EC2

Client

class EC2.Client

A low-level client representing Amazon Elastic Compute Cloud (EC2):

import boto3

client = boto3.client('ec2')

These are the available methods:

accept_reserved_instances_exchange_quote(**kwargs)

Accepts the Convertible Reserved Instance exchange quote described in the GetReservedInstancesExchangeQuote call.

See also: AWS API Documentation

Request Syntax

response = client.accept_reserved_instances_exchange_quote(
    DryRun=True|False,
    ReservedInstanceIds=[
        'string',
    ],
    TargetConfigurations=[
        {
            'InstanceCount': 123,
            'OfferingId': 'string'
        },
    ]
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • ReservedInstanceIds (list) --

    [REQUIRED]

    The IDs of the Convertible Reserved Instances to exchange for other Convertible Reserved Instances of the same or higher value.

    • (string) --
  • TargetConfigurations (list) --

    The configurations of the Convertible Reserved Instance offerings that you are purchasing in this exchange.

    • (dict) --

      Details about the target configuration.

      • InstanceCount (integer) --

        The number of instances the Covertible Reserved Instance offering can be applied to. This parameter is reserved and cannot be specified in a request

      • OfferingId (string) -- [REQUIRED]

        The Convertible Reserved Instance offering ID.

Return type

dict

Returns

Response Syntax

{
    'ExchangeId': 'string'
}

Response Structure

  • (dict) --

    The result of the exchange and whether it was successful .

    • ExchangeId (string) --

      The ID of the successful exchange.

accept_vpc_peering_connection(**kwargs)

Accept a VPC peering connection request. To accept a request, the VPC peering connection must be in the pending-acceptance state, and you must be the owner of the peer VPC. Use DescribeVpcPeeringConnections to view your outstanding VPC peering connection requests.

See also: AWS API Documentation

Request Syntax

response = client.accept_vpc_peering_connection(
    DryRun=True|False,
    VpcPeeringConnectionId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • VpcPeeringConnectionId (string) -- The ID of the VPC peering connection.
Return type

dict

Returns

Response Syntax

{
    'VpcPeeringConnection': {
        'AccepterVpcInfo': {
            'CidrBlock': 'string',
            'Ipv6CidrBlockSet': [
                {
                    'Ipv6CidrBlock': 'string'
                },
            ],
            'CidrBlockSet': [
                {
                    'CidrBlock': 'string'
                },
            ],
            'OwnerId': 'string',
            'PeeringOptions': {
                'AllowDnsResolutionFromRemoteVpc': True|False,
                'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                'AllowEgressFromLocalVpcToRemoteClassicLink': True|False
            },
            'VpcId': 'string'
        },
        'ExpirationTime': datetime(2015, 1, 1),
        'RequesterVpcInfo': {
            'CidrBlock': 'string',
            'Ipv6CidrBlockSet': [
                {
                    'Ipv6CidrBlock': 'string'
                },
            ],
            'CidrBlockSet': [
                {
                    'CidrBlock': 'string'
                },
            ],
            'OwnerId': 'string',
            'PeeringOptions': {
                'AllowDnsResolutionFromRemoteVpc': True|False,
                'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                'AllowEgressFromLocalVpcToRemoteClassicLink': True|False
            },
            'VpcId': 'string'
        },
        'Status': {
            'Code': 'initiating-request'|'pending-acceptance'|'active'|'deleted'|'rejected'|'failed'|'expired'|'provisioning'|'deleting',
            'Message': 'string'
        },
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'VpcPeeringConnectionId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of AcceptVpcPeeringConnection.

    • VpcPeeringConnection (dict) --

      Information about the VPC peering connection.

      • AccepterVpcInfo (dict) --

        Information about the accepter VPC. CIDR block information is only returned when describing an active VPC peering connection.

        • CidrBlock (string) --

          The IPv4 CIDR block for the VPC.

        • Ipv6CidrBlockSet (list) --

          The IPv6 CIDR block for the VPC.

          • (dict) --

            Describes an IPv6 CIDR block.

            • Ipv6CidrBlock (string) --

              The IPv6 CIDR block.

        • CidrBlockSet (list) --

          Information about the IPv4 CIDR blocks for the VPC.

          • (dict) --

            Describes an IPv4 CIDR block.

            • CidrBlock (string) --

              The IPv4 CIDR block.

        • OwnerId (string) --

          The AWS account ID of the VPC owner.

        • PeeringOptions (dict) --

          Information about the VPC peering connection options for the accepter or requester VPC.

          • AllowDnsResolutionFromRemoteVpc (boolean) --

            Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

          • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

            Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

          • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

            Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

        • VpcId (string) --

          The ID of the VPC.

      • ExpirationTime (datetime) --

        The time that an unaccepted VPC peering connection will expire.

      • RequesterVpcInfo (dict) --

        Information about the requester VPC. CIDR block information is only returned when describing an active VPC peering connection.

        • CidrBlock (string) --

          The IPv4 CIDR block for the VPC.

        • Ipv6CidrBlockSet (list) --

          The IPv6 CIDR block for the VPC.

          • (dict) --

            Describes an IPv6 CIDR block.

            • Ipv6CidrBlock (string) --

              The IPv6 CIDR block.

        • CidrBlockSet (list) --

          Information about the IPv4 CIDR blocks for the VPC.

          • (dict) --

            Describes an IPv4 CIDR block.

            • CidrBlock (string) --

              The IPv4 CIDR block.

        • OwnerId (string) --

          The AWS account ID of the VPC owner.

        • PeeringOptions (dict) --

          Information about the VPC peering connection options for the accepter or requester VPC.

          • AllowDnsResolutionFromRemoteVpc (boolean) --

            Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

          • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

            Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

          • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

            Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

        • VpcId (string) --

          The ID of the VPC.

      • Status (dict) --

        The status of the VPC peering connection.

        • Code (string) --

          The status of the VPC peering connection.

        • Message (string) --

          A message that provides more information about the status, if applicable.

      • Tags (list) --

        Any tags assigned to the resource.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

      • VpcPeeringConnectionId (string) --

        The ID of the VPC peering connection.

allocate_address(**kwargs)

Allocates an Elastic IP address.

An Elastic IP address is for use either in the EC2-Classic platform or in a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic per region and 5 Elastic IP addresses for EC2-VPC per region.

If you release an Elastic IP address for use in a VPC, you might be able to recover it. To recover an Elastic IP address that you released, specify it in the Address parameter. Note that you cannot recover an Elastic IP address that you released after it is allocated to another AWS account.

For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.allocate_address(
    Domain='vpc'|'standard',
    Address='string',
    DryRun=True|False
)
Parameters
  • Domain (string) --

    Set to vpc to allocate the address for use with instances in a VPC.

    Default: The address is for use with instances in EC2-Classic.

  • Address (string) -- [EC2-VPC] The Elastic IP address to recover.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'PublicIp': 'string',
    'AllocationId': 'string',
    'Domain': 'vpc'|'standard'
}

Response Structure

  • (dict) --

    Contains the output of AllocateAddress.

    • PublicIp (string) --

      The Elastic IP address.

    • AllocationId (string) --

      [EC2-VPC] The ID that AWS assigns to represent the allocation of the Elastic IP address for use with instances in a VPC.

    • Domain (string) --

      Indicates whether this Elastic IP address is for use with instances in EC2-Classic (standard ) or instances in a VPC (vpc ).

Examples

This example allocates an Elastic IP address to use with an instance in a VPC.

response = client.allocate_address(
    Domain='vpc',
)

print(response)

Expected Output:

{
    'AllocationId': 'eipalloc-64d5890a',
    'Domain': 'vpc',
    'PublicIp': '203.0.113.0',
    'ResponseMetadata': {
        '...': '...',
    },
}

This example allocates an Elastic IP address to use with an instance in EC2-Classic.

response = client.allocate_address(
)

print(response)

Expected Output:

{
    'Domain': 'standard',
    'PublicIp': '198.51.100.0',
    'ResponseMetadata': {
        '...': '...',
    },
}
allocate_hosts(**kwargs)

Allocates a Dedicated Host to your account. At minimum you need to specify the instance size type, Availability Zone, and quantity of hosts you want to allocate.

See also: AWS API Documentation

Request Syntax

response = client.allocate_hosts(
    AutoPlacement='on'|'off',
    AvailabilityZone='string',
    ClientToken='string',
    InstanceType='string',
    Quantity=123
)
Parameters
  • AutoPlacement (string) --

    This is enabled by default. This property allows instances to be automatically placed onto available Dedicated Hosts, when you are launching instances without specifying a host ID.

    Default: Enabled

  • AvailabilityZone (string) --

    [REQUIRED]

    The Availability Zone for the Dedicated Hosts.

  • ClientToken (string) -- Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see How to Ensure Idempotency in the Amazon Elastic Compute Cloud User Guide .
  • InstanceType (string) --

    [REQUIRED]

    Specify the instance type that you want your Dedicated Hosts to be configured for. When you specify the instance type, that is the only instance type that you can launch onto that host.

  • Quantity (integer) --

    [REQUIRED]

    The number of Dedicated Hosts you want to allocate to your account with these parameters.

Return type

dict

Returns

Response Syntax

{
    'HostIds': [
        'string',
    ]
}

Response Structure

  • (dict) --

    Contains the output of AllocateHosts.

    • HostIds (list) --

      The ID of the allocated Dedicated Host. This is used when you want to launch an instance onto a specific host.

      • (string) --

assign_ipv6_addresses(**kwargs)

Assigns one or more IPv6 addresses to the specified network interface. You can specify one or more specific IPv6 addresses, or you can specify the number of IPv6 addresses to be automatically assigned from within the subnet's IPv6 CIDR block range. You can assign as many IPv6 addresses to a network interface as you can assign private IPv4 addresses, and the limit varies per instance type. For information, see IP Addresses Per Network Interface Per Instance Type in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.assign_ipv6_addresses(
    Ipv6AddressCount=123,
    Ipv6Addresses=[
        'string',
    ],
    NetworkInterfaceId='string'
)
Parameters
  • Ipv6AddressCount (integer) -- The number of IPv6 addresses to assign to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.
  • Ipv6Addresses (list) --

    One or more specific IPv6 addresses to be assigned to the network interface. You can't use this option if you're specifying a number of IPv6 addresses.

    • (string) --
  • NetworkInterfaceId (string) --

    [REQUIRED]

    The ID of the network interface.

Return type

dict

Returns

Response Syntax

{
    'AssignedIpv6Addresses': [
        'string',
    ],
    'NetworkInterfaceId': 'string'
}

Response Structure

  • (dict) --

    • AssignedIpv6Addresses (list) --

      The IPv6 addresses assigned to the network interface.

      • (string) --
    • NetworkInterfaceId (string) --

      The ID of the network interface.

assign_private_ip_addresses(**kwargs)

Assigns one or more secondary private IP addresses to the specified network interface. You can specify one or more specific secondary IP addresses, or you can specify the number of secondary IP addresses to be automatically assigned within the subnet's CIDR block range. The number of secondary IP addresses that you can assign to an instance varies by instance type. For information about instance types, see Instance Types in the Amazon Elastic Compute Cloud User Guide . For more information about Elastic IP addresses, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide .

AssignPrivateIpAddresses is available only in EC2-VPC.

See also: AWS API Documentation

Request Syntax

response = client.assign_private_ip_addresses(
    AllowReassignment=True|False,
    NetworkInterfaceId='string',
    PrivateIpAddresses=[
        'string',
    ],
    SecondaryPrivateIpAddressCount=123
)
Parameters
  • AllowReassignment (boolean) -- Indicates whether to allow an IP address that is already assigned to another network interface or instance to be reassigned to the specified network interface.
  • NetworkInterfaceId (string) --

    [REQUIRED]

    The ID of the network interface.

  • PrivateIpAddresses (list) --

    One or more IP addresses to be assigned as a secondary private IP address to the network interface. You can't specify this parameter when also specifying a number of secondary IP addresses.

    If you don't specify an IP address, Amazon EC2 automatically selects an IP address within the subnet range.

    • (string) --
  • SecondaryPrivateIpAddressCount (integer) -- The number of secondary IP addresses to assign to the network interface. You can't specify this parameter when also specifying private IP addresses.
Returns

None

Examples

This example assigns the specified secondary private IP address to the specified network interface.

response = client.assign_private_ip_addresses(
    NetworkInterfaceId='eni-e5aa89a3',
    PrivateIpAddresses=[
        '10.0.0.82',
    ],
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}

This example assigns two secondary private IP addresses to the specified network interface. Amazon EC2 automatically assigns these IP addresses from the available IP addresses in the CIDR block range of the subnet the network interface is associated with.

response = client.assign_private_ip_addresses(
    NetworkInterfaceId='eni-e5aa89a3',
    SecondaryPrivateIpAddressCount=2,
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
associate_address(**kwargs)

Associates an Elastic IP address with an instance or a network interface.

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide .

[EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is already associated with a different instance, it is disassociated from that instance and associated with the specified instance. If you associate an Elastic IP address with an instance that has an existing Elastic IP address, the existing address is disassociated from the instance, but remains allocated to your account.

[VPC in an EC2-Classic account] If you don't specify a private IP address, the Elastic IP address is associated with the primary IP address. If the Elastic IP address is already associated with a different instance or a network interface, you get an error unless you allow reassociation. You cannot associate an Elastic IP address with an instance or network interface that has an existing Elastic IP address.

Warning

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error, and you may be charged for each time the Elastic IP address is remapped to the same instance. For more information, see the Elastic IP Addresses section of Amazon EC2 Pricing .

See also: AWS API Documentation

Request Syntax

response = client.associate_address(
    AllocationId='string',
    InstanceId='string',
    PublicIp='string',
    AllowReassociation=True|False,
    DryRun=True|False,
    NetworkInterfaceId='string',
    PrivateIpAddress='string'
)
Parameters
  • AllocationId (string) -- [EC2-VPC] The allocation ID. This is required for EC2-VPC.
  • InstanceId (string) -- The ID of the instance. This is required for EC2-Classic. For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. The operation fails if you specify an instance ID unless exactly one network interface is attached.
  • PublicIp (string) -- The Elastic IP address. This is required for EC2-Classic.
  • AllowReassociation (boolean) -- [EC2-VPC] For a VPC in an EC2-Classic account, specify true to allow an Elastic IP address that is already associated with an instance or network interface to be reassociated with the specified instance or network interface. Otherwise, the operation fails. In a VPC in an EC2-VPC-only account, reassociation is automatic, therefore you can specify false to ensure the operation fails if the Elastic IP address is already associated with another resource.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • NetworkInterfaceId (string) -- [EC2-VPC] The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.
  • PrivateIpAddress (string) -- [EC2-VPC] The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.
Return type

dict

Returns

Response Syntax

{
    'AssociationId': 'string'
}

Response Structure

  • (dict) --

    Contains the output of AssociateAddress.

    • AssociationId (string) --

      [EC2-VPC] The ID that represents the association of the Elastic IP address with an instance.

Examples

This example associates the specified Elastic IP address with the specified instance in a VPC.

response = client.associate_address(
    AllocationId='eipalloc-64d5890a',
    InstanceId='i-0b263919b6498b123',
)

print(response)

Expected Output:

{
    'AssociationId': 'eipassoc-2bebb745',
    'ResponseMetadata': {
        '...': '...',
    },
}

This example associates the specified Elastic IP address with the specified network interface.

response = client.associate_address(
    AllocationId='eipalloc-64d5890a',
    NetworkInterfaceId='eni-1a2b3c4d',
)

print(response)

Expected Output:

{
    'AssociationId': 'eipassoc-2bebb745',
    'ResponseMetadata': {
        '...': '...',
    },
}

This example associates an Elastic IP address with an instance in EC2-Classic.

response = client.associate_address(
    InstanceId='i-07ffe74c7330ebf53',
    PublicIp='198.51.100.0',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
associate_dhcp_options(**kwargs)

Associates a set of DHCP options (that you've previously created) with the specified VPC, or associates no DHCP options with the VPC.

After you associate the options with the VPC, any existing instances and all new instances that you launch in that VPC use the options. You don't need to restart or relaunch the instances. They automatically pick up the changes within a few hours, depending on how frequently the instance renews its DHCP lease. You can explicitly renew the lease using the operating system on the instance.

For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.associate_dhcp_options(
    DhcpOptionsId='string',
    VpcId='string',
    DryRun=True|False
)
Parameters
  • DhcpOptionsId (string) --

    [REQUIRED]

    The ID of the DHCP options set, or default to associate no DHCP options with the VPC.

  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

Examples

This example associates the specified DHCP options set with the specified VPC.

response = client.associate_dhcp_options(
    DhcpOptionsId='dopt-d9070ebb',
    VpcId='vpc-a01106c2',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}

This example associates the default DHCP options set with the specified VPC.

response = client.associate_dhcp_options(
    DhcpOptionsId='default',
    VpcId='vpc-a01106c2',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
associate_iam_instance_profile(**kwargs)

Associates an IAM instance profile with a running or stopped instance. You cannot associate more than one IAM instance profile with an instance.

See also: AWS API Documentation

Request Syntax

response = client.associate_iam_instance_profile(
    IamInstanceProfile={
        'Arn': 'string',
        'Name': 'string'
    },
    InstanceId='string'
)
Parameters
  • IamInstanceProfile (dict) --

    [REQUIRED]

    The IAM instance profile.

    • Arn (string) --

      The Amazon Resource Name (ARN) of the instance profile.

    • Name (string) --

      The name of the instance profile.

  • InstanceId (string) --

    [REQUIRED]

    The ID of the instance.

Return type

dict

Returns

Response Syntax

{
    'IamInstanceProfileAssociation': {
        'AssociationId': 'string',
        'InstanceId': 'string',
        'IamInstanceProfile': {
            'Arn': 'string',
            'Id': 'string'
        },
        'State': 'associating'|'associated'|'disassociating'|'disassociated',
        'Timestamp': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    • IamInstanceProfileAssociation (dict) --

      Information about the IAM instance profile association.

      • AssociationId (string) --

        The ID of the association.

