Help Center/ VPC Endpoint/ API Reference/ API/ VPC Endpoints/ Updating a VPC Endpoint
Updated on 2024-09-11 GMT+08:00

Updating a VPC Endpoint

Function

This API is used to update or delete the whitelist of a VPC endpoint.

Calling Method

For details, see Calling APIs.

URI

PUT /v1/{project_id}/vpc-endpoints/{vpc_endpoint_id}

Table 1 Path Parameters

Parameter

Mandatory

Type

Description

project_id

Yes

String

Specifies the project ID. For details about how to obtain the project ID, see "Obtaining a Project ID".

Minimum: 1

Maximum: 64

vpc_endpoint_id

Yes

String

Specifies the ID of the VPC endpoint.

Minimum: 1

Maximum: 64

Request Parameters

Table 2 Request header parameters

Parameter

Mandatory

Type

Description

X-Auth-Token

Yes

String

Specifies the user token. It can be obtained by calling the IAM API. The value of X-Subject-Token in the response header is the user token.

Content-Type

No

String

Specifies the MIME type of the request body. Default value application/json is recommended. For APIs used to upload objects or images, the MIME type varies depending on the flow type.

Default: application/json

Table 3 Request body parameters

Parameter

Mandatory

Type

Description

whitelist

No

Array of strings

Specifies the whitelist updated or deleted for controlling access to VPC endpoints. The value can be an IPv4 address or CIDR block. The setting descriptions are as follows: ● If the value is specified, the whitelist is updated to the specified value. ● If this parameter is left blank, all whitelists are deleted. The whitelist is left blank by default.

Minimum: 0

Maximum: 32

enable_whitelist

No

Boolean

Specifies whether to enable network ACL isolation. ● true: The network ACL isolation is enabled. ● false: The network ACL isolation is disabled. The default value is false.

Response Parameters

Status code: 200

Table 4 Response body parameters

Parameter

Type

Description

id

String

Specifies the unique ID of the VPC endpoint.

Minimum: 1

Maximum: 64

service_type

String

Specifies the type of the VPC endpoint service that the VPC endpoint is used to connect to.

  • gateway: indicates the VPC endpoint services that are configured by the O&M personnel. You can use them directly without creating them by yourselves.

  • interface: indicates the cloud services configured by the O&M personnel and private services created by yourselves. You cannot configure these cloud services, but can use them. You can query the public VPC endpoint services to view the VPC endpoint services that are visible and accessible to all users and are configured by the O&M personnel. You can create interface VPC endpoint services.

status

String

Specifies the status of the VPC endpoint.

  • pendingAcceptance: The VPC endpoint is to be accepted.

  • creating: The VPC endpoint is being created.

  • accepted: The VPC endpoint has been accepted.

  • rejected: The VPC endpoint has been rejected.

  • failed: The VPC endpoint failed to be created.

  • deleting: The VPC endpoint is being deleted.

ip

String

Specifies the IP address for accessing the associated VPC endpoint service. This parameter is returned only under the following conditions:

  • You query a VPC endpoint for accessing an interface VPC endpoint service.

  • Connection approval is enabled for the VPC endpoint service, and the connection has been approved. status of the VPC endpoint can be accepted or rejected. The rejected status only appears when the VPC endpoint is accepted and then rejected.

Minimum: 1

Maximum: 64

active_status

Array of strings

Specifies the account status.

  • frozen: The account is frozen.

  • active: The account is unfrozen.

endpoint_service_name

String

Specifies the name of the VPC endpoint service.

marker_id

Integer

Specifies the packet ID of the VPC endpoint.

endpoint_service_id

String

Specifies the ID of the VPC endpoint service.

Minimum: 1

Maximum: 64

enable_dns

Boolean

Specifies whether to create a domain name.

  • true: Create a domain name.

  • false: Do not create a domain name. Note When you create a VPC endpoint for connecting to a gateway VPC endpoint service, no domain name is created regardless of whether enable_dns is set to true or false.

dns_names

Array of strings

Specifies the domain name for accessing the associated VPC endpoint service. This parameter is available when enable_dns is set to true.

Minimum: 0

Maximum: 32

subnet_id

String

Specifies the ID of the subnet in the VPC specified by vpc_id. The ID is in UUID format.

Minimum: 1

Maximum: 64

vpc_id

String

Specifies the ID of the VPC where the VPC endpoint is to be created.

Minimum: 1

Maximum: 64

created_at

String

Specifies when the VPC endpoint was created. The UTC time format YYYY-MM-DDTHH:MM:SSZ is used.

updated_at

String

Specifies the update time of the VPC endpoint. The UTC time format YYYY-MM-DDTHH:MM:SSZ is used.

project_id

String

Specifies the project ID. For details about how to obtain the project ID, see "Obtaining a Project ID".

