CreateTransitRouter-阿里云帮助中心

Call CreateTransitRouter to create an Enterprise Edition transit router instance.

Operation description

You can call CreateTransitRouter to create an Enterprise Edition transit router. Enterprise Edition transit routers are available only in some regions. For more information about the supported regions, see What is Cloud Enterprise Network?.
CreateTransitRouterListTransitRouters
- If an Enterprise Edition transit router is in the Creating state, the transit router is being created. You can query the transit router but cannot perform other operations.
- If an Enterprise Edition transit router is in the Active state, the transit router is created.
You can create only one Enterprise Edition transit router in each region of a CEN instance.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

cen:CreateTransitRouter

create

CenInstance

acs:cen:*:{#accountId}:ceninstance/{#ceninstanceId}

TransitRouter

acs:cen:*:{#accountId}:centransitrouter/*

None

Request parameters

Parameter	Type	Required	Description	Example
ClientToken	string	No	The client token that is used to ensure the idempotence of the request. You can create a token from your client and make sure that it is unique among different requests. The token can contain only ASCII characters. Note If you do not specify this parameter, the system automatically uses the RequestId of the request as the ClientToken. The RequestId of each API request may be different.	02fb3da4-130e-11e9-8e44-001****
CenId	string	Yes	The ID of the Cloud Enterprise Network (CEN) instance.	cen-j3jzhw1zpau2km****
RegionId	string	Yes	The ID of the region where the transit router is located. You can call the DescribeChildInstanceRegions operation to query the most recent region list.	cn-zhangjiakou
TransitRouterName	string	No	The name of the transit router. The name can be empty or 1 to 128 characters in length, and cannot start with `http://` or `https://`.	testname
TransitRouterDescription	string	No	The description of the transit router. The description can be empty or 1 to 256 characters in length, and cannot start with `http://` or `https://`.	testdesc
DryRun	boolean	No	Specifies whether to perform a dry run, without performing the actual request. The system checks the request for potential issues, including missing parameter values, incorrect request syntax, and service limits. Valid values: true: performs a dry run. The system checks the request for potential issues, including missing parameter values, incorrect request syntax, and service limits. If the request fails the dry run, an error message is returned. If the request passes the dry run, the `DryRunOperation` error code is returned. false (default): performs a dry run and performs the actual request. If the request passes the dry run, a 2xx HTTP status code is returned and the operation is performed.	false
SupportMulticast	boolean	No	Specifies whether to enable the multicast feature for the transit router. Valid values: false (default): Disables the multicast feature. true: Enables the multicast feature. The multicast feature is supported only in specific regions. You can call the ListTransitRouterAvailableResource operation to query the regions that support the multicast feature.	false
TransitRouterCidrList	array<object>	No	The CIDR blocks of the transit router.
	object	No	The CIDR blocks of the transit router. You can specify up to five CIDR blocks at a time. For more information about the CIDR blocks of transit routers, see CIDR blocks of transit routers. Note Only Enterprise Edition transit routers support CIDR blocks.
Cidr	string	No	The CIDR block of the transit router.	192.168.10.0/24
Name	string	No	The name of the CIDR block. The name must be 1 to 128 characters in length.	nametest
Description	string	No	The description of the CIDR block. The description must be 1 to 256 characters in length.	desctest
PublishCidrRoute	boolean	No	Specifies whether to enable the system to automatically add a route that points to the CIDR block of the transit router to the route table of the transit router. true (default): After you create a VPN connection of the private VPN gateway type and create a route learning correlation for the VPN connection, the system automatically adds the following route to the route table of the transit router with which the VPN connection is associated by using the route learning correlation: A blackhole route that points to the CIDR block of the transit router. The CIDR block of the transit router is the CIDR block from which a gateway IP address is allocated to the IPsec-VPN connection. The blackhole route is advertised only to the route tables of virtual border routers (VBRs) that are connected to the transit router. false:	true
Tag	array<object>	No	The tags.
	object	No	The tags. You can specify up to 20 tags.
Key	string	No	The tag key. The key cannot be an empty string. The key must be 1 to 64 characters in length, and cannot start with `aliyun` or `acs:`. It cannot contain `http://` or `https://`. You can specify up to 20 tag keys.	tagtest
Value	string	No	The tag value. The tag value can be an empty string. The tag value must be 0 to 128 characters in length, and cannot start with `aliyun` or `acs:`. It cannot contain `http://` or `https://`. You can specify up to 20 tag values.	TagValue