      • InstanceId (string) --

        The ID of the instance.

      • IamInstanceProfile (dict) --

        The IAM instance profile.

        • Arn (string) --

          The Amazon Resource Name (ARN) of the instance profile.

        • Id (string) --

          The ID of the instance profile.

      • State (string) --

        The state of the association.

      • Timestamp (datetime) --

        The time the IAM instance profile was associated with the instance.

associate_route_table(**kwargs)

Associates a subnet with a route table. The subnet and route table must be in the same VPC. This association causes traffic originating from the subnet to be routed according to the routes in the route table. The action returns an association ID, which you need in order to disassociate the route table from the subnet later. A route table can be associated with multiple subnets.

For more information about route tables, see Route Tables in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.associate_route_table(
    DryRun=True|False,
    RouteTableId='string',
    SubnetId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • RouteTableId (string) --

    [REQUIRED]

    The ID of the route table.

  • SubnetId (string) --

    [REQUIRED]

    The ID of the subnet.

Return type

dict

Returns

Response Syntax

{
    'AssociationId': 'string'
}

Response Structure

  • (dict) --

    Contains the output of AssociateRouteTable.

    • AssociationId (string) --

      The route table association ID (needed to disassociate the route table).

Examples

This example associates the specified route table with the specified subnet.

response = client.associate_route_table(
    RouteTableId='rtb-22574640',
    SubnetId='subnet-9d4a7b6',
)

print(response)

Expected Output:

{
    'AssociationId': 'rtbassoc-781d0d1a',
    'ResponseMetadata': {
        '...': '...',
    },
}
associate_subnet_cidr_block(**kwargs)

Associates a CIDR block with your subnet. You can only associate a single IPv6 CIDR block with your subnet. An IPv6 CIDR block must have a prefix length of /64.

See also: AWS API Documentation

Request Syntax

response = client.associate_subnet_cidr_block(
    Ipv6CidrBlock='string',
    SubnetId='string'
)
Parameters
  • Ipv6CidrBlock (string) --

    [REQUIRED]

    The IPv6 CIDR block for your subnet. The subnet must have a /64 prefix length.

  • SubnetId (string) --

    [REQUIRED]

    The ID of your subnet.

Return type

dict

Returns

Response Syntax

{
    'Ipv6CidrBlockAssociation': {
        'AssociationId': 'string',
        'Ipv6CidrBlock': 'string',
        'Ipv6CidrBlockState': {
            'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
            'StatusMessage': 'string'
        }
    },
    'SubnetId': 'string'
}

Response Structure

  • (dict) --

    • Ipv6CidrBlockAssociation (dict) --

      Information about the IPv6 CIDR block association.

      • AssociationId (string) --

        The association ID for the CIDR block.

      • Ipv6CidrBlock (string) --

        The IPv6 CIDR block.

      • Ipv6CidrBlockState (dict) --

        Information about the state of the CIDR block.

        • State (string) --

          The state of a CIDR block.

        • StatusMessage (string) --

          A message about the status of the CIDR block, if applicable.

    • SubnetId (string) --

      The ID of the subnet.

associate_vpc_cidr_block(**kwargs)

Associates a CIDR block with your VPC. You can associate a secondary IPv4 CIDR block, or you can associate an Amazon-provided IPv6 CIDR block. The IPv6 CIDR block size is fixed at /56.

For more information about associating CIDR blocks with your VPC and applicable restrictions, see VPC and Subnet Sizing in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.associate_vpc_cidr_block(
    AmazonProvidedIpv6CidrBlock=True|False,
    CidrBlock='string',
    VpcId='string'
)
Parameters
  • AmazonProvidedIpv6CidrBlock (boolean) -- Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses, or the size of the CIDR block.
  • CidrBlock (string) -- An IPv4 CIDR block to associate with the VPC.
  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC.

Return type

dict

Returns

Response Syntax

{
    'Ipv6CidrBlockAssociation': {
        'AssociationId': 'string',
        'Ipv6CidrBlock': 'string',
        'Ipv6CidrBlockState': {
            'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
            'StatusMessage': 'string'
        }
    },
    'CidrBlockAssociation': {
        'AssociationId': 'string',
        'CidrBlock': 'string',
        'CidrBlockState': {
            'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
            'StatusMessage': 'string'
        }
    },
    'VpcId': 'string'
}

Response Structure

  • (dict) --

    • Ipv6CidrBlockAssociation (dict) --

      Information about the IPv6 CIDR block association.

      • AssociationId (string) --

        The association ID for the IPv6 CIDR block.

      • Ipv6CidrBlock (string) --

        The IPv6 CIDR block.

      • Ipv6CidrBlockState (dict) --

        Information about the state of the CIDR block.

        • State (string) --

          The state of the CIDR block.

        • StatusMessage (string) --

          A message about the status of the CIDR block, if applicable.

    • CidrBlockAssociation (dict) --

      Information about the IPv4 CIDR block association.

      • AssociationId (string) --

        The association ID for the IPv4 CIDR block.

      • CidrBlock (string) --

        The IPv4 CIDR block.

      • CidrBlockState (dict) --

        Information about the state of the CIDR block.

        • State (string) --

          The state of the CIDR block.

        • StatusMessage (string) --

          A message about the status of the CIDR block, if applicable.

    • VpcId (string) --

      The ID of the VPC.

Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC's security groups. You cannot link an EC2-Classic instance to more than one VPC at a time. You can only link an instance that's in the running state. An instance is automatically unlinked from a VPC when it's stopped - you can link it to the VPC again when you restart it.

After you've linked an instance, you cannot change the VPC security groups that are associated with it. To change the security groups, you must first unlink the instance, and then link it again.

Linking your instance to a VPC is sometimes referred to as attaching your instance.

See also: AWS API Documentation

Request Syntax

response = client.attach_classic_link_vpc(
    DryRun=True|False,
    Groups=[
        'string',
    ],
    InstanceId='string',
    VpcId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Groups (list) --

    [REQUIRED]

    The ID of one or more of the VPC's security groups. You cannot specify security groups from a different VPC.

    • (string) --
  • InstanceId (string) --

    [REQUIRED]

    The ID of an EC2-Classic instance to link to the ClassicLink-enabled VPC.

  • VpcId (string) --

    [REQUIRED]

    The ID of a ClassicLink-enabled VPC.

Return type

dict

Returns

Response Syntax

{
    'Return': True|False
}

Response Structure

  • (dict) --

    Contains the output of AttachClassicLinkVpc.

    • Return (boolean) --

      Returns true if the request succeeds; otherwise, it returns an error.

attach_internet_gateway(**kwargs)

Attaches an Internet gateway to a VPC, enabling connectivity between the Internet and the VPC. For more information about your VPC and Internet gateway, see the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.attach_internet_gateway(
    DryRun=True|False,
    InternetGatewayId='string',
    VpcId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • InternetGatewayId (string) --

    [REQUIRED]

    The ID of the Internet gateway.

  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC.

Returns

None

Examples

This example attaches the specified Internet gateway to the specified VPC.

response = client.attach_internet_gateway(
    InternetGatewayId='igw-c0a643a9',
    VpcId='vpc-a01106c2',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
attach_network_interface(**kwargs)

Attaches a network interface to an instance.

See also: AWS API Documentation

Request Syntax

response = client.attach_network_interface(
    DeviceIndex=123,
    DryRun=True|False,
    InstanceId='string',
    NetworkInterfaceId='string'
)
Parameters
  • DeviceIndex (integer) --

    [REQUIRED]

    The index of the device for the network interface attachment.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • InstanceId (string) --

    [REQUIRED]

    The ID of the instance.

  • NetworkInterfaceId (string) --

    [REQUIRED]

    The ID of the network interface.

Return type

dict

Returns

Response Syntax

{
    'AttachmentId': 'string'
}

Response Structure

  • (dict) --

    Contains the output of AttachNetworkInterface.

    • AttachmentId (string) --

      The ID of the network interface attachment.

Examples

This example attaches the specified network interface to the specified instance.

response = client.attach_network_interface(
    DeviceIndex=1,
    InstanceId='i-1234567890abcdef0',
    NetworkInterfaceId='eni-e5aa89a3',
)

print(response)

Expected Output:

{
    'AttachmentId': 'eni-attach-66c4350a',
    'ResponseMetadata': {
        '...': '...',
    },
}
attach_volume(**kwargs)

Attaches an EBS volume to a running or stopped instance and exposes it to the instance with the specified device name.

Encrypted EBS volumes may only be attached to instances that support Amazon EBS encryption. For more information, see Amazon EBS Encryption in the Amazon Elastic Compute Cloud User Guide .

For a list of supported device names, see Attaching an EBS Volume to an Instance . Any device names that aren't reserved for instance store volumes can be used for EBS volumes. For more information, see Amazon EC2 Instance Store in the Amazon Elastic Compute Cloud User Guide .

If a volume has an AWS Marketplace product code:

  • The volume can be attached only to a stopped instance.
  • AWS Marketplace product codes are copied from the volume to the instance.
  • You must be subscribed to the product.
  • The instance type and operating system of the instance must support the product. For example, you can't detach a volume from a Windows instance and attach it to a Linux instance.

For an overview of the AWS Marketplace, see Introducing AWS Marketplace .

For more information about EBS volumes, see Attaching Amazon EBS Volumes in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.attach_volume(
    Device='string',
    InstanceId='string',
    VolumeId='string',
    DryRun=True|False
)
Parameters
  • Device (string) --

    [REQUIRED]

    The device name to expose to the instance (for example, /dev/sdh or xvdh ).

  • InstanceId (string) --

    [REQUIRED]

    The ID of the instance.

  • VolumeId (string) --

    [REQUIRED]

    The ID of the EBS volume. The volume and instance must be within the same Availability Zone.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'AttachTime': datetime(2015, 1, 1),
    'Device': 'string',
    'InstanceId': 'string',
    'State': 'attaching'|'attached'|'detaching'|'detached',
    'VolumeId': 'string',
    'DeleteOnTermination': True|False
}

Response Structure

  • (dict) --

    Describes volume attachment details.

    • AttachTime (datetime) --

      The time stamp when the attachment initiated.

    • Device (string) --

      The device name.

    • InstanceId (string) --

      The ID of the instance.

    • State (string) --

      The attachment state of the volume.

    • VolumeId (string) --

      The ID of the volume.

    • DeleteOnTermination (boolean) --

      Indicates whether the EBS volume is deleted on instance termination.

Examples

This example attaches a volume (vol-1234567890abcdef0) to an instance (i-01474ef662b89480) as /dev/sdf.

response = client.attach_volume(
    Device='/dev/sdf',
    InstanceId='i-01474ef662b89480',
    VolumeId='vol-1234567890abcdef0',
)

print(response)

Expected Output:

{
    'AttachTime': datetime(2016, 8, 29, 18, 52, 32, 0, 242, 0),
    'Device': '/dev/sdf',
    'InstanceId': 'i-01474ef662b89480',
    'State': 'attaching',
    'VolumeId': 'vol-1234567890abcdef0',
    'ResponseMetadata': {
        '...': '...',
    },
}
attach_vpn_gateway(**kwargs)

Attaches a virtual private gateway to a VPC. You can attach one virtual private gateway to one VPC at a time.

For more information, see Adding a Hardware Virtual Private Gateway to Your VPC in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.attach_vpn_gateway(
    VpcId='string',
    VpnGatewayId='string',
    DryRun=True|False
)
Parameters
  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC.

  • VpnGatewayId (string) --

    [REQUIRED]

    The ID of the virtual private gateway.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'VpcAttachment': {
        'State': 'attaching'|'attached'|'detaching'|'detached',
        'VpcId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of AttachVpnGateway.

    • VpcAttachment (dict) --

      Information about the attachment.

      • State (string) --

        The current state of the attachment.

      • VpcId (string) --

        The ID of the VPC.

authorize_security_group_egress(**kwargs)

[EC2-VPC only] Adds one or more egress rules to a security group for use with a VPC. Specifically, this action permits instances to send traffic to one or more destination IPv4 or IPv6 CIDR address ranges, or to one or more destination security groups for the same VPC. This action doesn't apply to security groups for use in EC2-Classic. For more information, see Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide . For more information about security group limits, see Amazon VPC Limits .

Each rule consists of the protocol (for example, TCP), plus either a CIDR range or a source group. For the TCP and UDP protocols, you must also specify the destination port or port range. For the ICMP protocol, you must also specify the ICMP type and code. You can use -1 for the type or code to mean all types or all codes. You can optionally specify a description for the rule.

Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.

See also: AWS API Documentation

Request Syntax

response = client.authorize_security_group_egress(
    DryRun=True|False,
    GroupId='string',
    IpPermissions=[
        {
            'FromPort': 123,
            'IpProtocol': 'string',
            'IpRanges': [
                {
                    'CidrIp': 'string',
                    'Description': 'string'
                },
            ],
            'Ipv6Ranges': [
                {
                    'CidrIpv6': 'string',
                    'Description': 'string'
                },
            ],
            'PrefixListIds': [
                {
                    'Description': 'string',
                    'PrefixListId': 'string'
                },
            ],
            'ToPort': 123,
            'UserIdGroupPairs': [
                {
                    'Description': 'string',
                    'GroupId': 'string',
                    'GroupName': 'string',
                    'PeeringStatus': 'string',
                    'UserId': 'string',
                    'VpcId': 'string',
                    'VpcPeeringConnectionId': 'string'
                },
            ]
        },
    ],
    CidrIp='string',
    FromPort=123,
    IpProtocol='string',
    ToPort=123,
    SourceSecurityGroupName='string',
    SourceSecurityGroupOwnerId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • GroupId (string) --

    [REQUIRED]

    The ID of the security group.

  • IpPermissions (list) --

    A set of IP permissions. You can't specify a destination security group and a CIDR IP address range.

    • (dict) --

      Describes a security group rule.

      • FromPort (integer) --

        The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.

      • IpProtocol (string) --

        The IP protocol name (tcp , udp , icmp ) or number (see Protocol Numbers ).

        [EC2-VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or 58 (ICMPv6) allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For 58 (ICMPv6), you can optionally specify a port range; if you don't, traffic for all types and codes is allowed when authorizing rules.

      • IpRanges (list) --

        One or more IPv4 ranges.

        • (dict) --

          Describes an IPv4 range.

          • CidrIp (string) --

            The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix.

          • Description (string) --

            A description for the security group rule that references this IPv4 address range.

            Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

      • Ipv6Ranges (list) --

        [EC2-VPC only] One or more IPv6 ranges.

        • (dict) --

          [EC2-VPC only] Describes an IPv6 range.

          • CidrIpv6 (string) --

            The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix.

          • Description (string) --

            A description for the security group rule that references this IPv6 address range.

            Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

      • PrefixListIds (list) --

        (Valid for AuthorizeSecurityGroupEgress , RevokeSecurityGroupEgress and DescribeSecurityGroups only) One or more prefix list IDs for an AWS service. In an AuthorizeSecurityGroupEgress request, this is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.

        • (dict) --

          The ID of the prefix.

          • Description (string) --

            A description for the security group rule that references this prefix list ID.

            Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

          • PrefixListId (string) --

            The ID of the prefix.

      • ToPort (integer) --

        The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.

      • UserIdGroupPairs (list) --

        One or more security group and AWS account ID pairs.

        • (dict) --

          Describes a security group and AWS account ID pair.

          • Description (string) --

            A description for the security group rule that references this user ID group pair.

            Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

          • GroupId (string) --

            The ID of the security group.

          • GroupName (string) --

            The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.

          • PeeringStatus (string) --

            The status of a VPC peering connection, if applicable.

          • UserId (string) --

            The ID of an AWS account. For a referenced security group in another VPC, the account ID of the referenced security group is returned.

            [EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.

          • VpcId (string) --

            The ID of the VPC for the referenced security group, if applicable.

          • VpcPeeringConnectionId (string) --

            The ID of the VPC peering connection, if applicable.

  • CidrIp (string) -- The CIDR IPv4 address range. We recommend that you specify the CIDR range in a set of IP permissions instead.
  • FromPort (integer) -- The start of port range for the TCP and UDP protocols, or an ICMP type number. We recommend that you specify the port range in a set of IP permissions instead.
  • IpProtocol (string) -- The IP protocol name or number. We recommend that you specify the protocol in a set of IP permissions instead.
  • ToPort (integer) -- The end of port range for the TCP and UDP protocols, or an ICMP type number. We recommend that you specify the port range in a set of IP permissions instead.
  • SourceSecurityGroupName (string) -- The name of a destination security group. To authorize outbound access to a destination security group, we recommend that you use a set of IP permissions instead.
  • SourceSecurityGroupOwnerId (string) -- The AWS account number for a destination security group. To authorize outbound access to a destination security group, we recommend that you use a set of IP permissions instead.
Returns

None

authorize_security_group_ingress(**kwargs)

Adds one or more ingress rules to a security group.

Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.

[EC2-Classic] This action gives one or more IPv4 CIDR address ranges permission to access a security group in your account, or gives one or more security groups (called the source groups ) permission to access a security group for your account. A source group can be for your own AWS account, or another. You can have up to 100 rules per group.

[EC2-VPC] This action gives one or more IPv4 or IPv6 CIDR address ranges permission to access a security group in your VPC, or gives one or more other security groups (called the source groups ) permission to access a security group for your VPC. The security groups must all be for the same VPC or a peer VPC in a VPC peering connection. For more information about VPC security group limits, see Amazon VPC Limits .

You can optionally specify a description for the security group rule.

