Creating a VPC Endpoint Service_VPC Endpoint Services_API_API Reference

Function

This API is used to create a VPC endpoint service. Other users can create a VPC endpoint to connect to the endpoint service.

This is an asynchronous API. If it is successfully called, status code 200 is returned, indicating that the request has been successfully delivered. It takes 1 to 2 minutes to create a VPC endpoint service. You can query whether it has been created by referring to Querying Details of a VPC Endpoint Service.

Calling Method

For details, see Calling APIs.

Authorization Information

Each account has all the permissions required to call all APIs, but IAM users must be assigned the required permissions.

If you are using role/policy-based authorization, see Permissions Policies and Supported Actions for details on the required permissions.

If you are using identity policy-based authorization, the following identity policy-based permissions are required.

Action	Access Level	Resource Type (*: required)	Condition Key	Alias	Dependencies
vpcep:endpointServices:create	Write	endpointServices *	vpcep:VpceServicePrivateDnsName	vpcep:epservices:create	-
		vpc *	-
		-	g:RequestTag/<tag-key> g:TagKeys g:EnterpriseProjectId

URI

POST /v1/{project_id}/vpc-endpoint-services

**Table 1** Path Parameters
Parameter	Mandatory	Type	Description
project_id	Yes	String	Project ID. For details about how to obtain the project ID, see Obtaining a Project ID.

Request Parameters

**Table 2** Request header parameters
Parameter	Mandatory	Type	Description
X-Auth-Token	Yes	String	Specifies the user token. It is a response to the API for obtaining a user token. This API is the only one that does not require authentication.The value of X-Subject-Token in the response header is the token value.
Content-Type	No	String	Specifies the MIME type of the request body. Default value application/json is recommended. For APIs used to upload objects or images, the MIME type varies depending on the flow type.

**Table 3** Request body parameters
Parameter	Mandatory	Type	Description
port_id	Yes	String	Specifies the ID that identifies the backend resource of the VPC endpoint service. The ID is in UUID format. The value can be: The port ID of the private IP address of a load balancer (recommended). The NIC ID of an ECS IP address. The NIC ID of the virtual server for which the virtual IP address is configured (discarded). You cannot create a VPC endpoint service in a VPC whose CIDR block overlaps with 198.19.128.0/17. The destination address of the custom route in the VPC route table cannot overlap with 198.19.128.0/17. For details, see section "Viewing Details of a Load Balancer" in the Elastic Load Balance API Reference. For details, see the port_id field in the response parameters of section "Querying NICs of an ECS" in the Elastic Cloud Server API Reference. Note:
service_name	No	String	Specifies the name of the VPC endpoint service. The name can contain a maximum of 16 characters, including letters, digits, underscores (_), and hyphens (-). If you do not specify this parameter, the VPC endpoint service name is in regionName.serviceId format: If you specify a valid value, the VPC endpoint service name is in the following format: regionNameserviceNameserviceId.
vpc_id	Yes	String	Specifies the ID of the VPC where the backend resource of the VPC endpoint service is located.
approval_enabled	No	Boolean	Specifies whether connection approval is required. false: Connection approval is not required. The created VPC endpoint is in the accepted state. true: Connection approval is required. The created VPC endpoint is in the pendingAcceptance state, and it can be used only after being approved by the user of the VPC endpoint service. The default value is true.
service_type	No	String	Specifies the type of the VPC endpoint service. Only your private services can be configured into interface VPC endpoint services. There are two types of VPC endpoint services: interface and gateway. gateway: indicates the VPC endpoint services that are configured by the O&M personnel. You can use them directly without creating them by yourselves. interface: indicates the cloud services configured by the O&M personnel and private services created by yourselves. You can directly use the cloud services configured by the O&M personnel without creating them by yourself. You can query the public VPC endpoint services to view the VPC endpoint services that are visible and accessible to all users and are configured by the O&M personnel. You can create VPC endpoints to connect to gateway and interface VPC endpoint services.
server_type	Yes	String	Specifies the resource type. VM: indicates a cloud server. VIP: indicates a virtual IP address. (This value has been discarded. LB is recommended.) LB: indicates a load balancer that works well for high-traffic services that require high reliability and disaster recovery (DR) performance.
ip	No	String	Specifies the IPv4 address or domain name of the interface VPC endpoint in VLAN scenarios.
ports	Yes	Array of PortList objects	Specifies the port mappings opened by the VPC endpoint service. Duplicate port mappings are not allowed in the same VPC endpoint service. If multiple VPC endpoint services share one port ID, the combinations of server ports and protocols for all port mappings between VPC endpoint services must be unique. A maximum of 200 port mappings can be added at a time.
tcp_proxy	No	String	Specifies whether to transfer client information, such as source IP addresses, source port numbers, and marker IDs, to the server. The information can be sent to the server in the following ways: TCP TOA: The client information is placed into the tcp option field and sent to the server. Proxy Protocol: The client information is placed into the tcp payload field and sent to the server. close: Neither TCP TOA nor Proxy Protocol information is carried. toa_open: TCP TOA information is carried. proxy_open: Proxy Protocol information in carried. open: Both TCP TOA and Proxy Protocol information are carried. Note: TCP TOA is available only when the backend resource is an OBS resource. tcp_proxy is available only when the server can parse the tcp option and tcp payload fields. The value can be one of the following: The default value is close.
tags	No	Array of TagList objects	Lists the resource tags. A maximum of 20 tags can be added to each VPC endpoint service.
description	No	String	Specifies the description field. The value can contain characters such as letters and digits, but cannot contain angle brackets (< or >).
ip_version	No	String	Specifies the IP version of the VPC endpoint service. Only professional VPC endpoint services support this parameter. ipv4: The IP address of the VPC endpoint service is an IPv4 address. ipv6: The IP address of the VPC endpoint service is an IPv6 address.
snat_network_id	No	String	Specifies the network ID of the subnet in the VPC where the VPC endpoint service is created. This parameter is used when an interface VPC endpoint service is created and ip_version is set to IPv6.

