---|---|---|
2023-07-21 | API Description Update. The Error code has changed | View Change Details |