See also: AWS API Documentation

Request Syntax

response = client.authorize_security_group_ingress(
    CidrIp='string',
    FromPort=123,
    GroupId='string',
    GroupName='string',
    IpPermissions=[
        {
            'FromPort': 123,
            'IpProtocol': 'string',
            'IpRanges': [
                {
                    'CidrIp': 'string',
                    'Description': 'string'
                },
            ],
            'Ipv6Ranges': [
                {
                    'CidrIpv6': 'string',
                    'Description': 'string'
                },
            ],
            'PrefixListIds': [
                {
                    'Description': 'string',
                    'PrefixListId': 'string'
                },
            ],
            'ToPort': 123,
            'UserIdGroupPairs': [
                {
                    'Description': 'string',
                    'GroupId': 'string',
                    'GroupName': 'string',
                    'PeeringStatus': 'string',
                    'UserId': 'string',
                    'VpcId': 'string',
                    'VpcPeeringConnectionId': 'string'
                },
            ]
        },
    ],
    IpProtocol='string',
    SourceSecurityGroupName='string',
    SourceSecurityGroupOwnerId='string',
    ToPort=123,
    DryRun=True|False
)
Parameters
  • CidrIp (string) -- The CIDR IPv4 address range. You can't specify this parameter when specifying a source security group.
  • FromPort (integer) -- The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. For the ICMP/ICMPv6 type number, use -1 to specify all types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
  • GroupId (string) -- The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
  • GroupName (string) -- [EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.
  • IpPermissions (list) --

    A set of IP permissions. Can be used to specify multiple rules in a single command.

    • (dict) --

      Describes a security group rule.

      • FromPort (integer) --

        The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.

      • IpProtocol (string) --

        The IP protocol name (tcp , udp , icmp ) or number (see Protocol Numbers ).

        [EC2-VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or 58 (ICMPv6) allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For 58 (ICMPv6), you can optionally specify a port range; if you don't, traffic for all types and codes is allowed when authorizing rules.

      • IpRanges (list) --

        One or more IPv4 ranges.

        • (dict) --

          Describes an IPv4 range.

          • CidrIp (string) --

            The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix.

          • Description (string) --

            A description for the security group rule that references this IPv4 address range.

            Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

      • Ipv6Ranges (list) --

        [EC2-VPC only] One or more IPv6 ranges.

        • (dict) --

          [EC2-VPC only] Describes an IPv6 range.

          • CidrIpv6 (string) --

            The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix.

          • Description (string) --

            A description for the security group rule that references this IPv6 address range.

            Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

      • PrefixListIds (list) --

        (Valid for AuthorizeSecurityGroupEgress , RevokeSecurityGroupEgress and DescribeSecurityGroups only) One or more prefix list IDs for an AWS service. In an AuthorizeSecurityGroupEgress request, this is the AWS service that you want to access through a VPC endpoint from instances associated with the security group.

        • (dict) --

          The ID of the prefix.

          • Description (string) --

            A description for the security group rule that references this prefix list ID.

            Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

          • PrefixListId (string) --

            The ID of the prefix.

      • ToPort (integer) --

        The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes for the specified ICMP type. If you specify all ICMP/ICMPv6 types, you must specify all codes.

      • UserIdGroupPairs (list) --

        One or more security group and AWS account ID pairs.

        • (dict) --

          Describes a security group and AWS account ID pair.

          • Description (string) --

            A description for the security group rule that references this user ID group pair.

            Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

          • GroupId (string) --

            The ID of the security group.

          • GroupName (string) --

            The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.

          • PeeringStatus (string) --

            The status of a VPC peering connection, if applicable.

          • UserId (string) --

            The ID of an AWS account. For a referenced security group in another VPC, the account ID of the referenced security group is returned.

            [EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.

          • VpcId (string) --

            The ID of the VPC for the referenced security group, if applicable.

          • VpcPeeringConnectionId (string) --

            The ID of the VPC peering connection, if applicable.

  • IpProtocol (string) -- The IP protocol name (tcp , udp , icmp ) or number (see Protocol Numbers ). (VPC only) Use -1 to specify all protocols. If you specify -1 , or a protocol number other than tcp , udp , icmp , or 58 (ICMPv6), traffic on all ports is allowed, regardless of any ports you specify. For tcp , udp , and icmp , you must specify a port range. For protocol 58 (ICMPv6), you can optionally specify a port range; if you don't, traffic for all types and codes is allowed.
  • SourceSecurityGroupName (string) -- [EC2-Classic, default VPC] The name of the source security group. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. For EC2-VPC, the source security group must be in the same VPC.
  • SourceSecurityGroupOwnerId (string) -- [EC2-Classic] The AWS account number for the source security group, if the source security group is in a different account. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead.
  • ToPort (integer) -- The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code number. For the ICMP/ICMPv6 code number, use -1 to specify all codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

bundle_instance(**kwargs)

Bundles an Amazon instance store-backed Windows instance.

During bundling, only the root device volume (C:) is bundled. Data on other instance store volumes is not preserved.

Note

This action is not applicable for Linux/Unix instances or Windows instances that are backed by Amazon EBS.

For more information, see Creating an Instance Store-Backed Windows AMI .

See also: AWS API Documentation

Request Syntax

response = client.bundle_instance(
    InstanceId='string',
    Storage={
        'S3': {
            'AWSAccessKeyId': 'string',
            'Bucket': 'string',
            'Prefix': 'string',
            'UploadPolicy': b'bytes',
            'UploadPolicySignature': 'string'
        }
    },
    DryRun=True|False
)
Parameters
  • InstanceId (string) --

    [REQUIRED]

    The ID of the instance to bundle.

    Type: String

    Default: None

    Required: Yes

  • Storage (dict) --

    [REQUIRED]

    The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.

    • S3 (dict) --

      An Amazon S3 storage location.

      • AWSAccessKeyId (string) --

        The access key ID of the owner of the bucket. Before you specify a value for your access key ID, review and follow the guidance in Best Practices for Managing AWS Access Keys .

      • Bucket (string) --

        The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.

      • Prefix (string) --

        The beginning of the file name of the AMI.

      • UploadPolicy (bytes) --

        An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your behalf.

      • UploadPolicySignature (string) --

        The signature of the JSON document.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'BundleTask': {
        'BundleId': 'string',
        'BundleTaskError': {
            'Code': 'string',
            'Message': 'string'
        },
        'InstanceId': 'string',
        'Progress': 'string',
        'StartTime': datetime(2015, 1, 1),
        'State': 'pending'|'waiting-for-shutdown'|'bundling'|'storing'|'cancelling'|'complete'|'failed',
        'Storage': {
            'S3': {
                'AWSAccessKeyId': 'string',
                'Bucket': 'string',
                'Prefix': 'string',
                'UploadPolicy': b'bytes',
                'UploadPolicySignature': 'string'
            }
        },
        'UpdateTime': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    Contains the output of BundleInstance.

    • BundleTask (dict) --

      Information about the bundle task.

      • BundleId (string) --

        The ID of the bundle task.

      • BundleTaskError (dict) --

        If the task fails, a description of the error.

        • Code (string) --

          The error code.

        • Message (string) --

          The error message.

      • InstanceId (string) --

        The ID of the instance associated with this bundle task.

      • Progress (string) --

        The level of task completion, as a percent (for example, 20%).

      • StartTime (datetime) --

        The time this task started.

      • State (string) --

        The state of the task.

      • Storage (dict) --

        The Amazon S3 storage locations.

        • S3 (dict) --

          An Amazon S3 storage location.

          • AWSAccessKeyId (string) --

            The access key ID of the owner of the bucket. Before you specify a value for your access key ID, review and follow the guidance in Best Practices for Managing AWS Access Keys .

          • Bucket (string) --

            The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.

          • Prefix (string) --

            The beginning of the file name of the AMI.

          • UploadPolicy (bytes) --

            An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your behalf.

          • UploadPolicySignature (string) --

            The signature of the JSON document.

      • UpdateTime (datetime) --

        The time of the most recent update for the task.

can_paginate(operation_name)

Check if an operation can be paginated.

Parameters
operation_name (string) -- The operation name. This is the same name as the method name on the client. For example, if the method name is create_foo, and you'd normally invoke the operation as client.create_foo(**kwargs), if the create_foo operation can be paginated, you can use the call client.get_paginator("create_foo").
Returns
True if the operation can be paginated, False otherwise.
cancel_bundle_task(**kwargs)

Cancels a bundling operation for an instance store-backed Windows instance.

See also: AWS API Documentation

Request Syntax

response = client.cancel_bundle_task(
    BundleId='string',
    DryRun=True|False
)
Parameters
  • BundleId (string) --

    [REQUIRED]

    The ID of the bundle task.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'BundleTask': {
        'BundleId': 'string',
        'BundleTaskError': {
            'Code': 'string',
            'Message': 'string'
        },
        'InstanceId': 'string',
        'Progress': 'string',
        'StartTime': datetime(2015, 1, 1),
        'State': 'pending'|'waiting-for-shutdown'|'bundling'|'storing'|'cancelling'|'complete'|'failed',
        'Storage': {
            'S3': {
                'AWSAccessKeyId': 'string',
                'Bucket': 'string',
                'Prefix': 'string',
                'UploadPolicy': b'bytes',
                'UploadPolicySignature': 'string'
            }
        },
        'UpdateTime': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    Contains the output of CancelBundleTask.

    • BundleTask (dict) --

      Information about the bundle task.

      • BundleId (string) --

        The ID of the bundle task.

      • BundleTaskError (dict) --

        If the task fails, a description of the error.

        • Code (string) --

          The error code.

        • Message (string) --

          The error message.

      • InstanceId (string) --

        The ID of the instance associated with this bundle task.

      • Progress (string) --

        The level of task completion, as a percent (for example, 20%).

      • StartTime (datetime) --

        The time this task started.

      • State (string) --

        The state of the task.

      • Storage (dict) --

        The Amazon S3 storage locations.

        • S3 (dict) --

          An Amazon S3 storage location.

          • AWSAccessKeyId (string) --

            The access key ID of the owner of the bucket. Before you specify a value for your access key ID, review and follow the guidance in Best Practices for Managing AWS Access Keys .

          • Bucket (string) --

            The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.

          • Prefix (string) --

            The beginning of the file name of the AMI.

          • UploadPolicy (bytes) --

            An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your behalf.

          • UploadPolicySignature (string) --

            The signature of the JSON document.

      • UpdateTime (datetime) --

        The time of the most recent update for the task.

cancel_conversion_task(**kwargs)

Cancels an active conversion task. The task can be the import of an instance or volume. The action removes all artifacts of the conversion, including a partially uploaded volume or instance. If the conversion is complete or is in the process of transferring the final disk image, the command fails and returns an exception.

For more information, see Importing a Virtual Machine Using the Amazon EC2 CLI .

See also: AWS API Documentation

Request Syntax

response = client.cancel_conversion_task(
    ConversionTaskId='string',
    DryRun=True|False,
    ReasonMessage='string'
)
Parameters
  • ConversionTaskId (string) --

    [REQUIRED]

    The ID of the conversion task.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • ReasonMessage (string) -- The reason for canceling the conversion task.
Returns

None

cancel_export_task(**kwargs)

Cancels an active export task. The request removes all artifacts of the export, including any partially-created Amazon S3 objects. If the export task is complete or is in the process of transferring the final disk image, the command fails and returns an error.

See also: AWS API Documentation

Request Syntax

response = client.cancel_export_task(
    ExportTaskId='string'
)
Parameters
ExportTaskId (string) --

[REQUIRED]

The ID of the export task. This is the ID returned by CreateInstanceExportTask .

Returns
None
cancel_import_task(**kwargs)

Cancels an in-process import virtual machine or import snapshot task.

See also: AWS API Documentation

Request Syntax

response = client.cancel_import_task(
    CancelReason='string',
    DryRun=True|False,
    ImportTaskId='string'
)
Parameters
  • CancelReason (string) -- The reason for canceling the task.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • ImportTaskId (string) -- The ID of the import image or import snapshot task to be canceled.
Return type

dict

Returns

Response Syntax

{
    'ImportTaskId': 'string',
    'PreviousState': 'string',
    'State': 'string'
}

Response Structure

  • (dict) --

    Contains the output for CancelImportTask.

    • ImportTaskId (string) --

      The ID of the task being canceled.

    • PreviousState (string) --

      The current state of the task being canceled.

    • State (string) --

      The current state of the task being canceled.

cancel_reserved_instances_listing(**kwargs)

Cancels the specified Reserved Instance listing in the Reserved Instance Marketplace.

For more information, see Reserved Instance Marketplace in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.cancel_reserved_instances_listing(
    ReservedInstancesListingId='string'
)
Parameters
ReservedInstancesListingId (string) --

[REQUIRED]

The ID of the Reserved Instance listing.

Return type
dict
Returns
Response Syntax
{
    'ReservedInstancesListings': [
        {
            'ClientToken': 'string',
            'CreateDate': datetime(2015, 1, 1),
            'InstanceCounts': [
                {
                    'InstanceCount': 123,
                    'State': 'available'|'sold'|'cancelled'|'pending'
                },
            ],
            'PriceSchedules': [
                {
                    'Active': True|False,
                    'CurrencyCode': 'USD',
                    'Price': 123.0,
                    'Term': 123
                },
            ],
            'ReservedInstancesId': 'string',
            'ReservedInstancesListingId': 'string',
            'Status': 'active'|'pending'|'cancelled'|'closed',
            'StatusMessage': 'string',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'UpdateDate': datetime(2015, 1, 1)
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of CancelReservedInstancesListing.

    • ReservedInstancesListings (list) --

      The Reserved Instance listing.

      • (dict) --

        Describes a Reserved Instance listing.

        • ClientToken (string) --

          A unique, case-sensitive key supplied by the client to ensure that the request is idempotent. For more information, see Ensuring Idempotency .

        • CreateDate (datetime) --

          The time the listing was created.

        • InstanceCounts (list) --

          The number of instances in this state.

          • (dict) --

            Describes a Reserved Instance listing state.

            • InstanceCount (integer) --

              The number of listed Reserved Instances in the state specified by the state .

            • State (string) --

              The states of the listed Reserved Instances.

        • PriceSchedules (list) --

          The price of the Reserved Instance listing.

          • (dict) --

            Describes the price for a Reserved Instance.

            • Active (boolean) --

              The current price schedule, as determined by the term remaining for the Reserved Instance in the listing.

              A specific price schedule is always in effect, but only one price schedule can be active at any time. Take, for example, a Reserved Instance listing that has five months remaining in its term. When you specify price schedules for five months and two months, this means that schedule 1, covering the first three months of the remaining term, will be active during months 5, 4, and 3. Then schedule 2, covering the last two months of the term, will be active for months 2 and 1.

            • CurrencyCode (string) --

              The currency for transacting the Reserved Instance resale. At this time, the only supported currency is USD .

            • Price (float) --

              The fixed price for the term.

            • Term (integer) --

              The number of months remaining in the reservation. For example, 2 is the second to the last month before the capacity reservation expires.

        • ReservedInstancesId (string) --

          The ID of the Reserved Instance.

        • ReservedInstancesListingId (string) --

          The ID of the Reserved Instance listing.

        • Status (string) --

          The status of the Reserved Instance listing.

        • StatusMessage (string) --

          The reason for the current status of the Reserved Instance listing. The response can be blank.

        • Tags (list) --

          Any tags assigned to the resource.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

        • UpdateDate (datetime) --

          The last modified timestamp of the listing.

cancel_spot_fleet_requests(**kwargs)

Cancels the specified Spot fleet requests.

After you cancel a Spot fleet request, the Spot fleet launches no new Spot instances. You must specify whether the Spot fleet should also terminate its Spot instances. If you terminate the instances, the Spot fleet request enters the cancelled_terminating state. Otherwise, the Spot fleet request enters the cancelled_running state and the instances continue to run until they are interrupted or you terminate them manually.

See also: AWS API Documentation

Request Syntax

response = client.cancel_spot_fleet_requests(
    DryRun=True|False,
    SpotFleetRequestIds=[
        'string',
    ],
    TerminateInstances=True|False
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • SpotFleetRequestIds (list) --

    [REQUIRED]

    The IDs of the Spot fleet requests.

    • (string) --
  • TerminateInstances (boolean) --

    [REQUIRED]

    Indicates whether to terminate instances for a Spot fleet request if it is canceled successfully.

Return type

dict

Returns

Response Syntax

{
    'SuccessfulFleetRequests': [
        {
            'CurrentSpotFleetRequestState': 'submitted'|'active'|'cancelled'|'failed'|'cancelled_running'|'cancelled_terminating'|'modifying',
            'PreviousSpotFleetRequestState': 'submitted'|'active'|'cancelled'|'failed'|'cancelled_running'|'cancelled_terminating'|'modifying',
            'SpotFleetRequestId': 'string'
        },
    ],
    'UnsuccessfulFleetRequests': [
        {
            'Error': {
                'Code': 'fleetRequestIdDoesNotExist'|'fleetRequestIdMalformed'|'fleetRequestNotInCancellableState'|'unexpectedError',
                'Message': 'string'
            },
            'SpotFleetRequestId': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of CancelSpotFleetRequests.

    • SuccessfulFleetRequests (list) --

      Information about the Spot fleet requests that are successfully canceled.

      • (dict) --

        Describes a Spot fleet request that was successfully canceled.

        • CurrentSpotFleetRequestState (string) --

          The current state of the Spot fleet request.

        • PreviousSpotFleetRequestState (string) --

          The previous state of the Spot fleet request.

        • SpotFleetRequestId (string) --

          The ID of the Spot fleet request.

    • UnsuccessfulFleetRequests (list) --

      Information about the Spot fleet requests that are not successfully canceled.

      • (dict) --

        Describes a Spot fleet request that was not successfully canceled.

        • Error (dict) --

          The error.

          • Code (string) --

            The error code.

          • Message (string) --

            The description for the error code.

        • SpotFleetRequestId (string) --

          The ID of the Spot fleet request.

Examples

This example cancels the specified Spot fleet request and terminates its associated Spot Instances.

response = client.cancel_spot_fleet_requests(
    SpotFleetRequestIds=[
        'sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE',
    ],
    TerminateInstances=True,
)

print(response)

Expected Output:

{
    'SuccessfulFleetRequests': [
        {
            'CurrentSpotFleetRequestState': 'cancelled_running',
            'PreviousSpotFleetRequestState': 'active',
            'SpotFleetRequestId': 'sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}

This example cancels the specified Spot fleet request without terminating its associated Spot Instances.

response = client.cancel_spot_fleet_requests(
    SpotFleetRequestIds=[
        'sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE',
    ],
    TerminateInstances=False,
)

print(response)

Expected Output:

{
    'SuccessfulFleetRequests': [
        {
            'CurrentSpotFleetRequestState': 'cancelled_terminating',
            'PreviousSpotFleetRequestState': 'active',
            'SpotFleetRequestId': 'sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}
cancel_spot_instance_requests(**kwargs)

Cancels one or more Spot instance requests. Spot instances are instances that Amazon EC2 starts on your behalf when the bid price that you specify exceeds the current Spot price. Amazon EC2 periodically sets the Spot price based on available Spot instance capacity and current Spot instance requests. For more information, see Spot Instance Requests in the Amazon Elastic Compute Cloud User Guide .

