Common Headers and Error Responses
Updated at:2025-10-16
Common header specifications
Common request headers
| Common header | Description |
|---|---|
| Authorization | Include both the Access Key and the request signature. |
| Content-Type | application/json; charset=utf-8。 |
| x-bce-date | A string representing the date that complies with API specifications. |
The standard HTTP headers are not listed here. Common header fields will appear in each BCC API and are mandatory. For POST, PUT, DELETE, and other requests, the request data should be placed in the request body.
Common response header
| Common header | Description |
|---|---|
| Content-Type | application/json; charset=utf-8。 |
| x-bce-request-id | These headers are generated by the VPC backend and automatically included in the response header. |
Error response
When an error occurs during VPC access, the corresponding error code and error information will be returned from VPC to help users identify and handle the error appropriately. If a request error occurs, detailed error information will be provided in the Response Body in the format below:
| Parameter name | Type | Description |
|---|---|---|
| code | String | Error code |
| message | String | Error description |
| requestId | String | Request ID of this request |
Example:
Plain Text
1{
2 "code": "NoSuchObject",
3 "message": "account not exist",
4 "requestId": "c4abab14-ebc4-4eb0-85d2-03c4d51eed18"
5}BCE global error codes
| Error return code | Error message | Status code | Description |
|---|---|---|---|
| AccessDenied | Access denied. | 403Forbidden | You do not have permission to access this resource. |
| QualifyNotPass | The User has not pass qualify. | 403 | The account has not passed certification |
| InappropriateJSON | The JSON you provided was well-formed and valid, but not appropriate forthis operation. | 400 Bad Request | The JSON format in the request is correct but contains semantic errors. For example, a required field might be missing, or the value type is incorrect. To ensure compatibility, unrecognized items will be ignored, and this type of error will not be returned. |
| InternalError | We encountered an internal error Please try again. | 500 Internal Server Error | All other undefined errors. This should not be used if there are clearly corresponding errors of other types, including both general and service-specific errors. |
| InvalidAccessKeyId | The Access Key ID you provided doesnot exist in our records. | 403Forbidden | The Access Key ID does not exist. |
| InvalidHTTPAuthHeader | The Access Key ID you provided does notexist in our records. | 400 BadRequest | The authorization header format is invalid. |
| InvalidHTTPRequest | There was an error in the body of your HTTP request. | 400 Bad Request | The HTTP body format is invalid, for example, it could be due to incompatible Encoding. |
| InvalidURI | Could not parse the specified URI. | 400 Bad Request | The URI format is invalid. For instance, specific service keywords do not match. For problems like ID mismatches, more specific error codes, such as NoSuchKey, should be provided. |
| MalformedJSON | The JSON you provided was not well-formed. | 400 BadRequest | The JSON format is invalid. |
| InvalidVersion | The API version specified was invalid. | 404 NotFound | The URI version number is invalid. |
| OptInRequired | A subscription for the service is required. | 403Forbidden | The corresponding service has not been activated. |
| PreconditionFailed | The specified If-Match header doesn’tmatch the ETag header. | 412PreconditionFailed | Please refer to the Etag for more information. |
| RequestExpired | Request has expired. Timestamp date is . | 400 BadRequest | Request timeout. Replace with x-bce-date. If the request contains only the Date header, convert it to datetime. |
| IdempotentParameterMismatch | The request uses the same client token asa previous, but non-identical request. | 403Forbidden | The API parameters do not match for the same clientToken. |
| SignatureDoesNotMatch | The request signature we calculated does not match the signature you provided. Check yourSecret Access Key and signing method. Consultthe service documentation for details. | 400 Bad Request | The signature in the Authorization header does not match the server's verification. |
VPC error return codes