Minimum: 1

Maximum: 64

tags

Array of TagList objects

Specifies the list of queried tags. If no tag is matched, an empty array is returned.

whitelist

Array of strings

Specifies the whitelist for controlling access to the VPC endpoint. If you do not specify this parameter, an empty whitelist will be returned. This parameter is available only when you create a VPC endpoint for connecting to an interface VPC endpoint service.

Minimum: 0

Maximum: 32

enable_whitelist

Boolean

Specifies whether access control is enabled.

  • true: Access control is enabled.

  • false: Access control is disabled. If you do not specify this parameter, access control is disabled. This parameter is available only when you create a VPC endpoint for connecting to an interface VPC endpoint service.

policy_statement

Array of PolicyStatement objects

Specifies the policy of the gateway VPC endpoint. This parameter is only available when enable_policy of the VPC endpoint services for OBS and SFS is set to true.

Array Length: 0 - 10

policy_document

Object

Specifies the IAM 5.0 policies.

Array Length: 0 - 20480

Table 5 TagList

Parameter

Type

Description

key

String

Specifies the tag key. A tag key contains a maximum of 36 Unicode characters. It cannot be left blank. It cannot contain equal signs (=), asterisks (*), less than signs (<), greater than signs (>), backslashes (), commas (,), vertical bars (|), and slashes (/), and the first and last characters cannot be spaces.

Minimum: 1

Maximum: 128

value

String

Specifies the tag key. A tag value contains a maximum of 43 Unicode characters and can be an empty string. It cannot contain equal signs (=), asterisks (*), less than signs(<), greater than signs (>), backslashes (), commas (,), vertical bars (|), and slashes (/), and the first and last characters cannot be spaces.

Maximum: 255

Table 6 PolicyStatement

Parameter

Type

Description

Effect

String

  • Allow indicates that the VPC endpoint policy can be modified.

  • Deny indicates that the VPC endpoint policy cannot be modified.

Action

Array of strings

Specifies OBS access permissions.

Resource

Array of strings

Specifies the OBS object.

Example Requests

Updating a VPC endpoint (Setting whitelist to 192.168.1.1 and 192.168.1.2 and enable_whitelist to true)

PUT https://{endpoint}/v1/{project_id}/vpc-endpoints/4189d3c2-8882-4871-a3c2- d380272eed83

{ 
  "whitelist":
             [
              "192.168.1.1",
              "192.168.1.2"
             ],
  "enable_whitelist":true,
}

Example Responses

Status code: 200

The server has successfully processed the request.

{
  "id" : "4189d3c2-8882-4871-a3c2-d380272eed83",
  "service_type" : "interface",
  "status" : "accepted",
  "ip" : "10.32.xx.xx",
  "marker_id" : 322312312312,
  "vpc_id" : "4189d3c2-8882-4871-a3c2-d380272eed83",
  "enable_dns" : true,
  "endpoint_service_name" : "test123",
  "endpoint_service_id" : "test123",
  "project_id" : "6e9dfd51d1124e8d8498dce894923a0d",
  "whitelist" : [ "192.168.1.1", "192.168.1.2" ],
  "enable_whitelist" : true,
  "created_at" : "2022-04-14T09:35:47Z",
  "updated_at" : "2022-04-14T09:36:47Z",
  "tags" : [ {
    "key" : "test1",
    "value" : "test1"
  } ]
}

SDK Sample Code

The SDK sample code is as follows.

Updating a VPC endpoint (Setting whitelist to 192.168.1.1 and 192.168.1.2 and enable_whitelist to true)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
package com.huaweicloud.sdk.test;

import com.huaweicloud.sdk.core.auth.ICredential;
import com.huaweicloud.sdk.core.auth.BasicCredentials;
import com.huaweicloud.sdk.core.exception.ConnectionException;
import com.huaweicloud.sdk.core.exception.RequestTimeoutException;
import com.huaweicloud.sdk.core.exception.ServiceResponseException;
import com.huaweicloud.sdk.vpcep.v1.region.VpcepRegion;
import com.huaweicloud.sdk.vpcep.v1.*;
import com.huaweicloud.sdk.vpcep.v1.model.*;

import java.util.List;
import java.util.ArrayList;

public class UpdateEndpointWhiteSolution {

    public static void main(String[] args) {
        // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
        // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
        String ak = System.getenv("CLOUD_SDK_AK");
        String sk = System.getenv("CLOUD_SDK_SK");