**Table 4** PortList
Parameter	Mandatory	Type	Description
client_port	No	Integer	Specifies the port to be accessed by a VPC endpoint. This port is provided by the VPC endpoint, allowing you to access the VPC endpoint service. Supported range: 1 to 65535.
server_port	No	Integer	Specifies the port for accessing the VPC endpoint service. This port is associated with backend resources to provide VPC endpoint services. Supported range: 1 to 65535
protocol	No	String	Port mapping protocol. TCP is supported.

**Table 5** TagList
Parameter	Mandatory	Type	Description
key	No	String	Specifies the tag key. key cannot be left blank. A key can contain 1 to 128 characters. A key can contain UTF-8 letters, digits, spaces, and the following special characters _ . : = + - @ Keys cannot start with _sys_ because it indicates a system tag. A key cannot start or end with a space.
value	No	String	Specifies the tag value. A value can contain 0 to 255 characters. A value can contain UTF-8 letters, digits, spaces, and the following special characters _ . : / = + - @ A value can be an empty string.

Response Parameters

Status code: 200

**Table 6** Response body parameters
Parameter	Type	Description
id	String	Specifies the unique ID of the VPC endpoint service.
port_id	String	Specifies the ID that identifies the backend resource of the VPC endpoint service. The ID is in UUID format. The value can be: LB: indicates the port ID of the private IP address of a load balancer (recommended). VM: indicates the NIC ID of an ECS IP address. VIP: indicates the NIC ID of the virtual server for which the virtual IP address is configured. (This value has been discarded. LB is recommended.)
service_name	String	Specifies the name of the VPC endpoint service.
server_type	String	Specifies the resource type. VM: cloud server VIP: virtual IP address LB: enhanced load balancer
vpc_id	String	Specifies the ID of the VPC where the backend resource of the VPC endpoint service is located.
pool_id	String	Specifies the cluster ID of the VPC endpoint service.
approval_enabled	Boolean	Specifies whether connection approval is required. false: Connection approval is not required. The created VPC endpoint is in the accepted state. true: Connection approval is required. The created VPC endpoint is in the pendingAcceptance state, and it can be used only after being approved by the user of the VPC endpoint service.
status	String	Specifies the status of the VPC endpoint service. creating: The VPC endpoint service is being created. available: The VPC endpoint service is connectable. failed: The VPC endpoint service failed to be created.
service_type	String	Specifies the type of the VPC endpoint service. There are two types of VPC endpoint services: interface and gateway. gateway: indicates the VPC endpoint services that are configured by the O&M personnel. You can use them directly without creating them by yourselves. interface: indicates the cloud services configured by the O&M personnel and private services created by yourselves. You cannot configure these cloud services, but can use them. You can create VPC endpoints to connect to gateway and interface VPC endpoint services.
created_at	String	Specifies when the VPC endpoint service was created. The UTC time format YYYY-MM-DDTHH:MM:SSZ is used.
updated_at	String	Specifies when the VPC endpoint service was updated. The UTC time format YYYY-MM-DDTHH:MM:SSZ is used.
project_id	String	Specifies the project ID.
ip	String	Specifies the IPv4 address or domain name of the interface VPC endpoint in VLAN scenarios.
ports	Array of PortList objects	Specifies the port mappings opened to the VPC endpoint service. Duplicate port mappings are not allowed in the same VPC endpoint service. If multiple VPC endpoint services share one port_id, either server_port or protocol, or both server_port and protocol of each of these endpoint services must be unique.
tcp_proxy	String	Specifies whether to transfer client information, such as source IP addresses, source port numbers, and marker IDs, to the server. The information can be sent to the server in the following ways: TCP TOA: The client information is placed into the tcp option field and sent to the server. Proxy Protocol: The client information is placed into the tcp payload field and sent to the server. close: Neither TCP TOA nor Proxy Protocol information is carried. toa_open: TCP TOA information is carried. proxy_open: Proxy Protocol information in carried. open: Both TCP TOA and Proxy Protocol information are carried. Note: TCP TOA is available only when the backend resource is an OBS resource. tcp_proxy is available only when the server can parse the tcp option and tcp payload fields. The value can be one of the following: The default value is close.
tags	Array of TagList objects	Specifies resource tags.
description	String	Specifies the description field. The value can contain characters such as letters and digits, but cannot contain angle brackets (< or >).
enable_policy	Boolean	Specifies whether the VPC endpoint policy can be customized. false: The VPC endpoint policy cannot be customized. true: The VPC endpoint policy can be customized. The default value is false.
ip_version	String	Specifies the IP version of the VPC endpoint service. Only professional VPC endpoint services support this parameter. ipv4: The IP address of the VPC endpoint service is an IPv4 address. ipv6: The IP address of the VPC endpoint service is an IPv6 address.

