Create VPC Network ACL

Last updated: 2020-08-28 14:55:08


    This is a legacy API which has been hidden and will no longer be updated. We recommend using the new VPC API 3.0 which is standardized and faster.

    1. API Description

    This API (CreateNetworkAcl) is used to create network ACL.
    Domain for API request:

    1) A network ACL is a set of network security policies configured for a certain subnet, it is different from security groups in CVMs. A security group is a set of security policies configured for a certain CVM.
    2) If security group policies have been configured for a CVM, and network ACL polices have been configured for the subnet in which the CVM resides, inbound requests of the CVM will match network ACL policies first, outbound requests will match security group policies first.
    3) Security groups for CVMs are stateful, while network ACLs are stateless.

    2. Input Parameters

    The following request parameter list only provides API request parameters. Common request parameters need to be added when the API is called. For more information, refer to Common Request Parameters. The Action field for this API is CreateNetworkAcl.

    Parameter Name Required Type Description
    vpcId Yes String Virtual private cloud ID of the subnet, which can be vpcId or unVpcId. unVpcId is recommended. For example: vpc-4n9efgju. You can query this through API DescribeVpcEx.
    networkAclName Yes String Network ACL name; you can specify any name you like, but its length should be limited to 60 characters. The name must be unique under the same VPC.

    3. Output Parameters

    Parameter Name Type Description
    code Int Error code, 0: Succeeded, other values: Failed.
    message String Error message.
    data.networkAclId String Network ACL ID. For example: acl-4n9efgju.

    4. Error Codes

    The following error code list only provides the business logic error codes for this API. For additional common error codes, refer to VPC Error Codes.

    Error code Description
    InvalidVpc.NotFound The VPC does not exist. Please check the information you entered. You can query the VPC via the API DescribeVpcEx.
    InvalidNetworkAclName Invalid network ACL name. It should be within 60 characters.
    NetworkAclLimitExceeded Number of created network ACLs has exceeded the limit. Please contact customer service for more resources. For more information on VPC resource restrictions, see VPC Usage Restrictions.

    5. Example

      &<Common request parameters>


        "code": 0,
        "message": "",
        "data": {
            "networkAclId": "acl-4n9efgju"

    Was this page helpful?

    Was this page helpful?

    • Not at all
    • Not very helpful
    • Somewhat helpful
    • Very helpful
    • Extremely helpful
    Send Feedback