| Error code | Error description | HTTP status code | Chinese explanation |
|---|---|---|---|
| BadRequest | Bad request parameters or illegal request. | 400 | Request error |
| NoSuchObject | The specified object is not found or resource do not exist. | 404 | Object not found |
| ServiceInternalError | Internal service occurs error. | 500 | Internal service error |
| LimitExceeded | Limit exceeded for current request. | 413 | Exceed limit |
| OperationDenied | Operation not available. | 409 | Operation not allowed |
| CidrConflict | This subnet's cidr has conflict with other subnets'. | 409 | Subnet network segments must not overlap |
| ResourceNeedRelease | Delete failed, please delete bcc, blb, nat, vpn, rds and so on in the VPC. | 409 | There are resources to be released |
ACL error return codes
| Error code | Error description | HTTP status code | Semantics |
|---|---|---|---|
| InvalidAction | The ACL rule's action was invalid. | 400 | The ACL rule policy is invalid. |
| InvalidProtocol | The ACL rule's protocal was invalid. | 400 | The ACL rule protocol is invalid. |
| InvalidPosition | The ACL rule's position was out of range. | 400 | The ACL rule priority is outside the valid range. |
| DuplicatePosition | The ACL rule's position was repeated. | 400 | The ACL rule priority is duplicated. |
| InvalidPort | The ACL rule's port was invalid. | 400 | The ACL rule port is invalid. |
NAT gateway error return code
| Error code | Error description | HTTP status code | Semantics |
|---|---|---|---|
| RequestVpcIdEmpty | The request's param vpcId cannot be empty. | 400 | The vpcId in the request parameters must not be empty. |
| RequestNatIdEmpty | The request's param natId cannot be empty. | 400 | The natId in the request parameters must not be empty. |
| NoSuchNat | The specified nat is not found. | 404 | The NAT gateway specified in the query was not found. |
| RequestNameEmpty | The request's param name cannot be empty. | 400 | The name in the request parameters must not be empty. |
| RequestSpecEmpty | The request's param spec cannot be empty. | 400 | The spec in the request parameters must not be empty. |
| RequestBillingEmpty | The request's param billing cannot be empty. | 400 | The billing information in the request parameters must not be empty. |
| SpecInvalid | The request's param spec is invalid. | 400 | The spec in the request parameters is invalid. |
| PaymentTimingEmpty | The request's param paymentTiming cannot be empty. | 400 | The paymentTiming in the request parameters must not be empty. |
| PaymentTimingInvalid | The request's param paymentTiming is invalid. | 400 | The paymentTiming in the request parameters is invalid. |
| ReservationEmpty | The request's param reservation cannot be empty when paymentiming is Preaid. | 400 | If paymentTiming is set as prepaid in the request parameters, the reservation field cannot be left empty. |
| createOrderError | Create nat gateway order error. | 500 | Failed to create the NAT order. |
| subnatEmpty | The VPC in the creation request has no subnet. | 500 | The creation request lacks a subnet for the VPC. |
| NoSuchEip | The specified eip is not found. | 404 | The specified EIP could not be located. |
| RequestEipInvalid | The request's param eip is invalid. | 400 | The EIP provided in the request parameters is invalid. |
| NatPostpaid | Postpaid nat cannot be renewed. | 400 | Postpay NAT instances cannot be renewed. |
| ReservationLengthInvalid | The request's param reservationLength is invalid. | 400 | The reservationLength in the request parameters is not valid. |
| ReservationTimeUnitInvalid | The request's param reservationTimeUnit is invalid. | 400 | The reservationTimeUnit in the request parameters is not valid. |
| NatIdInvalid | The natId is invalid | 400 | The natId is invalid |
| SnatRuleSourceAddressInvalid | The snat rule source address is invalid | 400 | The source address is invalid |
| CidrFormatIllegal | Cidr format is illegal. | 400 | The source address format is incorrect |
| SnatRuleSourceAddressConflict | The snat rule source address is conflict | 400 | The source address conflict |
| LimitExceeded | Limit exceeded for current request. | 400 | Quota exceeded |
| RuleIdNotExist | The rule id is not exist | 404 | The ruleId is invalid |
| BadRequest | Bad request parameters or illegal request. | 400 | The parameter is invalid |