Response elements

Element	Type	Description	Example
	object	The response data.
TransitRouterId	string	The ID of the created Transit Router instance.	tr-uf6llz2286805i44g****
RequestId	string	The unique ID of the request.	404DA7EC-F495-44B5-B543-6EDCDF90F3D1

Examples

Success response

JSON format

{
  "TransitRouterId": "tr-uf6llz2286805i44g****",
  "RequestId": "404DA7EC-F495-44B5-B543-6EDCDF90F3D1"
}

Error codes

HTTP status code	Error code	Error message	Description
400	OperationUnsupported.RegionId	The specified Region is not supported.	The error message returned because this operation is not supported in the specified region.
400	InstanceExist.TransitRouterInstance	The instance already exists.	The error message returned because a transit router with the same ID already exists in the current region. Transit router IDs in the same region must be unique.
400	Forbbiden.TransitRouterServiceNotOpen	The user has not open transit router service.	The error message returned because the transit router is disabled. Enable the transit router and try again.
400	OperationUnsupported.SupportMulticast	The multicast is not supported in the specified region.	The error message returned because multicast is not supported in the specified region.
400	OperationUnsupported.CenFullLevel	CEN full level does not support TransitRouter.
400	IllegalParam.Cidr	Cidr is illegal.	The error message returned because the specified CIDR block is invalid.
400	Illegal.TrType	The TransitRouter type is illegal.	The error message returned because the specified type of transit router does not support this operation.
400	OperationUnsupported.TransitRouterCidrList	The TransitRouterCidrList is not support in the specified Region.	The error message returned because this operation is not supported in the specified region.
400	OperationFailed.CidrConflict	Operation is invalid because the cidr conflict.	The error message returned because the specified CIDR block conflicts with another one.
400	IllegalParam.Region	The specified region is invalid.
400	OverLappingExist.Cidr	The cidr overlapping exist.	The error message returned because CIDR overlapping is already enabled.
400	IllegalParam.ServiceMode	The specified ServiceMode is invalid.	The error message returned because the specified service mode is invalid.
400	ParamExclusive.ServiceModeAndSupportMulticast	ServiceMode and SupportMulticast is mutually exclusive.	The error message returned because transit routers in the current mode do not support multicast.
400	ParamExclusive.ServiceModeAndTransitRouterCidrList	ServiceMode and TransitRouterCidrList is mutually exclusive.	The error message returned because transit routers in the current mode do not support CIDR blocks.
400	OperationUnsupported.Tag	The Tag is not supported in the specified region.	The error message returned because transit routers in the current region do not support tags.
400	IllegalParam.SupportMulticast	Basic Transit router is not support multicast.	The error message returned because Basic Edition transit routers do not support multicast.
400	ParamExclusive.BasicAndPrimaryStandby	Basic and PrimaryStandby is mutually exclusive.	The error message returned because Basic Edition transit routers do not support the PrimaryStandby mode.
400	ParamExclusive.BasicAndMultiPrimary	Basic and MultiPrimary is mutually exclusive.	The error message returned because Basic Edition transit routers do not support the MultiPrimary mode.
400	IllegalParam.RegionId	The Specified Parameter RegionId is illegal.	The region specified in the parameter is invalid.
400	OperationFailed.PostPay95BwpNotAllowEnterpriseTr	Cbn with post pay 95 bandwidth package does not allow enterprise tr.	Cbn with post pay 95 bandwidth package does not allow enterprise tr.
400	Forbidden.TransitRouterServiceExpired	The transit router service is out of service.	The transit router service has been suspended due for payment. Please renew the service and try again.
400	InvalidParameter	Invalid parameter.	The error message returned because the parameter is set to an invalid value.
400	Unauthorized	The AccessKeyId is unauthorized.	The error message returned because you do not have the permissions to perform this operation.
400	IllegalParam.TagValue	The tag values are not valid.	The error message returned because the specified tag value is invalid.
400	IllegalParam.TagKey	The tag keys are not valid.	The error message returned because the specified tag key is invalid.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.