UpdateTrafficMirrorFilterRuleAttribute-阿里云帮助中心

Modifies the configuration of an inbound or outbound rule for traffic mirror.

Operation description

The UpdateTrafficMirrorFilterRuleAttribute operation is asynchronous. After you send the request, the system returns a request ID. However, the operation is still being performed in the system background. You can call the ListTrafficMirrorFilters operation to query the status of an inbound or outbound rule:
- If the rule is in the Modifying state, the rule is being modified.
- If the rule is in the Created state, the rule is modified.
You cannot repeatedly call the UpdateTrafficMirrorFilterRuleAttribute operation to modify an inbound or outbound rule within the specified period of time.

Try it now

Try this API in OpenAPI Explorer, no manual signing needed. Successful calls auto-generate SDK code matching your parameters. Download it with built-in credential security for local usage.

Test

RAM authorization

The table below describes the authorization required to call this API. You can define it in a Resource Access Management (RAM) policy. The table's columns are detailed below:

Action: The actions can be used in the Action element of RAM permission policy statements to grant permissions to perform the operation.
API: The API that you can call to perform the action.
Access level: The predefined level of access granted for each API. Valid values: create, list, get, update, and delete.
Resource type: The type of the resource that supports authorization to perform the action. It indicates if the action supports resource-level permission. The specified resource must be compatible with the action. Otherwise, the policy will be ineffective.
- For APIs with resource-level permissions, required resource types are marked with an asterisk (*). Specify the corresponding Alibaba Cloud Resource Name (ARN) in the Resource element of the policy.
- For APIs without resource-level permissions, it is shown as All Resources. Use an asterisk (*) in the Resource element of the policy.
Condition key: The condition keys defined by the service. The key allows for granular control, applying to either actions alone or actions associated with specific resources. In addition to service-specific condition keys, Alibaba Cloud provides a set of common condition keys applicable across all RAM-supported services.
Dependent action: The dependent actions required to run the action. To complete the action, the RAM user or the RAM role must have the permissions to perform all dependent actions.

Action

Access level

Resource type

Condition key

Dependent action

vpc:UpdateTrafficMirrorFilterRuleAttribute

update

*TrafficMirrorFilter

acs:vpc:{#regionId}:{#accountId}:trafficmirrorfilter/{#TrafficMirrorFilterId}

None

Request parameters

Parameter	Type	Required	Description	Example
TrafficMirrorFilterRuleId	string	Yes	The ID of the inbound or outbound rule.	tmr-j6c89rzmtd3hhdugq****
ClientToken	string	No	The client token that is used to ensure the idempotence of the request. You can use the client to generate the value, but you must make sure that it is unique among different requests. The client token can contain only ASCII characters. Note If you do not set this parameter, the system uses RequestId as ClientToken. RequestId may be different for each API request.	0c593ea1-3bea-11e9-b96b-88e9fe637760
DryRun	boolean	No	Specifies whether to check the request without performing the operation. Valid values: true: only checks the API request. The configuration of the inbound or outbound rule is not modified. The system checks the required parameters, request syntax, and limits. If the request fails to pass the check, an error message is returned. If the request passes the precheck, the `DryRunOperation` error code is returned. false: sends the request. This is the default value. If the request passes the check, a 2xx HTTP status code is returned and the configuration of the inbound or outbound rule is modified.	false
Priority	integer	No	The new priority of the inbound or outbound rule. A smaller value indicates a higher priority.	1
Protocol	string	No	The new protocol that is used by the traffic to be mirrored by the inbound or outbound rule. Valid values: ALL: all protocols ICMP: Internet Control Message Protocol (ICMP) TCP: TCP UDP: User Datagram Protocol (UDP)	ICMP
RuleAction	string	No	The new action of the inbound or outbound rule. Valid values: accept: accepts network traffic. drop: drops network traffic.	accept
DestinationCidrBlock	string	No	The new destination CIDR block of the inbound or outbound traffic.	10.0.0.0/24
SourceCidrBlock	string	No	The new source CIDR block of the inbound or outbound traffic.	0.0.0.0/0
DestinationPortRange	string	No	The new destination port range of the inbound or outbound traffic. Note If you set Protocol to ICMP, you cannot change the port range.	-1/-1
SourcePortRange	string	No	The new source port range of the inbound or outbound traffic. Note If you set Protocol to ICMP, you cannot change the port range.	22/40
RegionId	string	Yes	The ID of the region to which the mirrored traffic belongs. You can call the DescribeRegions operation to query the most recent region list. For more information about regions that support traffic mirroring, see Overview of traffic mirroring.	cn-hongkong

Response elements

Element	Type	Description	Example
	object
RequestId	string	The ID of the request.	02EB8585-D4DC-4E29-A0F4-7C588C82863C

Examples

Success response

JSON format

{
  "RequestId": "02EB8585-D4DC-4E29-A0F4-7C588C82863C"
}

Error codes

HTTP status code	Error code	Error message	Description
400	ResourceNotFound.TrafficMirrorRule	The specified resource of traffic mirror rule is not found.
400	IncorrectStatus.TrafficMirrorRule	The status of traffic mirror rule is incorrect.	The filter rule is in an invalid state.
400	DuplicatedParam.Priority	The specified priority conflicts with the existing priority.	The specified priority is the same as an existing one.
400	IllegalParam.Protocol	The specified Protocol is invalid.	The protocol is invalid.
400	IllegalParam.SourceCidrBlock	The param of SourceCidrBlock is illegal.	The param of SourceCidrBlock is illegal.
400	IllegalParam.DestinationCidrBlock	The param of DestinationCidrBlock is illegal.	The param of DestinationCidrBlock is illegal.

See Error Codes for a complete list.

Release notes

See Release Notes for a complete list.