Warning

Canceling a Spot instance request does not terminate running Spot instances associated with the request.

See also: AWS API Documentation

Request Syntax

response = client.cancel_spot_instance_requests(
    DryRun=True|False,
    SpotInstanceRequestIds=[
        'string',
    ]
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • SpotInstanceRequestIds (list) --

    [REQUIRED]

    One or more Spot instance request IDs.

    • (string) --
Return type

dict

Returns

Response Syntax

{
    'CancelledSpotInstanceRequests': [
        {
            'SpotInstanceRequestId': 'string',
            'State': 'active'|'open'|'closed'|'cancelled'|'completed'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of CancelSpotInstanceRequests.

    • CancelledSpotInstanceRequests (list) --

      One or more Spot instance requests.

      • (dict) --

        Describes a request to cancel a Spot instance.

        • SpotInstanceRequestId (string) --

          The ID of the Spot instance request.

        • State (string) --

          The state of the Spot instance request.

Examples

This example cancels a Spot Instance request.

response = client.cancel_spot_instance_requests(
    SpotInstanceRequestIds=[
        'sir-08b93456',
    ],
)

print(response)

Expected Output:

{
    'CancelledSpotInstanceRequests': [
        {
            'SpotInstanceRequestId': 'sir-08b93456',
            'State': 'cancelled',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}
confirm_product_instance(**kwargs)

Determines whether a product code is associated with an instance. This action can only be used by the owner of the product code. It is useful when a product code owner needs to verify whether another user's instance is eligible for support.

See also: AWS API Documentation

Request Syntax

response = client.confirm_product_instance(
    InstanceId='string',
    ProductCode='string',
    DryRun=True|False
)
Parameters
  • InstanceId (string) --

    [REQUIRED]

    The ID of the instance.

  • ProductCode (string) --

    [REQUIRED]

    The product code. This must be a product code that you own.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'OwnerId': 'string',
    'Return': True|False
}

Response Structure

  • (dict) --

    Contains the output of ConfirmProductInstance.

    • OwnerId (string) --

      The AWS account ID of the instance owner. This is only present if the product code is attached to the instance.

    • Return (boolean) --

      The return value of the request. Returns true if the specified product code is owned by the requester and associated with the specified instance.

Examples

This example determines whether the specified product code is associated with the specified instance.

response = client.confirm_product_instance(
    InstanceId='i-1234567890abcdef0',
    ProductCode='774F4FF8',
)

print(response)

Expected Output:

{
    'OwnerId': '123456789012',
    'ResponseMetadata': {
        '...': '...',
    },
}
copy_fpga_image(**kwargs)

Copies the specified Amazon FPGA Image (AFI) to the current region.

See also: AWS API Documentation

Request Syntax

response = client.copy_fpga_image(
    DryRun=True|False,
    SourceFpgaImageId='string',
    Description='string',
    Name='string',
    SourceRegion='string',
    ClientToken='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • SourceFpgaImageId (string) --

    [REQUIRED]

    The ID of the source AFI.

  • Description (string) -- The description for the new AFI.
  • Name (string) -- The name for the new AFI. The default is the name of the source AFI.
  • SourceRegion (string) --

    [REQUIRED]

    The region that contains the source AFI.

  • ClientToken (string) -- Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency .
Return type

dict

Returns

Response Syntax

{
    'FpgaImageId': 'string'
}

Response Structure

  • (dict) --

    • FpgaImageId (string) --

      The ID of the new AFI.

copy_image(**kwargs)

Initiates the copy of an AMI from the specified source region to the current region. You specify the destination region by using its endpoint when making the request.

For more information about the prerequisites and limits when copying an AMI, see Copying an AMI in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.copy_image(
    ClientToken='string',
    Description='string',
    Encrypted=True|False,
    KmsKeyId='string',
    Name='string',
    SourceImageId='string',
    SourceRegion='string',
    DryRun=True|False
)
Parameters
  • ClientToken (string) -- Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see How to Ensure Idempotency in the Amazon Elastic Compute Cloud User Guide .
  • Description (string) -- A description for the new AMI in the destination region.
  • Encrypted (boolean) -- Specifies whether the destination snapshots of the copied image should be encrypted. The default CMK for EBS is used unless a non-default AWS Key Management Service (AWS KMS) CMK is specified with KmsKeyId . For more information, see Amazon EBS Encryption in the Amazon Elastic Compute Cloud User Guide .
  • KmsKeyId (string) -- The full ARN of the AWS Key Management Service (AWS KMS) CMK to use when encrypting the snapshots of an image during a copy operation. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. The ARN contains the arn:aws:kms namespace, followed by the region of the CMK, the AWS account ID of the CMK owner, the key namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1 :012345678910 :key/abcd1234-a123-456a-a12b-a123b4cd56ef . The specified CMK must exist in the region that the snapshot is being copied to. If a KmsKeyId is specified, the Encrypted flag must also be set.
  • Name (string) --

    [REQUIRED]

    The name of the new AMI in the destination region.

  • SourceImageId (string) --

    [REQUIRED]

    The ID of the AMI to copy.

  • SourceRegion (string) --

    [REQUIRED]

    The name of the region that contains the AMI to copy.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'ImageId': 'string'
}

Response Structure

  • (dict) --

    Contains the output of CopyImage.

    • ImageId (string) --

      The ID of the new AMI.

copy_snapshot(**kwargs)

Copies a point-in-time snapshot of an EBS volume and stores it in Amazon S3. You can copy the snapshot within the same region or from one region to another. You can use the snapshot to create EBS volumes or Amazon Machine Images (AMIs). The snapshot is copied to the regional endpoint that you send the HTTP request to.

Copies of encrypted EBS snapshots remain encrypted. Copies of unencrypted snapshots remain unencrypted, unless the Encrypted flag is specified during the snapshot copy operation. By default, encrypted snapshot copies use the default AWS Key Management Service (AWS KMS) customer master key (CMK); however, you can specify a non-default CMK with the KmsKeyId parameter.

Note

To copy an encrypted snapshot that has been shared from another account, you must have permissions for the CMK used to encrypt the snapshot.

Note

Snapshots created by the CopySnapshot action have an arbitrary volume ID that should not be used for any purpose.

For more information, see Copying an Amazon EBS Snapshot in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.copy_snapshot(
    Description='string',
    Encrypted=True|False,
    KmsKeyId='string',
    SourceRegion='string',
    SourceSnapshotId='string',
    DryRun=True|False
)
Parameters
  • Description (string) -- A description for the EBS snapshot.
  • DestinationRegion (string) --

    The destination region to use in the PresignedUrl parameter of a snapshot copy operation. This parameter is only valid for specifying the destination region in a PresignedUrl parameter, where it is required.

    Note

    CopySnapshot sends the snapshot copy to the regional endpoint that you send the HTTP request to, such as ec2.us-east-1.amazonaws.com (in the AWS CLI, this is specified with the --region parameter or the default region in your AWS configuration file).

    Please note that this parameter is automatically populated if it is not provided. Including this parameter is not required
  • Encrypted (boolean) -- Specifies whether the destination snapshot should be encrypted. You can encrypt a copy of an unencrypted snapshot using this flag, but you cannot use it to create an unencrypted copy from an encrypted snapshot. Your default CMK for EBS is used unless a non-default AWS Key Management Service (AWS KMS) CMK is specified with KmsKeyId . For more information, see Amazon EBS Encryption in the Amazon Elastic Compute Cloud User Guide .
  • KmsKeyId (string) -- The full ARN of the AWS Key Management Service (AWS KMS) CMK to use when creating the snapshot copy. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. The ARN contains the arn:aws:kms namespace, followed by the region of the CMK, the AWS account ID of the CMK owner, the key namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1 :012345678910 :key/abcd1234-a123-456a-a12b-a123b4cd56ef . The specified CMK must exist in the region that the snapshot is being copied to. If a KmsKeyId is specified, the Encrypted flag must also be set.
  • PresignedUrl (string) --

    The pre-signed URL that facilitates copying an encrypted snapshot. This parameter is only required when copying an encrypted snapshot with the Amazon EC2 Query API; it is available as an optional parameter in all other cases. The PresignedUrl should use the snapshot source endpoint, the CopySnapshot action, and include the SourceRegion , SourceSnapshotId , and DestinationRegion parameters. The PresignedUrl must be signed using AWS Signature Version 4. Because EBS snapshots are stored in Amazon S3, the signing algorithm for this parameter uses the same logic that is described in Authenticating Requests by Using Query Parameters (AWS Signature Version 4) in the Amazon Simple Storage Service API Reference . An invalid or improperly signed PresignedUrl will cause the copy operation to fail asynchronously, and the snapshot will move to an error state.

    Please note that this parameter is automatically populated if it is not provided. Including this parameter is not required
  • SourceRegion (string) --

    [REQUIRED]

    The ID of the region that contains the snapshot to be copied.

  • SourceSnapshotId (string) --

    [REQUIRED]

    The ID of the EBS snapshot to copy.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'SnapshotId': 'string'
}

Response Structure

  • (dict) --

    Contains the output of CopySnapshot.

    • SnapshotId (string) --

      The ID of the new snapshot.

Examples

This example copies a snapshot with the snapshot ID of snap-066877671789bd71b from the us-west-2 region to the us-east-1 region and adds a short description to identify the snapshot.

response = client.copy_snapshot(
    Description='This is my copied snapshot.',
    DestinationRegion='us-east-1',
    SourceRegion='us-west-2',
    SourceSnapshotId='snap-066877671789bd71b',
)

print(response)

Expected Output:

{
    'SnapshotId': 'snap-066877671789bd71b',
    'ResponseMetadata': {
        '...': '...',
    },
}
create_customer_gateway(**kwargs)

Provides information to AWS about your VPN customer gateway device. The customer gateway is the appliance at your end of the VPN connection. (The device on the AWS side of the VPN connection is the virtual private gateway.) You must provide the Internet-routable IP address of the customer gateway's external interface. The IP address must be static and may be behind a device performing network address translation (NAT).

For devices that use Border Gateway Protocol (BGP), you can also provide the device's BGP Autonomous System Number (ASN). You can use an existing ASN assigned to your network. If you don't have an ASN already, you can use a private ASN (in the 64512 - 65534 range).

Note

Amazon EC2 supports all 2-byte ASN numbers in the range of 1 - 65534, with the exception of 7224, which is reserved in the us-east-1 region, and 9059, which is reserved in the eu-west-1 region.

For more information about VPN customer gateways, see Adding a Hardware Virtual Private Gateway to Your VPC in the Amazon Virtual Private Cloud User Guide .

Warning

You cannot create more than one customer gateway with the same VPN type, IP address, and BGP ASN parameter values. If you run an identical request more than one time, the first request creates the customer gateway, and subsequent requests return information about the existing customer gateway. The subsequent requests do not create new customer gateway resources.

See also: AWS API Documentation

Request Syntax

response = client.create_customer_gateway(
    BgpAsn=123,
    PublicIp='string',
    Type='ipsec.1',
    DryRun=True|False
)
Parameters
  • BgpAsn (integer) --

    [REQUIRED]

    For devices that support BGP, the customer gateway's BGP ASN.

    Default: 65000

  • PublicIp (string) --

    [REQUIRED]

    The Internet-routable IP address for the customer gateway's outside interface. The address must be static.

  • Type (string) --

    [REQUIRED]

    The type of VPN connection that this customer gateway supports (ipsec.1 ).

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'CustomerGateway': {
        'BgpAsn': 'string',
        'CustomerGatewayId': 'string',
        'IpAddress': 'string',
        'State': 'string',
        'Type': 'string',
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateCustomerGateway.

    • CustomerGateway (dict) --

      Information about the customer gateway.

      • BgpAsn (string) --

        The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).

      • CustomerGatewayId (string) --

        The ID of the customer gateway.

      • IpAddress (string) --

        The Internet-routable IP address of the customer gateway's outside interface.

      • State (string) --

        The current state of the customer gateway (pending | available | deleting | deleted ).

      • Type (string) --

        The type of VPN connection the customer gateway supports (ipsec.1 ).

      • Tags (list) --

        Any tags assigned to the customer gateway.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example creates a customer gateway with the specified IP address for its outside interface.

response = client.create_customer_gateway(
    BgpAsn=65534,
    PublicIp='12.1.2.3',
    Type='ipsec.1',
)

print(response)

Expected Output:

{
    'CustomerGateway': {
        'BgpAsn': '65534',
        'CustomerGatewayId': 'cgw-0e11f167',
        'IpAddress': '12.1.2.3',
        'State': 'available',
        'Type': 'ipsec.1',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_default_vpc(**kwargs)

Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet in each Availability Zone. For more information about the components of a default VPC, see Default VPC and Default Subnets in the Amazon Virtual Private Cloud User Guide . You cannot specify the components of the default VPC yourself.

You can create a default VPC if you deleted your previous default VPC. You cannot have more than one default VPC per region.

If your account supports EC2-Classic, you cannot use this action to create a default VPC in a region that supports EC2-Classic. If you want a default VPC in a region that supports EC2-Classic, see "I really want a default VPC for my existing EC2 account. Is that possible?" in the Default VPCs FAQ .

See also: AWS API Documentation

Request Syntax

response = client.create_default_vpc(
    DryRun=True|False
)
Parameters
DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type
dict
Returns
Response Syntax
{
    'Vpc': {
        'CidrBlock': 'string',
        'DhcpOptionsId': 'string',
        'State': 'pending'|'available',
        'VpcId': 'string',
        'InstanceTenancy': 'default'|'dedicated'|'host',
        'Ipv6CidrBlockAssociationSet': [
            {
                'AssociationId': 'string',
                'Ipv6CidrBlock': 'string',
                'Ipv6CidrBlockState': {
                    'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
                    'StatusMessage': 'string'
                }
            },
        ],
        'CidrBlockAssociationSet': [
            {
                'AssociationId': 'string',
                'CidrBlock': 'string',
                'CidrBlockState': {
                    'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
                    'StatusMessage': 'string'
                }
            },
        ],
        'IsDefault': True|False,
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateDefaultVpc.

    • Vpc (dict) --

      Information about the VPC.

      • CidrBlock (string) --

        The primary IPv4 CIDR block for the VPC.

      • DhcpOptionsId (string) --

        The ID of the set of DHCP options you've associated with the VPC (or default if the default options are associated with the VPC).

      • State (string) --

        The current state of the VPC.

      • VpcId (string) --

        The ID of the VPC.

      • InstanceTenancy (string) --

        The allowed tenancy of instances launched into the VPC.

      • Ipv6CidrBlockAssociationSet (list) --

        Information about the IPv6 CIDR blocks associated with the VPC.

        • (dict) --

          Describes an IPv6 CIDR block associated with a VPC.

          • AssociationId (string) --

            The association ID for the IPv6 CIDR block.

          • Ipv6CidrBlock (string) --

            The IPv6 CIDR block.

          • Ipv6CidrBlockState (dict) --

            Information about the state of the CIDR block.

            • State (string) --

              The state of the CIDR block.

            • StatusMessage (string) --

              A message about the status of the CIDR block, if applicable.

      • CidrBlockAssociationSet (list) --

        Information about the IPv4 CIDR blocks associated with the VPC.

        • (dict) --

          Describes an IPv4 CIDR block associated with a VPC.

          • AssociationId (string) --

            The association ID for the IPv4 CIDR block.

          • CidrBlock (string) --

            The IPv4 CIDR block.

          • CidrBlockState (dict) --

            Information about the state of the CIDR block.

            • State (string) --

              The state of the CIDR block.

            • StatusMessage (string) --

              A message about the status of the CIDR block, if applicable.

      • IsDefault (boolean) --

        Indicates whether the VPC is the default VPC.

      • Tags (list) --

        Any tags assigned to the VPC.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

create_dhcp_options(**kwargs)

Creates a set of DHCP options for your VPC. After creating the set, you must associate it with the VPC, causing all existing and new instances that you launch in the VPC to use this set of DHCP options. The following are the individual DHCP options you can specify. For more information about the options, see RFC 2132 .

  • domain-name-servers - The IP addresses of up to four domain name servers, or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. If specifying more than one domain name server, specify the IP addresses in a single parameter, separated by commas. If you want your instance to receive a custom DNS hostname as specified in domain-name , you must set domain-name-servers to a custom DNS server.
  • domain-name - If you're using AmazonProvidedDNS in us-east-1 , specify ec2.internal . If you're using AmazonProvidedDNS in another region, specify region.compute.internal (for example, ap-northeast-1.compute.internal ). Otherwise, specify a domain name (for example, MyCompany.com ). This value is used to complete unqualified DNS hostnames. Important : Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP options set is associated with a VPC that has instances with multiple operating systems, specify only one domain name.
  • ntp-servers - The IP addresses of up to four Network Time Protocol (NTP) servers.
  • netbios-name-servers - The IP addresses of up to four NetBIOS name servers.
  • netbios-node-type - The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported). For more information about these node types, see RFC 2132 .

Your VPC automatically starts out with a set of DHCP options that includes only a DNS server that we provide (AmazonProvidedDNS). If you create a set of options, and if your VPC has an Internet gateway, make sure to set the domain-name-servers option either to AmazonProvidedDNS or to a domain name server of your choice. For more information about DHCP options, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_dhcp_options(
    DhcpConfigurations=[
        {
            'Key': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    DryRun=True|False
)
Parameters
  • DhcpConfigurations (list) --

    [REQUIRED]

    A DHCP configuration option.