| SnatRuleEipsInvalid | The snat rule eips is invalid | 400 | The public IP is invalid |
| DnatRuleConflictException | The DnatRule's protocol Ip and port has exist. | 400 | The DNAT rule is conflicting |
| DnatRuleProtocolInvalid | The DnatRule's protocol is invalid. | 400 | The DNAT protocol is invalid |
| DnatRuleInternalPortInvalid | The DnatRule's internal port is invalid. | 400 | The intranet IP port is invalid |
| DnatRulePublicPortInvalid | The DnatRule's public port is invalid. | 400 | The public IP port is invalid |
| DnatRuleInternalIpInvalid | The DnatRule's internalIp not allow empty. | 400 | The intranet IP is invalid |
| DnatRuleEipNotAllowEmpty | The DnatRule's eip not allow empty. | 400 | The DNAT EIP rules cannot be empty |
| DnatEipEmpty | The NatGateway is not bind dnat eip. | 400 | The DNAT EIP is not bound to the NAT gateway |
| DnatRuleEipInvalid | The DnatRule’s eip is invalid. | 400 | The bound EIP does not match the DNAT EIP bound to the NAT gateway |
| DnatRuleIdException | The DnatRule's id invalid. | 400 | The DNAT rule ID is invalid |
Peering connections error return codes
| Error code | Error description | HTTP status code | Semantics |
|---|---|---|---|
| BadRequest | BadRequest | 400 | Request parameter error |
| UnsupportedPeerConnOperation | The peerConn does not support this operation | 400 | Peering connections do not support this operation |
| PeerIfNameException | diff account are not allowed to set PeerIfName | 400 | Cross-account peering connections do not allow setting peer API names. |
| ResizeException | The prepay peerConn only support enlarge bandwidth | 400 | Prepay peering connections support only upgrade operations. |
Elastic network interface service error codes
| Error code | Error description | HTTP status code | Semantics |
|---|---|---|---|
| SubnetHasNoMoreIpException | The subnet has no more Ip to allocate. | 400 | There are no available IPs in this subnet. |
| VmMemoryCanNotAttachMoreIpException | The device's memory can not attach more ip. | 403 | No additional IPs can be added to the virtual machine's memory. |
| DeviceInvalidException | he deviceId is not same with eni's deviceId. | 400 | The provided virtual machine ID is invalid. |
| VmStatusException | The vm status is not allowed to operate. | 403 | The current virtual machine status does not allow this operation |
| EniAndDeviceNotInSameAzException | The eni and device not in same az or not in same vpc. | 403 | The network interface card and the virtual machine do not belong to the same availability zone |
| NatSubnetCanNotBindEip | The subnet's type can not allow bind eip. | 403 | No EIPs are allowed to be bound to the elastic network interfaces in NAT-type subnets |
| PrimaryIPException | The privateIp is invalid or primary Ip is not allowed to delete. | 403 | The primary IP cannot be deleted |
| EniStatusException | The eni status is not allowed to operate. | 403 | The current network interface card status does not allow this operation |
| EniIdException | The param eniId is invalid. | 400 | The network interface card ID is invalid |
| PrivateIpInUseException | The ip is inuse. | 400 | The IP address has already been occupied |
| SubnetTypeInvalidException | The subnetType is invalid,not allow create eni in subnet which type is BBC and BBC_NAT. | 400 | The elastic network interfaces cannot be created in BBC or BBC_NAT subnets |
| MaxKeysParamInvalidException | maxkeys ${maxKeys} invalid | 400 | Invalid maximum parameter count |
| EniIdBlankException | eniId is blank | 400 | The eniId is empty |
| InstanceIdBlankException | instanceId is blank | 400 | The instanceId is empty |
| ResourceNotExistException | resource: ${resourceId} not found! | 404 | Resource does not exist |
| PrivateIpBlankException | PrivateIp is blank | 400 | The privateIp is empty |
| EipBlankException | Eip is blank | 400 | The public IP is empty |
| SecurityGroupIdsBlankException | SecurityGroupIds is blank | 400 | The security group ID is empty |
| PrivateIpConflictException | privateIpAddresses or privateIpAddressCount can only be specified in one request. | 400 | The intranet IP parameter is conflicting |
| PrivateIpFormatInvalidException | The PrivateIp address is invalid. | 400 | The intranet IP format is invalid |
| PrivateIpNotInCidrException | The PrivateIp address is not in subnet cidr. | 400 | The Internal IP is not within the subnet |