        ICredential auth = new BasicCredentials()
                .withAk(ak)
                .withSk(sk);

        VpcepClient client = VpcepClient.newBuilder()
                .withCredential(auth)
                .withRegion(VpcepRegion.valueOf("<YOUR REGION>"))
                .build();
        UpdateEndpointWhiteRequest request = new UpdateEndpointWhiteRequest();
        UpdateEndpointWhiteRequestBody body = new UpdateEndpointWhiteRequestBody();
        List<String> listbodyWhitelist = new ArrayList<>();
        listbodyWhitelist.add("192.168.1.1");
        listbodyWhitelist.add("192.168.1.2");
        body.withEnableWhitelist(true);
        body.withWhitelist(listbodyWhitelist);
        request.withBody(body);
        try {
            UpdateEndpointWhiteResponse response = client.updateEndpointWhite(request);
            System.out.println(response.toString());
        } catch (ConnectionException e) {
            e.printStackTrace();
        } catch (RequestTimeoutException e) {
            e.printStackTrace();
        } catch (ServiceResponseException e) {
            e.printStackTrace();
            System.out.println(e.getHttpStatusCode());
            System.out.println(e.getRequestId());
            System.out.println(e.getErrorCode());
            System.out.println(e.getErrorMsg());
        }
    }
}

Updating a VPC endpoint (Setting whitelist to 192.168.1.1 and 192.168.1.2 and enable_whitelist to true)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
# coding: utf-8

import os
from huaweicloudsdkcore.auth.credentials import BasicCredentials
from huaweicloudsdkvpcep.v1.region.vpcep_region import VpcepRegion
from huaweicloudsdkcore.exceptions import exceptions
from huaweicloudsdkvpcep.v1 import *

if __name__ == "__main__":
    # The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    # In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak = os.environ["CLOUD_SDK_AK"]
    sk = os.environ["CLOUD_SDK_SK"]

    credentials = BasicCredentials(ak, sk)

    client = VpcepClient.new_builder() \
        .with_credentials(credentials) \
        .with_region(VpcepRegion.value_of("<YOUR REGION>")) \
        .build()

    try:
        request = UpdateEndpointWhiteRequest()
        listWhitelistbody = [
            "192.168.1.1",
            "192.168.1.2"
        ]
        request.body = UpdateEndpointWhiteRequestBody(
            enable_whitelist=True,
            whitelist=listWhitelistbody
        )
        response = client.update_endpoint_white(request)
        print(response)
    except exceptions.ClientRequestException as e:
        print(e.status_code)
        print(e.request_id)
        print(e.error_code)
        print(e.error_msg)

Updating a VPC endpoint (Setting whitelist to 192.168.1.1 and 192.168.1.2 and enable_whitelist to true)

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
package main

import (
	"fmt"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/core/auth/basic"
    vpcep "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpcep/v1"
	"github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpcep/v1/model"
    region "github.com/huaweicloud/huaweicloud-sdk-go-v3/services/vpcep/v1/region"
)

func main() {
    // The AK and SK used for authentication are hard-coded or stored in plaintext, which has great security risks. It is recommended that the AK and SK be stored in ciphertext in configuration files or environment variables and decrypted during use to ensure security.
    // In this example, AK and SK are stored in environment variables for authentication. Before running this example, set environment variables CLOUD_SDK_AK and CLOUD_SDK_SK in the local environment
    ak := os.Getenv("CLOUD_SDK_AK")
    sk := os.Getenv("CLOUD_SDK_SK")

    auth := basic.NewCredentialsBuilder().
        WithAk(ak).
        WithSk(sk).
        Build()

    client := vpcep.NewVpcepClient(
        vpcep.VpcepClientBuilder().
            WithRegion(region.ValueOf("<YOUR REGION>")).
            WithCredential(auth).
            Build())

    request := &model.UpdateEndpointWhiteRequest{}
	var listWhitelistbody = []string{
        "192.168.1.1",
	    "192.168.1.2",
    }
	enableWhitelistUpdateEndpointWhiteRequestBody:= true
	request.Body = &model.UpdateEndpointWhiteRequestBody{
		EnableWhitelist: &enableWhitelistUpdateEndpointWhiteRequestBody,
		Whitelist: &listWhitelistbody,
	}
	response, err := client.UpdateEndpointWhite(request)
	if err == nil {
        fmt.Printf("%+v\n", response)
    } else {
        fmt.Println(err)
    }
}

For SDK sample code of more programming languages, see the Sample Code tab in API Explorer. SDK sample code can be automatically generated.

Status Codes

Status Code

Description

200

The server has successfully processed the request.

Error Codes

See Error Codes.