    • (dict) --
      • Key (string) --
      • Values (list) --
        • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'DhcpOptions': {
        'DhcpConfigurations': [
            {
                'Key': 'string',
                'Values': [
                    {
                        'Value': 'string'
                    },
                ]
            },
        ],
        'DhcpOptionsId': 'string',
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateDhcpOptions.

    • DhcpOptions (dict) --

      A set of DHCP options.

      • DhcpConfigurations (list) --

        One or more DHCP options in the set.

        • (dict) --

          Describes a DHCP configuration option.

          • Key (string) --

            The name of a DHCP option.

          • Values (list) --

            One or more values for the DHCP option.

            • (dict) --

              Describes a value for a resource attribute that is a String.

              • Value (string) --

                The attribute value. Note that the value is case-sensitive.

      • DhcpOptionsId (string) --

        The ID of the set of DHCP options.

      • Tags (list) --

        Any tags assigned to the DHCP options set.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example creates a DHCP options set.

response = client.create_dhcp_options(
    DhcpConfigurations=[
        {
            'Key': 'domain-name-servers',
            'Values': [
                '10.2.5.1',
                '10.2.5.2',
            ],
        },
    ],
)

print(response)

Expected Output:

{
    'DhcpOptions': {
        'DhcpConfigurations': [
            {
                'Key': 'domain-name-servers',
                'Values': [
                    {
                        'Value': '10.2.5.2',
                    },
                    {
                        'Value': '10.2.5.1',
                    },
                ],
            },
        ],
        'DhcpOptionsId': 'dopt-d9070ebb',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_egress_only_internet_gateway(**kwargs)

[IPv6 only] Creates an egress-only Internet gateway for your VPC. An egress-only Internet gateway is used to enable outbound communication over IPv6 from instances in your VPC to the Internet, and prevents hosts outside of your VPC from initiating an IPv6 connection with your instance.

See also: AWS API Documentation

Request Syntax

response = client.create_egress_only_internet_gateway(
    ClientToken='string',
    DryRun=True|False,
    VpcId='string'
)
Parameters
  • ClientToken (string) -- Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency .
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC for which to create the egress-only Internet gateway.

Return type

dict

Returns

Response Syntax

{
    'ClientToken': 'string',
    'EgressOnlyInternetGateway': {
        'Attachments': [
            {
                'State': 'attaching'|'attached'|'detaching'|'detached',
                'VpcId': 'string'
            },
        ],
        'EgressOnlyInternetGatewayId': 'string'
    }
}

Response Structure

  • (dict) --

    • ClientToken (string) --

      Unique, case-sensitive identifier you provide to ensure the idempotency of the request.

    • EgressOnlyInternetGateway (dict) --

      Information about the egress-only Internet gateway.

      • Attachments (list) --

        Information about the attachment of the egress-only Internet gateway.

        • (dict) --

          Describes the attachment of a VPC to an Internet gateway or an egress-only Internet gateway.

          • State (string) --

            The current state of the attachment.

          • VpcId (string) --

            The ID of the VPC.

      • EgressOnlyInternetGatewayId (string) --

        The ID of the egress-only Internet gateway.

create_flow_logs(**kwargs)

Creates one or more flow logs to capture IP traffic for a specific network interface, subnet, or VPC. Flow logs are delivered to a specified log group in Amazon CloudWatch Logs. If you specify a VPC or subnet in the request, a log stream is created in CloudWatch Logs for each network interface in the subnet or VPC. Log streams can include information about accepted and rejected traffic to a network interface. You can view the data in your log streams using Amazon CloudWatch Logs.

In your request, you must also specify an IAM role that has permission to publish logs to CloudWatch Logs.

See also: AWS API Documentation

Request Syntax

response = client.create_flow_logs(
    ClientToken='string',
    DeliverLogsPermissionArn='string',
    LogGroupName='string',
    ResourceIds=[
        'string',
    ],
    ResourceType='VPC'|'Subnet'|'NetworkInterface',
    TrafficType='ACCEPT'|'REJECT'|'ALL'
)
Parameters
  • ClientToken (string) -- Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency .
  • DeliverLogsPermissionArn (string) --

    [REQUIRED]

    The ARN for the IAM role that's used to post flow logs to a CloudWatch Logs log group.

  • LogGroupName (string) --

    [REQUIRED]

    The name of the CloudWatch log group.

  • ResourceIds (list) --

    [REQUIRED]

    One or more subnet, network interface, or VPC IDs.

    Constraints: Maximum of 1000 resources

    • (string) --
  • ResourceType (string) --

    [REQUIRED]

    The type of resource on which to create the flow log.

  • TrafficType (string) --

    [REQUIRED]

    The type of traffic to log.

Return type

dict

Returns

Response Syntax

{
    'ClientToken': 'string',
    'FlowLogIds': [
        'string',
    ],
    'Unsuccessful': [
        {
            'Error': {
                'Code': 'string',
                'Message': 'string'
            },
            'ResourceId': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of CreateFlowLogs.

    • ClientToken (string) --

      Unique, case-sensitive identifier you provide to ensure the idempotency of the request.

    • FlowLogIds (list) --

      The IDs of the flow logs.

      • (string) --
    • Unsuccessful (list) --

      Information about the flow logs that could not be created successfully.

      • (dict) --

        Information about items that were not successfully processed in a batch call.

        • Error (dict) --

          Information about the error.

          • Code (string) --

            The error code.

          • Message (string) --

            The error message accompanying the error code.

        • ResourceId (string) --

          The ID of the resource.

create_fpga_image(**kwargs)

Creates an Amazon FPGA Image (AFI) from the specified design checkpoint (DCP).

The create operation is asynchronous. To verify that the AFI is ready for use, check the output logs.

An AFI contains the FPGA bitstream that is ready to download to an FPGA. You can securely deploy an AFI on one or more FPGA-accelerated instances. For more information, see the AWS FPGA Hardware Development Kit .

See also: AWS API Documentation

Request Syntax

response = client.create_fpga_image(
    DryRun=True|False,
    InputStorageLocation={
        'Bucket': 'string',
        'Key': 'string'
    },
    LogsStorageLocation={
        'Bucket': 'string',
        'Key': 'string'
    },
    Description='string',
    Name='string',
    ClientToken='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • InputStorageLocation (dict) --

    [REQUIRED]

    The location of the encrypted design checkpoint in Amazon S3. The input must be a tarball.

    • Bucket (string) --

      The name of the S3 bucket.

    • Key (string) --

      The key.

  • LogsStorageLocation (dict) --

    The location in Amazon S3 for the output logs.

    • Bucket (string) --

      The name of the S3 bucket.

    • Key (string) --

      The key.

  • Description (string) -- A description for the AFI.
  • Name (string) -- A name for the AFI.
  • ClientToken (string) -- Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency .
Return type

dict

Returns

Response Syntax

{
    'FpgaImageId': 'string',
    'FpgaImageGlobalId': 'string'
}

Response Structure

  • (dict) --

    • FpgaImageId (string) --

      The FPGA image identifier (AFI ID).

    • FpgaImageGlobalId (string) --

      The global FPGA image identifier (AGFI ID).

create_image(**kwargs)

Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that is either running or stopped.

If you customized your instance with instance store volumes or EBS volumes in addition to the root device volume, the new AMI contains block device mapping information for those volumes. When you launch an instance from this new AMI, the instance automatically launches with those additional volumes.

For more information, see Creating Amazon EBS-Backed Linux AMIs in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_image(
    BlockDeviceMappings=[
        {
            'DeviceName': 'string',
            'VirtualName': 'string',
            'Ebs': {
                'Encrypted': True|False,
                'DeleteOnTermination': True|False,
                'Iops': 123,
                'SnapshotId': 'string',
                'VolumeSize': 123,
                'VolumeType': 'standard'|'io1'|'gp2'|'sc1'|'st1'
            },
            'NoDevice': 'string'
        },
    ],
    Description='string',
    DryRun=True|False,
    InstanceId='string',
    Name='string',
    NoReboot=True|False
)
Parameters
  • BlockDeviceMappings (list) --

    Information about one or more block device mappings.

    • (dict) --

      Describes a block device mapping.

      • DeviceName (string) --

        The device name exposed to the instance (for example, /dev/sdh or xvdh ).

      • VirtualName (string) --

        The virtual device name (ephemeral N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1 .The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.

        Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.

      • Ebs (dict) --

        Parameters used to automatically set up EBS volumes when the instance is launched.

        • Encrypted (boolean) --

          Indicates whether the EBS volume is encrypted. Encrypted Amazon EBS volumes may only be attached to instances that support Amazon EBS encryption.

        • DeleteOnTermination (boolean) --

          Indicates whether the EBS volume is deleted on instance termination.

        • Iops (integer) --

          The number of I/O operations per second (IOPS) that the volume supports. For io1 , this represents the number of IOPS that are provisioned for the volume. For gp2 , this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide .

          Constraint: Range is 100-20000 IOPS for io1 volumes and 100-10000 IOPS for gp2 volumes.

          Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2 , st1 , sc1 , or standard volumes.

        • SnapshotId (string) --

          The ID of the snapshot.

        • VolumeSize (integer) --

          The size of the volume, in GiB.

          Constraints: 1-16384 for General Purpose SSD (gp2 ), 4-16384 for Provisioned IOPS SSD (io1 ), 500-16384 for Throughput Optimized HDD (st1 ), 500-16384 for Cold HDD (sc1 ), and 1-1024 for Magnetic (standard ) volumes. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.

          Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.

        • VolumeType (string) --

          The volume type: gp2 , io1 , st1 , sc1 , or standard .

          Default: standard

      • NoDevice (string) --

        Suppresses the specified device included in the block device mapping of the AMI.

  • Description (string) -- A description for the new image.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • InstanceId (string) --

    [REQUIRED]

    The ID of the instance.

  • Name (string) --

    [REQUIRED]

    A name for the new image.

    Constraints: 3-128 alphanumeric characters, parentheses (()), square brackets ([]), spaces ( ), periods (.), slashes (/), dashes (-), single quotes ('), at-signs (@), or underscores(_)

  • NoReboot (boolean) -- By default, Amazon EC2 attempts to shut down and reboot the instance before creating the image. If the 'No Reboot' option is set, Amazon EC2 doesn't shut down the instance before creating the image. When this option is used, file system integrity on the created image can't be guaranteed.
Return type

dict

Returns

Response Syntax

{
    'ImageId': 'string'
}

Response Structure

  • (dict) --

    Contains the output of CreateImage.

    • ImageId (string) --

      The ID of the new AMI.

create_instance_export_task(**kwargs)

Exports a running or stopped instance to an S3 bucket.

For information about the supported operating systems, image formats, and known limitations for the types of instances you can export, see Exporting an Instance as a VM Using VM Import/Export in the VM Import/Export User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_instance_export_task(
    Description='string',
    ExportToS3Task={
        'ContainerFormat': 'ova',
        'DiskImageFormat': 'VMDK'|'RAW'|'VHD',
        'S3Bucket': 'string',
        'S3Prefix': 'string'
    },
    InstanceId='string',
    TargetEnvironment='citrix'|'vmware'|'microsoft'
)
Parameters
  • Description (string) -- A description for the conversion task or the resource being exported. The maximum length is 255 bytes.
  • ExportToS3Task (dict) --

    The format and location for an instance export task.

    • ContainerFormat (string) --

      The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is exported.

    • DiskImageFormat (string) --

      The format for the exported image.

    • S3Bucket (string) --

      The S3 bucket for the destination image. The destination bucket must exist and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com .

    • S3Prefix (string) --

      The image is written to a single object in the S3 bucket at the S3 key s3prefix + exportTaskId + '.' + diskImageFormat.

  • InstanceId (string) --

    [REQUIRED]

    The ID of the instance.

  • TargetEnvironment (string) -- The target virtualization environment.
Return type

dict

Returns

Response Syntax

{
    'ExportTask': {
        'Description': 'string',
        'ExportTaskId': 'string',
        'ExportToS3Task': {
            'ContainerFormat': 'ova',
            'DiskImageFormat': 'VMDK'|'RAW'|'VHD',
            'S3Bucket': 'string',
            'S3Key': 'string'
        },
        'InstanceExportDetails': {
            'InstanceId': 'string',
            'TargetEnvironment': 'citrix'|'vmware'|'microsoft'
        },
        'State': 'active'|'cancelling'|'cancelled'|'completed',
        'StatusMessage': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output for CreateInstanceExportTask.

    • ExportTask (dict) --

      Information about the instance export task.

      • Description (string) --

        A description of the resource being exported.

      • ExportTaskId (string) --

        The ID of the export task.

      • ExportToS3Task (dict) --

        Information about the export task.

        • ContainerFormat (string) --

          The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is exported.

        • DiskImageFormat (string) --

          The format for the exported image.

        • S3Bucket (string) --

          The S3 bucket for the destination image. The destination bucket must exist and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com .

        • S3Key (string) --

          The encryption key for your S3 bucket.

      • InstanceExportDetails (dict) --

        Information about the instance to export.

        • InstanceId (string) --

          The ID of the resource being exported.

        • TargetEnvironment (string) --

          The target virtualization environment.

      • State (string) --

        The state of the export task.

      • StatusMessage (string) --

        The status message related to the export task.

create_internet_gateway(**kwargs)

Creates an Internet gateway for use with a VPC. After creating the Internet gateway, you attach it to a VPC using AttachInternetGateway .

For more information about your VPC and Internet gateway, see the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_internet_gateway(
    DryRun=True|False
)
Parameters
DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type
dict
Returns
Response Syntax
{
    'InternetGateway': {
        'Attachments': [
            {
                'State': 'attaching'|'attached'|'detaching'|'detached',
                'VpcId': 'string'
            },
        ],
        'InternetGatewayId': 'string',
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateInternetGateway.

    • InternetGateway (dict) --

      Information about the Internet gateway.

      • Attachments (list) --

        Any VPCs attached to the Internet gateway.

        • (dict) --

          Describes the attachment of a VPC to an Internet gateway or an egress-only Internet gateway.

          • State (string) --

            The current state of the attachment.

          • VpcId (string) --

            The ID of the VPC.

      • InternetGatewayId (string) --

        The ID of the Internet gateway.

      • Tags (list) --

        Any tags assigned to the Internet gateway.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example creates an Internet gateway.

response = client.create_internet_gateway(
)

print(response)

Expected Output:

{
    'InternetGateway': {
        'Attachments': [
        ],
        'InternetGatewayId': 'igw-c0a643a9',
        'Tags': [
        ],
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_key_pair(**kwargs)

Creates a 2048-bit RSA key pair with the specified name. Amazon EC2 stores the public key and displays the private key for you to save to a file. The private key is returned as an unencrypted PEM encoded PKCS#8 private key. If a key with the specified name already exists, Amazon EC2 returns an error.

You can have up to five thousand key pairs per region.

The key pair returned to you is available only in the region in which you create it. To create a key pair that is available in all regions, use ImportKeyPair .

For more information about key pairs, see Key Pairs in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_key_pair(
    KeyName='string',
    DryRun=True|False
)
Parameters
  • KeyName (string) --

    [REQUIRED]

    A unique name for the key pair.

    Constraints: Up to 255 ASCII characters

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'KeyFingerprint': 'string',
    'KeyMaterial': 'string',
    'KeyName': 'string'
}

Response Structure

  • (dict) --

    Describes a key pair.

    • KeyFingerprint (string) --

      The SHA-1 digest of the DER encoded private key.

    • KeyMaterial (string) --

      An unencrypted PEM encoded RSA private key.

    • KeyName (string) --

      The name of the key pair.

Examples

This example creates a key pair named my-key-pair.

response = client.create_key_pair(
    KeyName='my-key-pair',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
create_nat_gateway(**kwargs)

Creates a NAT gateway in the specified subnet. A NAT gateway can be used to enable instances in a private subnet to connect to the Internet. This action creates a network interface in the specified subnet with a private IP address from the IP address range of the subnet. For more information, see NAT Gateways in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_nat_gateway(
    AllocationId='string',
    ClientToken='string',
    SubnetId='string'
)
Parameters
  • AllocationId (string) --

    [REQUIRED]

    The allocation ID of an Elastic IP address to associate with the NAT gateway. If the Elastic IP address is associated with another resource, you must first disassociate it.

  • ClientToken (string) --

    Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency .

    Constraint: Maximum 64 ASCII characters.

  • SubnetId (string) --

    [REQUIRED]

    The subnet in which to create the NAT gateway.

Return type

dict

Returns

Response Syntax

{
    'ClientToken': 'string',
    'NatGateway': {
        'CreateTime': datetime(2015, 1, 1),
        'DeleteTime': datetime(2015, 1, 1),
        'FailureCode': 'string',
        'FailureMessage': 'string',
        'NatGatewayAddresses': [
            {
                'AllocationId': 'string',
                'NetworkInterfaceId': 'string',
                'PrivateIp': 'string',
                'PublicIp': 'string'
            },
        ],
        'NatGatewayId': 'string',
        'ProvisionedBandwidth': {
            'ProvisionTime': datetime(2015, 1, 1),
            'Provisioned': 'string',
            'RequestTime': datetime(2015, 1, 1),
            'Requested': 'string',
            'Status': 'string'
        },
        'State': 'pending'|'failed'|'available'|'deleting'|'deleted',
        'SubnetId': 'string',
        'VpcId': 'string',
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateNatGateway.

    • ClientToken (string) --

      Unique, case-sensitive identifier to ensure the idempotency of the request. Only returned if a client token was provided in the request.

    • NatGateway (dict) --

      Information about the NAT gateway.

      • CreateTime (datetime) --

        The date and time the NAT gateway was created.

      • DeleteTime (datetime) --

        The date and time the NAT gateway was deleted, if applicable.

      • FailureCode (string) --

        If the NAT gateway could not be created, specifies the error code for the failure. (InsufficientFreeAddressesInSubnet | Gateway.NotAttached | InvalidAllocationID.NotFound | Resource.AlreadyAssociated | InternalError | InvalidSubnetID.NotFound )

      • FailureMessage (string) --

        If the NAT gateway could not be created, specifies the error message for the failure, that corresponds to the error code.