**Table 7** PortList
Parameter	Type	Description
client_port	Integer	Specifies the port to be accessed by a VPC endpoint. This port is provided by the VPC endpoint, allowing you to access the VPC endpoint service. Supported range: 1 to 65535.
server_port	Integer	Specifies the port for accessing the VPC endpoint service. This port is associated with backend resources to provide VPC endpoint services. Supported range: 1 to 65535
protocol	String	Port mapping protocol. TCP is supported.

**Table 8** TagList
Parameter	Type	Description
key	String	Specifies the tag key. key cannot be left blank. A key can contain 1 to 128 characters. A key can contain UTF-8 letters, digits, spaces, and the following special characters _ . : = + - @ Keys cannot start with _sys_ because it indicates a system tag. A key cannot start or end with a space.
value	String	Specifies the tag value. A value can contain 0 to 255 characters. A value can contain UTF-8 letters, digits, spaces, and the following special characters _ . : / = + - @ A value can be an empty string.

Example Requests

Creating an interface VPC endpoint service and setting approval_enabled to false, service type to VM, client_port to 8080 and 8081, server_port to 90 and 80, and protocol to TCP

POST https://{endpoint}/v1/{project_id}/vpc-endpoint-services

{
  "port_id" : "4189d3c2-8882-4871-a3c2-d380272eed88",
  "vpc_id" : "4189d3c2-8882-4871-a3c2-d380272eed80",
  "approval_enabled" : false,
  "service_type" : "interface",
  "server_type" : "VM",
  "ports" : [ {
    "client_port" : 8080,
    "server_port" : 90,
    "protocol" : "TCP"
  }, {
    "client_port" : 8081,
    "server_port" : 80,
    "protocol" : "TCP"
  } ]
}

Example Responses

Status code: 200

The server has successfully processed the request.

{
  "id" : "4189d3c2-8882-4871-a3c2-d380272eed83",
  "port_id" : "4189d3c2-8882-4871-a3c2-d380272eed88",
  "vpc_id" : "4189d3c2-8882-4871-a3c2-d380272eed80",
  "pool_id" : "5289d3c2-8882-4871-a3c2-d380272eed80",
  "status" : "available",
  "approval_enabled" : false,
  "service_name" : "test123",
  "service_type" : "interface",
  "server_type" : "VM",
  "project_id" : "6e9dfd51d1124e8d8498dce894923a0d",
  "created_at" : "2022-04-14T09:35:47Z",
  "ports" : [ {
    "client_port" : 8080,
    "server_port" : 90,
    "protocol" : "TCP"
  }, {
    "client_port" : 8081,
    "server_port" : 80,
    "protocol" : "TCP"
  } ]
}

Status Codes

Status Code	Description
200	The server has successfully processed the request.

Error Codes

See Error Codes.

Creating a VPC Endpoint Service