        • For InsufficientFreeAddressesInSubnet: "Subnet has insufficient free addresses to create this NAT gateway"
        • For Gateway.NotAttached: "Network vpc-xxxxxxxx has no Internet gateway attached"
        • For InvalidAllocationID.NotFound: "Elastic IP address eipalloc-xxxxxxxx could not be associated with this NAT gateway"
        • For Resource.AlreadyAssociated: "Elastic IP address eipalloc-xxxxxxxx is already associated"
        • For InternalError: "Network interface eni-xxxxxxxx, created and used internally by this NAT gateway is in an invalid state. Please try again."
        • For InvalidSubnetID.NotFound: "The specified subnet subnet-xxxxxxxx does not exist or could not be found."
      • NatGatewayAddresses (list) --

        Information about the IP addresses and network interface associated with the NAT gateway.

        • (dict) --

          Describes the IP addresses and network interface associated with a NAT gateway.

          • AllocationId (string) --

            The allocation ID of the Elastic IP address that's associated with the NAT gateway.

          • NetworkInterfaceId (string) --

            The ID of the network interface associated with the NAT gateway.

          • PrivateIp (string) --

            The private IP address associated with the Elastic IP address.

          • PublicIp (string) --

            The Elastic IP address associated with the NAT gateway.

      • NatGatewayId (string) --

        The ID of the NAT gateway.

      • ProvisionedBandwidth (dict) --

        Reserved. If you need to sustain traffic greater than the documented limits , contact us through the Support Center .

      • State (string) --

        The state of the NAT gateway.

        • pending : The NAT gateway is being created and is not ready to process traffic.
        • failed : The NAT gateway could not be created. Check the failureCode and failureMessage fields for the reason.
        • available : The NAT gateway is able to process traffic. This status remains until you delete the NAT gateway, and does not indicate the health of the NAT gateway.
        • deleting : The NAT gateway is in the process of being terminated and may still be processing traffic.
        • deleted : The NAT gateway has been terminated and is no longer processing traffic.
      • SubnetId (string) --

        The ID of the subnet in which the NAT gateway is located.

      • VpcId (string) --

        The ID of the VPC in which the NAT gateway is located.

      • Tags (list) --

        The tags for the NAT gateway.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example creates a NAT gateway in subnet subnet-1a2b3c4d and associates an Elastic IP address with the allocation ID eipalloc-37fc1a52 with the NAT gateway.

response = client.create_nat_gateway(
    AllocationId='eipalloc-37fc1a52',
    SubnetId='subnet-1a2b3c4d',
)

print(response)

Expected Output:

{
    'NatGateway': {
        'CreateTime': datetime(2015, 12, 17, 12, 45, 26, 3, 351, 0),
        'NatGatewayAddresses': [
            {
                'AllocationId': 'eipalloc-37fc1a52',
            },
        ],
        'NatGatewayId': 'nat-08d48af2a8e83edfd',
        'State': 'pending',
        'SubnetId': 'subnet-1a2b3c4d',
        'VpcId': 'vpc-1122aabb',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_network_acl(**kwargs)

Creates a network ACL in a VPC. Network ACLs provide an optional layer of security (in addition to security groups) for the instances in your VPC.

For more information about network ACLs, see Network ACLs in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_network_acl(
    DryRun=True|False,
    VpcId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC.

Return type

dict

Returns

Response Syntax

{
    'NetworkAcl': {
        'Associations': [
            {
                'NetworkAclAssociationId': 'string',
                'NetworkAclId': 'string',
                'SubnetId': 'string'
            },
        ],
        'Entries': [
            {
                'CidrBlock': 'string',
                'Egress': True|False,
                'IcmpTypeCode': {
                    'Code': 123,
                    'Type': 123
                },
                'Ipv6CidrBlock': 'string',
                'PortRange': {
                    'From': 123,
                    'To': 123
                },
                'Protocol': 'string',
                'RuleAction': 'allow'|'deny',
                'RuleNumber': 123
            },
        ],
        'IsDefault': True|False,
        'NetworkAclId': 'string',
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'VpcId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateNetworkAcl.

    • NetworkAcl (dict) --

      Information about the network ACL.

      • Associations (list) --

        Any associations between the network ACL and one or more subnets

        • (dict) --

          Describes an association between a network ACL and a subnet.

          • NetworkAclAssociationId (string) --

            The ID of the association between a network ACL and a subnet.

          • NetworkAclId (string) --

            The ID of the network ACL.

          • SubnetId (string) --

            The ID of the subnet.

      • Entries (list) --

        One or more entries (rules) in the network ACL.

        • (dict) --

          Describes an entry in a network ACL.

          • CidrBlock (string) --

            The IPv4 network range to allow or deny, in CIDR notation.

          • Egress (boolean) --

            Indicates whether the rule is an egress rule (applied to traffic leaving the subnet).

          • IcmpTypeCode (dict) --

            ICMP protocol: The ICMP type and code.

            • Code (integer) --

              The ICMP code. A value of -1 means all codes for the specified ICMP type.

            • Type (integer) --

              The ICMP type. A value of -1 means all types.

          • Ipv6CidrBlock (string) --

            The IPv6 network range to allow or deny, in CIDR notation.

          • PortRange (dict) --

            TCP or UDP protocols: The range of ports the rule applies to.

            • From (integer) --

              The first port in the range.

            • To (integer) --

              The last port in the range.

          • Protocol (string) --

            The protocol. A value of -1 means all protocols.

          • RuleAction (string) --

            Indicates whether to allow or deny the traffic that matches the rule.

          • RuleNumber (integer) --

            The rule number for the entry. ACL entries are processed in ascending order by rule number.

      • IsDefault (boolean) --

        Indicates whether this is the default network ACL for the VPC.

      • NetworkAclId (string) --

        The ID of the network ACL.

      • Tags (list) --

        Any tags assigned to the network ACL.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

      • VpcId (string) --

        The ID of the VPC for the network ACL.

Examples

This example creates a network ACL for the specified VPC.

response = client.create_network_acl(
    VpcId='vpc-a01106c2',
)

print(response)

Expected Output:

{
    'NetworkAcl': {
        'Associations': [
        ],
        'Entries': [
            {
                'CidrBlock': '0.0.0.0/0',
                'Egress': True,
                'Protocol': '-1',
                'RuleAction': 'deny',
                'RuleNumber': 32767,
            },
            {
                'CidrBlock': '0.0.0.0/0',
                'Egress': False,
                'Protocol': '-1',
                'RuleAction': 'deny',
                'RuleNumber': 32767,
            },
        ],
        'IsDefault': False,
        'NetworkAclId': 'acl-5fb85d36',
        'Tags': [
        ],
        'VpcId': 'vpc-a01106c2',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_network_acl_entry(**kwargs)

Creates an entry (a rule) in a network ACL with the specified rule number. Each network ACL has a set of numbered ingress rules and a separate set of numbered egress rules. When determining whether a packet should be allowed in or out of a subnet associated with the ACL, we process the entries in the ACL according to the rule numbers, in ascending order. Each network ACL has a set of ingress rules and a separate set of egress rules.

We recommend that you leave room between the rule numbers (for example, 100, 110, 120, ...), and not number them one right after the other (for example, 101, 102, 103, ...). This makes it easier to add a rule between existing ones without having to renumber the rules.

After you add an entry, you can't modify it; you must either replace it, or create an entry and delete the old one.

For more information about network ACLs, see Network ACLs in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_network_acl_entry(
    CidrBlock='string',
    DryRun=True|False,
    Egress=True|False,
    IcmpTypeCode={
        'Code': 123,
        'Type': 123
    },
    Ipv6CidrBlock='string',
    NetworkAclId='string',
    PortRange={
        'From': 123,
        'To': 123
    },
    Protocol='string',
    RuleAction='allow'|'deny',
    RuleNumber=123
)
Parameters
  • CidrBlock (string) -- The IPv4 network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Egress (boolean) --

    [REQUIRED]

    Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet).

  • IcmpTypeCode (dict) --

    ICMP protocol: The ICMP or ICMPv6 type and code. Required if specifying the ICMP protocol, or protocol 58 (ICMPv6) with an IPv6 CIDR block.

    • Code (integer) --

      The ICMP code. A value of -1 means all codes for the specified ICMP type.

    • Type (integer) --

      The ICMP type. A value of -1 means all types.

  • Ipv6CidrBlock (string) -- The IPv6 network range to allow or deny, in CIDR notation (for example 2001:db8:1234:1a00::/64 ).
  • NetworkAclId (string) --

    [REQUIRED]

    The ID of the network ACL.

  • PortRange (dict) --

    TCP or UDP protocols: The range of ports the rule applies to.

    • From (integer) --

      The first port in the range.

    • To (integer) --

      The last port in the range.

  • Protocol (string) --

    [REQUIRED]

    The protocol. A value of -1 or all means all protocols. If you specify all , -1 , or a protocol number other than tcp , udp , or icmp , traffic on all ports is allowed, regardless of any ports or ICMP types or codes you specify. If you specify protocol 58 (ICMPv6) and specify an IPv4 CIDR block, traffic for all ICMP types and codes allowed, regardless of any that you specify. If you specify protocol 58 (ICMPv6) and specify an IPv6 CIDR block, you must specify an ICMP type and code.

  • RuleAction (string) --

    [REQUIRED]

    Indicates whether to allow or deny the traffic that matches the rule.

  • RuleNumber (integer) --

    [REQUIRED]

    The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.

    Constraints: Positive integer from 1 to 32766. The range 32767 to 65535 is reserved for internal use.

Returns

None

Examples

This example creates an entry for the specified network ACL. The rule allows ingress traffic from anywhere (0.0.0.0/0) on UDP port 53 (DNS) into any associated subnet.

response = client.create_network_acl_entry(
    CidrBlock='0.0.0.0/0',
    Egress=False,
    NetworkAclId='acl-5fb85d36',
    PortRange={
        'From': 53,
        'To': 53,
    },
    Protocol='udp',
    RuleAction='allow',
    RuleNumber=100,
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
create_network_interface(**kwargs)

Creates a network interface in the specified subnet.

For more information about network interfaces, see Elastic Network Interfaces in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_network_interface(
    Description='string',
    DryRun=True|False,
    Groups=[
        'string',
    ],
    Ipv6AddressCount=123,
    Ipv6Addresses=[
        {
            'Ipv6Address': 'string'
        },
    ],
    PrivateIpAddress='string',
    PrivateIpAddresses=[
        {
            'Primary': True|False,
            'PrivateIpAddress': 'string'
        },
    ],
    SecondaryPrivateIpAddressCount=123,
    SubnetId='string'
)
Parameters
  • Description (string) -- A description for the network interface.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Groups (list) --

    The IDs of one or more security groups.

    • (string) --
  • Ipv6AddressCount (integer) -- The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses. If your subnet has the AssignIpv6AddressOnCreation attribute set to true , you can specify 0 to override this setting.
  • Ipv6Addresses (list) --

    One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.

    • (dict) --

      Describes an IPv6 address.

      • Ipv6Address (string) --

        The IPv6 address.

  • PrivateIpAddress (string) -- The primary private IPv4 address of the network interface. If you don't specify an IPv4 address, Amazon EC2 selects one for you from the subnet's IPv4 CIDR range. If you specify an IP address, you cannot indicate any IP addresses specified in privateIpAddresses as primary (only one IP address can be designated as primary).
  • PrivateIpAddresses (list) --

    One or more private IPv4 addresses.

    • (dict) --

      Describes a secondary private IPv4 address for a network interface.

      • Primary (boolean) --

        Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.

      • PrivateIpAddress (string) -- [REQUIRED]

        The private IPv4 addresses.

  • SecondaryPrivateIpAddressCount (integer) --

    The number of secondary private IPv4 addresses to assign to a network interface. When you specify a number of secondary IPv4 addresses, Amazon EC2 selects these IP addresses within the subnet's IPv4 CIDR range. You can't specify this option and specify more than one private IP address using privateIpAddresses .

    The number of IP addresses you can assign to a network interface varies by instance type. For more information, see IP Addresses Per ENI Per Instance Type in the Amazon Virtual Private Cloud User Guide .

  • SubnetId (string) --

    [REQUIRED]

    The ID of the subnet to associate with the network interface.

Return type

dict

Returns

Response Syntax

{
    'NetworkInterface': {
        'Association': {
            'AllocationId': 'string',
            'AssociationId': 'string',
            'IpOwnerId': 'string',
            'PublicDnsName': 'string',
            'PublicIp': 'string'
        },
        'Attachment': {
            'AttachTime': datetime(2015, 1, 1),
            'AttachmentId': 'string',
            'DeleteOnTermination': True|False,
            'DeviceIndex': 123,
            'InstanceId': 'string',
            'InstanceOwnerId': 'string',
            'Status': 'attaching'|'attached'|'detaching'|'detached'
        },
        'AvailabilityZone': 'string',
        'Description': 'string',
        'Groups': [
            {
                'GroupName': 'string',
                'GroupId': 'string'
            },
        ],
        'InterfaceType': 'interface'|'natGateway',
        'Ipv6Addresses': [
            {
                'Ipv6Address': 'string'
            },
        ],
        'MacAddress': 'string',
        'NetworkInterfaceId': 'string',
        'OwnerId': 'string',
        'PrivateDnsName': 'string',
        'PrivateIpAddress': 'string',
        'PrivateIpAddresses': [
            {
                'Association': {
                    'AllocationId': 'string',
                    'AssociationId': 'string',
                    'IpOwnerId': 'string',
                    'PublicDnsName': 'string',
                    'PublicIp': 'string'
                },
                'Primary': True|False,
                'PrivateDnsName': 'string',
                'PrivateIpAddress': 'string'
            },
        ],
        'RequesterId': 'string',
        'RequesterManaged': True|False,
        'SourceDestCheck': True|False,
        'Status': 'available'|'attaching'|'in-use'|'detaching',
        'SubnetId': 'string',
        'TagSet': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'VpcId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateNetworkInterface.

    • NetworkInterface (dict) --

      Information about the network interface.

      • Association (dict) --

        The association information for an Elastic IP address (IPv4) associated with the network interface.

        • AllocationId (string) --

          The allocation ID.

        • AssociationId (string) --

          The association ID.

        • IpOwnerId (string) --

          The ID of the Elastic IP address owner.

        • PublicDnsName (string) --

          The public DNS name.

        • PublicIp (string) --

          The address of the Elastic IP address bound to the network interface.

      • Attachment (dict) --

        The network interface attachment.

        • AttachTime (datetime) --

          The timestamp indicating when the attachment initiated.

        • AttachmentId (string) --

          The ID of the network interface attachment.

        • DeleteOnTermination (boolean) --

          Indicates whether the network interface is deleted when the instance is terminated.

        • DeviceIndex (integer) --

          The device index of the network interface attachment on the instance.

        • InstanceId (string) --

          The ID of the instance.

        • InstanceOwnerId (string) --

          The AWS account ID of the owner of the instance.

        • Status (string) --

          The attachment state.

      • AvailabilityZone (string) --

        The Availability Zone.

      • Description (string) --

        A description.

      • Groups (list) --

        Any security groups for the network interface.

        • (dict) --

          Describes a security group.

          • GroupName (string) --

            The name of the security group.

          • GroupId (string) --

            The ID of the security group.

      • InterfaceType (string) --

        The type of interface.

      • Ipv6Addresses (list) --

        The IPv6 addresses associated with the network interface.

        • (dict) --

          Describes an IPv6 address associated with a network interface.

          • Ipv6Address (string) --

            The IPv6 address.

      • MacAddress (string) --

        The MAC address.

      • NetworkInterfaceId (string) --

        The ID of the network interface.

      • OwnerId (string) --

        The AWS account ID of the owner of the network interface.

      • PrivateDnsName (string) --

        The private DNS name.

      • PrivateIpAddress (string) --

        The IPv4 address of the network interface within the subnet.

      • PrivateIpAddresses (list) --

        The private IPv4 addresses associated with the network interface.

        • (dict) --

          Describes the private IPv4 address of a network interface.

          • Association (dict) --

            The association information for an Elastic IP address (IPv4) associated with the network interface.

            • AllocationId (string) --

              The allocation ID.

            • AssociationId (string) --

              The association ID.

            • IpOwnerId (string) --

              The ID of the Elastic IP address owner.

            • PublicDnsName (string) --

              The public DNS name.

            • PublicIp (string) --

              The address of the Elastic IP address bound to the network interface.

          • Primary (boolean) --

            Indicates whether this IPv4 address is the primary private IPv4 address of the network interface.

          • PrivateDnsName (string) --

            The private DNS name.

          • PrivateIpAddress (string) --

            The private IPv4 address.

      • RequesterId (string) --

        The ID of the entity that launched the instance on your behalf (for example, AWS Management Console or Auto Scaling).

      • RequesterManaged (boolean) --

        Indicates whether the network interface is being managed by AWS.

      • SourceDestCheck (boolean) --

        Indicates whether traffic to or from the instance is validated.

      • Status (string) --

        The status of the network interface.

      • SubnetId (string) --

        The ID of the subnet.

      • TagSet (list) --

        Any tags assigned to the network interface.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

      • VpcId (string) --

        The ID of the VPC.

Examples

This example creates a network interface for the specified subnet.

response = client.create_network_interface(
    Description='my network interface',
    Groups=[
        'sg-903004f8',
    ],
    PrivateIpAddress='10.0.2.17',
    SubnetId='subnet-9d4a7b6c',
)

print(response)

Expected Output:

{
    'NetworkInterface': {
        'AvailabilityZone': 'us-east-1d',
        'Description': 'my network interface',
        'Groups': [
            {
                'GroupId': 'sg-903004f8',
                'GroupName': 'default',
            },
        ],
        'MacAddress': '02:1a:80:41:52:9c',
        'NetworkInterfaceId': 'eni-e5aa89a3',
        'OwnerId': '123456789012',
        'PrivateIpAddress': '10.0.2.17',
        'PrivateIpAddresses': [
            {
                'Primary': True,
                'PrivateIpAddress': '10.0.2.17',
            },
        ],
        'RequesterManaged': False,
        'SourceDestCheck': True,
        'Status': 'pending',
        'SubnetId': 'subnet-9d4a7b6c',
        'TagSet': [
        ],
        'VpcId': 'vpc-a01106c2',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_network_interface_permission(**kwargs)

Grants an AWS authorized partner account permission to attach the specified network interface to an instance in their account.

You can grant permission to a single AWS account only, and only one account at a time.

See also: AWS API Documentation

Request Syntax

response = client.create_network_interface_permission(
    NetworkInterfaceId='string',
    AwsAccountId='string',
    AwsService='string',
    Permission='INSTANCE-ATTACH'|'EIP-ASSOCIATE',
    DryRun=True|False
)
Parameters
  • NetworkInterfaceId (string) --

    [REQUIRED]

    The ID of the network interface.

  • AwsAccountId (string) -- The AWS account ID.
  • AwsService (string) -- The AWS service. Currently not supported.
  • Permission (string) --

    [REQUIRED]

    The type of permission to grant.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'InterfacePermission': {
        'NetworkInterfacePermissionId': 'string',
        'NetworkInterfaceId': 'string',
        'AwsAccountId': 'string',
        'AwsService': 'string',
        'Permission': 'INSTANCE-ATTACH'|'EIP-ASSOCIATE',
        'PermissionState': {
            'State': 'pending'|'granted'|'revoking'|'revoked',
            'StatusMessage': 'string'
        }
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateNetworkInterfacePermission.

    • InterfacePermission (dict) --

      Information about the permission for the network interface.

      • NetworkInterfacePermissionId (string) --

        The ID of the network interface permission.

      • NetworkInterfaceId (string) --

        The ID of the network interface.

      • AwsAccountId (string) --

        The AWS account ID.

      • AwsService (string) --

        The AWS service.

      • Permission (string) --

        The type of permission.

      • PermissionState (dict) --

        Information about the state of the permission.

        • State (string) --

          The state of the permission.

        • StatusMessage (string) --

          A status message, if applicable.

create_placement_group(**kwargs)

Creates a placement group that you launch cluster instances into. You must give the group a name that's unique within the scope of your account.

For more information about placement groups and cluster instances, see Cluster Instances in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_placement_group(
    DryRun=True|False,
    GroupName='string',
    Strategy='cluster'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • GroupName (string) --

    [REQUIRED]

    A name for the placement group.

    Constraints: Up to 255 ASCII characters

  • Strategy (string) --

    [REQUIRED]

    The placement strategy.

Returns

None

Examples

This example creates a placement group with the specified name.

response = client.create_placement_group(
    GroupName='my-cluster',
    Strategy='cluster',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
create_reserved_instances_listing(**kwargs)

Creates a listing for Amazon EC2 Standard Reserved Instances to be sold in the Reserved Instance Marketplace. You can submit one Standard Reserved Instance listing at a time. To get a list of your Standard Reserved Instances, you can use the DescribeReservedInstances operation.

Note

Only Standard Reserved Instances with a capacity reservation can be sold in the Reserved Instance Marketplace. Convertible Reserved Instances and Standard Reserved Instances with a regional benefit cannot be sold.

The Reserved Instance Marketplace matches sellers who want to resell Standard Reserved Instance capacity that they no longer need with buyers who want to purchase additional capacity. Reserved Instances bought and sold through the Reserved Instance Marketplace work like any other Reserved Instances.

To sell your Standard Reserved Instances, you must first register as a seller in the Reserved Instance Marketplace. After completing the registration process, you can create a Reserved Instance Marketplace listing of some or all of your Standard Reserved Instances, and specify the upfront price to receive for them. Your Standard Reserved Instance listings then become available for purchase. To view the details of your Standard Reserved Instance listing, you can use the DescribeReservedInstancesListings operation.

For more information, see Reserved Instance Marketplace in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_reserved_instances_listing(
    ClientToken='string',
    InstanceCount=123,
    PriceSchedules=[
        {
            'CurrencyCode': 'USD',
            'Price': 123.0,
            'Term': 123
        },
    ],
    ReservedInstancesId='string'
)
Parameters
  • ClientToken (string) --

    [REQUIRED]

    Unique, case-sensitive identifier you provide to ensure idempotency of your listings. This helps avoid duplicate listings. For more information, see Ensuring Idempotency .

  • InstanceCount (integer) --

    [REQUIRED]

    The number of instances that are a part of a Reserved Instance account to be listed in the Reserved Instance Marketplace. This number should be less than or equal to the instance count associated with the Reserved Instance ID specified in this call.

  • PriceSchedules (list) --

    [REQUIRED]

    A list specifying the price of the Standard Reserved Instance for each month remaining in the Reserved Instance term.

    • (dict) --

      Describes the price for a Reserved Instance.

      • CurrencyCode (string) --

        The currency for transacting the Reserved Instance resale. At this time, the only supported currency is USD .

      • Price (float) --

        The fixed price for the term.

      • Term (integer) --

        The number of months remaining in the reservation. For example, 2 is the second to the last month before the capacity reservation expires.

  • ReservedInstancesId (string) --

    [REQUIRED]

    The ID of the active Standard Reserved Instance.

Return type

dict

Returns

Response Syntax

{
    'ReservedInstancesListings': [
        {
            'ClientToken': 'string',
            'CreateDate': datetime(2015, 1, 1),
            'InstanceCounts': [
                {
                    'InstanceCount': 123,
                    'State': 'available'|'sold'|'cancelled'|'pending'
                },
            ],
            'PriceSchedules': [
                {
                    'Active': True|False,
                    'CurrencyCode': 'USD',
                    'Price': 123.0,
                    'Term': 123
                },
            ],
            'ReservedInstancesId': 'string',
            'ReservedInstancesListingId': 'string',
            'Status': 'active'|'pending'|'cancelled'|'closed',
            'StatusMessage': 'string',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'UpdateDate': datetime(2015, 1, 1)
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of CreateReservedInstancesListing.

    • ReservedInstancesListings (list) --

      Information about the Standard Reserved Instance listing.

      • (dict) --

        Describes a Reserved Instance listing.

        • ClientToken (string) --

          A unique, case-sensitive key supplied by the client to ensure that the request is idempotent. For more information, see Ensuring Idempotency .

        • CreateDate (datetime) --

          The time the listing was created.

        • InstanceCounts (list) --

          The number of instances in this state.

          • (dict) --

            Describes a Reserved Instance listing state.

            • InstanceCount (integer) --

              The number of listed Reserved Instances in the state specified by the state .

            • State (string) --

              The states of the listed Reserved Instances.

        • PriceSchedules (list) --

          The price of the Reserved Instance listing.

          • (dict) --

            Describes the price for a Reserved Instance.

            • Active (boolean) --

              The current price schedule, as determined by the term remaining for the Reserved Instance in the listing.

              A specific price schedule is always in effect, but only one price schedule can be active at any time. Take, for example, a Reserved Instance listing that has five months remaining in its term. When you specify price schedules for five months and two months, this means that schedule 1, covering the first three months of the remaining term, will be active during months 5, 4, and 3. Then schedule 2, covering the last two months of the term, will be active for months 2 and 1.

            • CurrencyCode (string) --

              The currency for transacting the Reserved Instance resale. At this time, the only supported currency is USD .

            • Price (float) --

              The fixed price for the term.

            • Term (integer) --

              The number of months remaining in the reservation. For example, 2 is the second to the last month before the capacity reservation expires.

        • ReservedInstancesId (string) --

          The ID of the Reserved Instance.

        • ReservedInstancesListingId (string) --

          The ID of the Reserved Instance listing.

        • Status (string) --

          The status of the Reserved Instance listing.

        • StatusMessage (string) --

          The reason for the current status of the Reserved Instance listing. The response can be blank.

        • Tags (list) --

          Any tags assigned to the resource.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

        • UpdateDate (datetime) --

          The last modified timestamp of the listing.

create_route(**kwargs)

Creates a route in a route table within a VPC.

You must specify one of the following targets: Internet gateway or virtual private gateway, NAT instance, NAT gateway, VPC peering connection, network interface, or egress-only Internet gateway.

When determining how to route traffic, we use the route with the most specific match. For example, traffic is destined for the IPv4 address 192.0.2.3 , and the route table includes the following two IPv4 routes:

  • 192.0.2.0/24 (goes to some target A)
  • 192.0.2.0/28 (goes to some target B)

Both routes apply to the traffic destined for 192.0.2.3 . However, the second route in the list covers a smaller number of IP addresses and is therefore more specific, so we use that route to determine where to target the traffic.

For more information about route tables, see Route Tables in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_route(
    DestinationCidrBlock='string',
    DestinationIpv6CidrBlock='string',
    DryRun=True|False,
    EgressOnlyInternetGatewayId='string',
    GatewayId='string',
    InstanceId='string',
    NatGatewayId='string',
    NetworkInterfaceId='string',
    RouteTableId='string',
    VpcPeeringConnectionId='string'
)
Parameters
  • DestinationCidrBlock (string) -- The IPv4 CIDR address block used for the destination match. Routing decisions are based on the most specific match.
  • DestinationIpv6CidrBlock (string) -- The IPv6 CIDR block used for the destination match. Routing decisions are based on the most specific match.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • EgressOnlyInternetGatewayId (string) -- [IPv6 traffic only] The ID of an egress-only Internet gateway.
  • GatewayId (string) -- The ID of an Internet gateway or virtual private gateway attached to your VPC.
  • InstanceId (string) -- The ID of a NAT instance in your VPC. The operation fails if you specify an instance ID unless exactly one network interface is attached.
  • NatGatewayId (string) -- [IPv4 traffic only] The ID of a NAT gateway.
  • NetworkInterfaceId (string) -- The ID of a network interface.
  • RouteTableId (string) --

    [REQUIRED]

    The ID of the route table for the route.

  • VpcPeeringConnectionId (string) -- The ID of a VPC peering connection.
Return type

dict

Returns

Response Syntax

{
    'Return': True|False
}

Response Structure

  • (dict) --

    Contains the output of CreateRoute.

    • Return (boolean) --

      Returns true if the request succeeds; otherwise, it returns an error.

Examples

This example creates a route for the specified route table. The route matches all traffic (0.0.0.0/0) and routes it to the specified Internet gateway.

response = client.create_route(
    DestinationCidrBlock='0.0.0.0/0',
    GatewayId='igw-c0a643a9',
    RouteTableId='rtb-22574640',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
create_route_table(**kwargs)

Creates a route table for the specified VPC. After you create a route table, you can add routes and associate the table with a subnet.

For more information about route tables, see Route Tables in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_route_table(
    DryRun=True|False,
    VpcId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC.

Return type

dict

Returns

Response Syntax

{
    'RouteTable': {
        'Associations': [
            {
                'Main': True|False,
                'RouteTableAssociationId': 'string',
                'RouteTableId': 'string',
                'SubnetId': 'string'
            },
        ],
        'PropagatingVgws': [
            {
                'GatewayId': 'string'
            },
        ],
        'RouteTableId': 'string',
        'Routes': [
            {
                'DestinationCidrBlock': 'string',
                'DestinationIpv6CidrBlock': 'string',
                'DestinationPrefixListId': 'string',
                'EgressOnlyInternetGatewayId': 'string',
                'GatewayId': 'string',
                'InstanceId': 'string',
                'InstanceOwnerId': 'string',
                'NatGatewayId': 'string',
                'NetworkInterfaceId': 'string',
                'Origin': 'CreateRouteTable'|'CreateRoute'|'EnableVgwRoutePropagation',
                'State': 'active'|'blackhole',
                'VpcPeeringConnectionId': 'string'
            },
        ],
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'VpcId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateRouteTable.

    • RouteTable (dict) --

      Information about the route table.

      • Associations (list) --

        The associations between the route table and one or more subnets.

        • (dict) --

          Describes an association between a route table and a subnet.

          • Main (boolean) --

            Indicates whether this is the main route table.

          • RouteTableAssociationId (string) --

            The ID of the association between a route table and a subnet.

          • RouteTableId (string) --

            The ID of the route table.

          • SubnetId (string) --

            The ID of the subnet. A subnet ID is not returned for an implicit association.

      • PropagatingVgws (list) --

        Any virtual private gateway (VGW) propagating routes.

        • (dict) --

          Describes a virtual private gateway propagating route.

          • GatewayId (string) --

            The ID of the virtual private gateway (VGW).

      • RouteTableId (string) --

        The ID of the route table.

      • Routes (list) --

        The routes in the route table.

        • (dict) --

          Describes a route in a route table.

          • DestinationCidrBlock (string) --

            The IPv4 CIDR block used for the destination match.

          • DestinationIpv6CidrBlock (string) --

            The IPv6 CIDR block used for the destination match.

          • DestinationPrefixListId (string) --

            The prefix of the AWS service.

          • EgressOnlyInternetGatewayId (string) --

            The ID of the egress-only Internet gateway.

          • GatewayId (string) --

            The ID of a gateway attached to your VPC.

          • InstanceId (string) --

            The ID of a NAT instance in your VPC.

          • InstanceOwnerId (string) --

            The AWS account ID of the owner of the instance.

          • NatGatewayId (string) --

            The ID of a NAT gateway.

          • NetworkInterfaceId (string) --

            The ID of the network interface.

          • Origin (string) --

            Describes how the route was created.

            • CreateRouteTable - The route was automatically created when the route table was created.
            • CreateRoute - The route was manually added to the route table.
            • EnableVgwRoutePropagation - The route was propagated by route propagation.
          • State (string) --

            The state of the route. The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, or the specified NAT instance has been terminated).

          • VpcPeeringConnectionId (string) --

            The ID of the VPC peering connection.

      • Tags (list) --

        Any tags assigned to the route table.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

      • VpcId (string) --

        The ID of the VPC.

Examples

This example creates a route table for the specified VPC.

response = client.create_route_table(
    VpcId='vpc-a01106c2',
)

print(response)

Expected Output:

{
    'RouteTable': {
        'Associations': [
        ],
        'PropagatingVgws': [
        ],
        'RouteTableId': 'rtb-22574640',
        'Routes': [
            {
                'DestinationCidrBlock': '10.0.0.0/16',
                'GatewayId': 'local',
                'State': 'active',
            },
        ],
        'Tags': [
        ],
        'VpcId': 'vpc-a01106c2',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_security_group(**kwargs)

Creates a security group.

A security group is for use with instances either in the EC2-Classic platform or in a specific VPC. For more information, see Amazon EC2 Security Groups in the Amazon Elastic Compute Cloud User Guide and Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide .

Warning

EC2-Classic: You can have up to 500 security groups.

EC2-VPC: You can create up to 500 security groups per VPC.

When you create a security group, you specify a friendly name of your choice. You can have a security group for use in EC2-Classic with the same name as a security group for use in a VPC. However, you can't have two security groups for use in EC2-Classic with the same name or two security groups for use in a VPC with the same name.

You have a default security group for use in EC2-Classic and a default security group for use in your VPC. If you don't specify a security group when you launch an instance, the instance is launched into the appropriate default security group. A default security group includes a default rule that grants instances unrestricted network access to each other.

You can add or remove rules from your security groups using AuthorizeSecurityGroupIngress , AuthorizeSecurityGroupEgress , RevokeSecurityGroupIngress , and RevokeSecurityGroupEgress .

See also: AWS API Documentation

Request Syntax

response = client.create_security_group(
    Description='string',
    GroupName='string',
    VpcId='string',
    DryRun=True|False
)
Parameters
  • Description (string) --

    [REQUIRED]

    A description for the security group. This is informational only.

    Constraints: Up to 255 characters in length

    Constraints for EC2-Classic: ASCII characters

    Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

  • GroupName (string) --

    [REQUIRED]

    The name of the security group.

    Constraints: Up to 255 characters in length

    Constraints for EC2-Classic: ASCII characters

    Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*

  • VpcId (string) -- [EC2-VPC] The ID of the VPC. Required for EC2-VPC.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'GroupId': 'string'
}

Response Structure

  • (dict) --

    Contains the output of CreateSecurityGroup.

    • GroupId (string) --

      The ID of the security group.

create_snapshot(**kwargs)

Creates a snapshot of an EBS volume and stores it in Amazon S3. You can use snapshots for backups, to make copies of EBS volumes, and to save data before shutting down an instance.

When a snapshot is created, any AWS Marketplace product codes that are associated with the source volume are propagated to the snapshot.

You can take a snapshot of an attached volume that is in use. However, snapshots only capture data that has been written to your EBS volume at the time the snapshot command is issued; this may exclude any data that has been cached by any applications or the operating system. If you can pause any file systems on the volume long enough to take a snapshot, your snapshot should be complete. However, if you cannot pause all file writes to the volume, you should unmount the volume from within the instance, issue the snapshot command, and then remount the volume to ensure a consistent and complete snapshot. You may remount and use your volume while the snapshot status is pending .

To create a snapshot for EBS volumes that serve as root devices, you should stop the instance before taking the snapshot.

Snapshots that are taken from encrypted volumes are automatically encrypted. Volumes that are created from encrypted snapshots are also automatically encrypted. Your encrypted volumes and any associated snapshots always remain protected.

For more information, see Amazon Elastic Block Store and Amazon EBS Encryption in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_snapshot(
    Description='string',
    VolumeId='string',
    DryRun=True|False
)
Parameters
  • Description (string) -- A description for the snapshot.
  • VolumeId (string) --

    [REQUIRED]

    The ID of the EBS volume.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'DataEncryptionKeyId': 'string',
    'Description': 'string',
    'Encrypted': True|False,
    'KmsKeyId': 'string',
    'OwnerId': 'string',
    'Progress': 'string',
    'SnapshotId': 'string',
    'StartTime': datetime(2015, 1, 1),
    'State': 'pending'|'completed'|'error',
    'StateMessage': 'string',
    'VolumeId': 'string',
    'VolumeSize': 123,
    'OwnerAlias': 'string',
    'Tags': [
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Describes a snapshot.

    • DataEncryptionKeyId (string) --

      The data encryption key identifier for the snapshot. This value is a unique identifier that corresponds to the data encryption key that was used to encrypt the original volume or snapshot copy. Because data encryption keys are inherited by volumes created from snapshots, and vice versa, if snapshots share the same data encryption key identifier, then they belong to the same volume/snapshot lineage. This parameter is only returned by the DescribeSnapshots API operation.

    • Description (string) --

      The description for the snapshot.

    • Encrypted (boolean) --

      Indicates whether the snapshot is encrypted.

    • KmsKeyId (string) --

      The full ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the parent volume.

    • OwnerId (string) --

      The AWS account ID of the EBS snapshot owner.

    • Progress (string) --

      The progress of the snapshot, as a percentage.

    • SnapshotId (string) --

      The ID of the snapshot. Each snapshot receives a unique identifier when it is created.

    • StartTime (datetime) --

      The time stamp when the snapshot was initiated.

    • State (string) --

      The snapshot state.

    • StateMessage (string) --

      Encrypted Amazon EBS snapshots are copied asynchronously. If a snapshot copy operation fails (for example, if the proper AWS Key Management Service (AWS KMS) permissions are not obtained) this field displays error state details to help you diagnose why the error occurred. This parameter is only returned by the DescribeSnapshots API operation.

    • VolumeId (string) --

      The ID of the volume that was used to create the snapshot. Snapshots created by the CopySnapshot action have an arbitrary volume ID that should not be used for any purpose.

    • VolumeSize (integer) --

      The size of the volume, in GiB.

    • OwnerAlias (string) --

      Value from an Amazon-maintained list (amazon | aws-marketplace | microsoft ) of snapshot owners. Not to be confused with the user-configured AWS account alias, which is set from the IAM console.

    • Tags (list) --

      Any tags assigned to the snapshot.

      • (dict) --

        Describes a tag.

        • Key (string) --

          The key of the tag.

          Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

        • Value (string) --

          The value of the tag.

          Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example creates a snapshot of the volume with a volume ID of vol-1234567890abcdef0 and a short description to identify the snapshot.

response = client.create_snapshot(
    Description='This is my root volume snapshot.',
    VolumeId='vol-1234567890abcdef0',
)

print(response)

Expected Output:

{
    'Description': 'This is my root volume snapshot.',
    'OwnerId': '012345678910',
    'SnapshotId': 'snap-066877671789bd71b',
    'StartTime': datetime(2014, 2, 28, 21, 6, 1, 4, 59, 0),
    'State': 'pending',
    'Tags': [
    ],
    'VolumeId': 'vol-1234567890abcdef0',
    'VolumeSize': 8,
    'ResponseMetadata': {
        '...': '...',
    },
}
create_spot_datafeed_subscription(**kwargs)

Creates a data feed for Spot instances, enabling you to view Spot instance usage logs. You can create one data feed per AWS account. For more information, see Spot Instance Data Feed in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_spot_datafeed_subscription(
    Bucket='string',
    DryRun=True|False,
    Prefix='string'
)
Parameters
  • Bucket (string) --

    [REQUIRED]

    The Amazon S3 bucket in which to store the Spot instance data feed.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Prefix (string) -- A prefix for the data feed file names.
Return type

dict

Returns

Response Syntax

{
    'SpotDatafeedSubscription': {
        'Bucket': 'string',
        'Fault': {
            'Code': 'string',
            'Message': 'string'
        },
        'OwnerId': 'string',
        'Prefix': 'string',
        'State': 'Active'|'Inactive'
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateSpotDatafeedSubscription.

    • SpotDatafeedSubscription (dict) --

      The Spot instance data feed subscription.

      • Bucket (string) --

        The Amazon S3 bucket where the Spot instance data feed is located.

      • Fault (dict) --

        The fault codes for the Spot instance request, if any.

        • Code (string) --

          The reason code for the Spot instance state change.

        • Message (string) --

          The message for the Spot instance state change.

      • OwnerId (string) --

        The AWS account ID of the account.

      • Prefix (string) --

        The prefix that is prepended to data feed files.

      • State (string) --

        The state of the Spot instance data feed subscription.

Examples

This example creates a Spot Instance data feed for your AWS account.

response = client.create_spot_datafeed_subscription(
    Bucket='my-s3-bucket',
    Prefix='spotdata',
)

print(response)

Expected Output:

{
    'SpotDatafeedSubscription': {
        'Bucket': 'my-s3-bucket',
        'OwnerId': '123456789012',
        'Prefix': 'spotdata',
        'State': 'Active',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_subnet(**kwargs)

Creates a subnet in an existing VPC.

When you create each subnet, you provide the VPC ID and the IPv4 CIDR block you want for the subnet. After you create a subnet, you can't change its CIDR block. The size of the subnet's IPv4 CIDR block can be the same as a VPC's IPv4 CIDR block, or a subset of a VPC's IPv4 CIDR block. If you create more than one subnet in a VPC, the subnets' CIDR blocks must not overlap. The smallest IPv4 subnet (and VPC) you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses).

If you've associated an IPv6 CIDR block with your VPC, you can create a subnet with an IPv6 CIDR block that uses a /64 prefix length.

Warning

AWS reserves both the first four and the last IPv4 address in each subnet's CIDR block. They're not available for use.

If you add more than one subnet to a VPC, they're set up in a star topology with a logical router in the middle.

If you launch an instance in a VPC using an Amazon EBS-backed AMI, the IP address doesn't change if you stop and restart the instance (unlike a similar instance launched outside a VPC, which gets a new IP address when restarted). It's therefore possible to have a subnet with no running instances (they're all stopped), but no remaining IP addresses available.

For more information about subnets, see Your VPC and Subnets in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_subnet(
    AvailabilityZone='string',
    CidrBlock='string',
    Ipv6CidrBlock='string',
    VpcId='string',
    DryRun=True|False
)
Parameters
  • AvailabilityZone (string) --

    The Availability Zone for the subnet.

    Default: AWS selects one for you. If you create more than one subnet in your VPC, we may not necessarily select a different zone for each subnet.

  • CidrBlock (string) --

    [REQUIRED]

    The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24 .

  • Ipv6CidrBlock (string) -- The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.
  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'Subnet': {
        'AvailabilityZone': 'string',
        'AvailableIpAddressCount': 123,
        'CidrBlock': 'string',
        'DefaultForAz': True|False,
        'MapPublicIpOnLaunch': True|False,
        'State': 'pending'|'available',
        'SubnetId': 'string',
        'VpcId': 'string',
        'AssignIpv6AddressOnCreation': True|False,
        'Ipv6CidrBlockAssociationSet': [
            {
                'AssociationId': 'string',
                'Ipv6CidrBlock': 'string',
                'Ipv6CidrBlockState': {
                    'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
                    'StatusMessage': 'string'
                }
            },
        ],
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateSubnet.

    • Subnet (dict) --

      Information about the subnet.

      • AvailabilityZone (string) --

        The Availability Zone of the subnet.

      • AvailableIpAddressCount (integer) --

        The number of unused private IPv4 addresses in the subnet. Note that the IPv4 addresses for any stopped instances are considered unavailable.

      • CidrBlock (string) --

        The IPv4 CIDR block assigned to the subnet.

      • DefaultForAz (boolean) --

        Indicates whether this is the default subnet for the Availability Zone.

      • MapPublicIpOnLaunch (boolean) --

        Indicates whether instances launched in this subnet receive a public IPv4 address.

      • State (string) --

        The current state of the subnet.

      • SubnetId (string) --

        The ID of the subnet.

      • VpcId (string) --

        The ID of the VPC the subnet is in.

      • AssignIpv6AddressOnCreation (boolean) --

        Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.

      • Ipv6CidrBlockAssociationSet (list) --

        Information about the IPv6 CIDR blocks associated with the subnet.

        • (dict) --

          Describes an IPv6 CIDR block associated with a subnet.

          • AssociationId (string) --

            The association ID for the CIDR block.

          • Ipv6CidrBlock (string) --

            The IPv6 CIDR block.

          • Ipv6CidrBlockState (dict) --

            Information about the state of the CIDR block.

            • State (string) --

              The state of a CIDR block.

            • StatusMessage (string) --

              A message about the status of the CIDR block, if applicable.

      • Tags (list) --

        Any tags assigned to the subnet.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example creates a subnet in the specified VPC with the specified CIDR block. We recommend that you let us select an Availability Zone for you.

response = client.create_subnet(
    CidrBlock='10.0.1.0/24',
    VpcId='vpc-a01106c2',
)

print(response)

Expected Output:

{
    'Subnet': {
        'AvailabilityZone': 'us-west-2c',
        'AvailableIpAddressCount': 251,
        'CidrBlock': '10.0.1.0/24',
        'State': 'pending',
        'SubnetId': 'subnet-9d4a7b6c',
        'VpcId': 'vpc-a01106c2',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_tags(**kwargs)

Adds or overwrites one or more tags for the specified Amazon EC2 resource or resources. Each resource can have a maximum of 50 tags. Each tag consists of a key and optional value. Tag keys must be unique per resource.

For more information about tags, see Tagging Your Resources in the Amazon Elastic Compute Cloud User Guide . For more information about creating IAM policies that control users' access to resources based on tags, see Supported Resource-Level Permissions for Amazon EC2 API Actions in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_tags(
    DryRun=True|False,
    Resources=[
        'string',
    ],
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Resources (list) --

    [REQUIRED]

    The IDs of one or more resources to tag. For example, ami-1a2b3c4d.

    • (string) --
  • Tags (list) --

    [REQUIRED]

    One or more tags. The value parameter is required, but if you don't want the tag to have a value, specify the parameter with no value, and we set the value to an empty string.

    • (dict) --

      Describes a tag.

      • Key (string) --

        The key of the tag.

        Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

      • Value (string) --

        The value of the tag.

        Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Returns

None

Examples

This example adds the tag Stack=production to the specified image, or overwrites an existing tag for the AMI where the tag key is Stack.

response = client.create_tags(
    Resources=[
        'ami-78a54011',
    ],
    Tags=[
        {
            'Key': 'Stack',
            'Value': 'production',
        },
    ],
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
create_volume(**kwargs)

Creates an EBS volume that can be attached to an instance in the same Availability Zone. The volume is created in the regional endpoint that you send the HTTP request to. For more information see Regions and Endpoints .

You can create a new empty volume or restore a volume from an EBS snapshot. Any AWS Marketplace product codes from the snapshot are propagated to the volume.

You can create encrypted volumes with the Encrypted parameter. Encrypted volumes may only be attached to instances that support Amazon EBS encryption. Volumes that are created from encrypted snapshots are also automatically encrypted. For more information, see Amazon EBS Encryption in the Amazon Elastic Compute Cloud User Guide .

You can tag your volumes during creation. For more information, see Tagging Your Amazon EC2 Resources .

For more information, see Creating an Amazon EBS Volume in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_volume(
    AvailabilityZone='string',
    Encrypted=True|False,
    Iops=123,
    KmsKeyId='string',
    Size=123,
    SnapshotId='string',
    VolumeType='standard'|'io1'|'gp2'|'sc1'|'st1',
    DryRun=True|False,
    TagSpecifications=[
        {
            'ResourceType': 'customer-gateway'|'dhcp-options'|'image'|'instance'|'internet-gateway'|'network-acl'|'network-interface'|'reserved-instances'|'route-table'|'snapshot'|'spot-instances-request'|'subnet'|'security-group'|'volume'|'vpc'|'vpn-connection'|'vpn-gateway',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ]
)
Parameters
  • AvailabilityZone (string) --

    [REQUIRED]

    The Availability Zone in which to create the volume. Use DescribeAvailabilityZones to list the Availability Zones that are currently available to you.

  • Encrypted (boolean) -- Specifies whether the volume should be encrypted. Encrypted Amazon EBS volumes may only be attached to instances that support Amazon EBS encryption. Volumes that are created from encrypted snapshots are automatically encrypted. There is no way to create an encrypted volume from an unencrypted snapshot or vice versa. If your AMI uses encrypted volumes, you can only launch it on supported instance types. For more information, see Amazon EBS Encryption in the Amazon Elastic Compute Cloud User Guide .
  • Iops (integer) --

    Only valid for Provisioned IOPS SSD volumes. The number of I/O operations per second (IOPS) to provision for the volume, with a maximum ratio of 50 IOPS/GiB.

    Constraint: Range is 100 to 20000 for Provisioned IOPS SSD volumes

  • KmsKeyId (string) -- The full ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) to use when creating the encrypted volume. This parameter is only required if you want to use a non-default CMK; if this parameter is not specified, the default CMK for EBS is used. The ARN contains the arn:aws:kms namespace, followed by the region of the CMK, the AWS account ID of the CMK owner, the key namespace, and then the CMK ID. For example, arn:aws:kms:us-east-1 :012345678910 :key/abcd1234-a123-456a-a12b-a123b4cd56ef . If a KmsKeyId is specified, the Encrypted flag must also be set.
  • Size (integer) --

    The size of the volume, in GiBs.

    Constraints: 1-16384 for gp2 , 4-16384 for io1 , 500-16384 for st1 , 500-16384 for sc1 , and 1-1024 for standard . If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.

    Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.

  • SnapshotId (string) -- The snapshot from which to create the volume.
  • VolumeType (string) --

    The volume type. This can be gp2 for General Purpose SSD, io1 for Provisioned IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, or standard for Magnetic volumes.

    Default: standard

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • TagSpecifications (list) --

    The tags to apply to the volume during creation.

    • (dict) --

      The tags to apply to a resource when the resource is being created.

      • ResourceType (string) --

        The type of resource to tag. Currently, the resource types that support tagging on creation are instance and volume .

      • Tags (list) --

        The tags to apply to the resource.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Return type

dict

Returns

Response Syntax

{
    'Attachments': [
        {
            'AttachTime': datetime(2015, 1, 1),
            'Device': 'string',
            'InstanceId': 'string',
            'State': 'attaching'|'attached'|'detaching'|'detached',
            'VolumeId': 'string',
            'DeleteOnTermination': True|False
        },
    ],
    'AvailabilityZone': 'string',
    'CreateTime': datetime(2015, 1, 1),
    'Encrypted': True|False,
    'KmsKeyId': 'string',
    'Size': 123,
    'SnapshotId': 'string',
    'State': 'creating'|'available'|'in-use'|'deleting'|'deleted'|'error',
    'VolumeId': 'string',
    'Iops': 123,
    'Tags': [
        {
            'Key': 'string',
            'Value': 'string'
        },
    ],
    'VolumeType': 'standard'|'io1'|'gp2'|'sc1'|'st1'
}

Response Structure

  • (dict) --

    Describes a volume.

    • Attachments (list) --

      Information about the volume attachments.

      • (dict) --

        Describes volume attachment details.

        • AttachTime (datetime) --

          The time stamp when the attachment initiated.

        • Device (string) --

          The device name.

        • InstanceId (string) --

          The ID of the instance.

        • State (string) --

          The attachment state of the volume.

        • VolumeId (string) --

          The ID of the volume.

        • DeleteOnTermination (boolean) --

          Indicates whether the EBS volume is deleted on instance termination.

    • AvailabilityZone (string) --

      The Availability Zone for the volume.

    • CreateTime (datetime) --

      The time stamp when volume creation was initiated.

    • Encrypted (boolean) --

      Indicates whether the volume will be encrypted.

    • KmsKeyId (string) --

      The full ARN of the AWS Key Management Service (AWS KMS) customer master key (CMK) that was used to protect the volume encryption key for the volume.

    • Size (integer) --

      The size of the volume, in GiBs.

    • SnapshotId (string) --

      The snapshot from which the volume was created, if applicable.

    • State (string) --

      The volume state.

    • VolumeId (string) --

      The ID of the volume.

    • Iops (integer) --

      The number of I/O operations per second (IOPS) that the volume supports. For Provisioned IOPS SSD volumes, this represents the number of IOPS that are provisioned for the volume. For General Purpose SSD volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information on General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide .

      Constraint: Range is 100-20000 IOPS for io1 volumes and 100-10000 IOPS for gp2 volumes.

      Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2 , st1 , sc1 , or standard volumes.

    • Tags (list) --

      Any tags assigned to the volume.

      • (dict) --

        Describes a tag.

        • Key (string) --

          The key of the tag.

          Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

        • Value (string) --

          The value of the tag.

          Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

    • VolumeType (string) --

      The volume type. This can be gp2 for General Purpose SSD, io1 for Provisioned IOPS SSD, st1 for Throughput Optimized HDD, sc1 for Cold HDD, or standard for Magnetic volumes.

Examples

This example creates an 80 GiB General Purpose (SSD) volume in the Availability Zone us-east-1a.

response = client.create_volume(
    AvailabilityZone='us-east-1a',
    Size=80,
    VolumeType='gp2',
)

print(response)

Expected Output:

{
    'AvailabilityZone': 'us-east-1a',
    'CreateTime': datetime(2016, 8, 29, 18, 52, 32, 0, 242, 0),
    'Encrypted': False,
    'Iops': 240,
    'Size': 80,
    'SnapshotId': '',
    'State': 'creating',
    'VolumeId': 'vol-6b60b7c7',
    'VolumeType': 'gp2',
    'ResponseMetadata': {
        '...': '...',
    },
}

This example creates a new Provisioned IOPS (SSD) volume with 1000 provisioned IOPS from a snapshot in the Availability Zone us-east-1a.

response = client.create_volume(
    AvailabilityZone='us-east-1a',
    Iops=1000,
    SnapshotId='snap-066877671789bd71b',
    VolumeType='io1',
)

print(response)

Expected Output:

{
    'Attachments': [
    ],
    'AvailabilityZone': 'us-east-1a',
    'CreateTime': datetime(2016, 8, 29, 18, 52, 32, 0, 242, 0),
    'Iops': 1000,
    'Size': 500,
    'SnapshotId': 'snap-066877671789bd71b',
    'State': 'creating',
    'Tags': [
    ],
    'VolumeId': 'vol-1234567890abcdef0',
    'VolumeType': 'io1',
    'ResponseMetadata': {
        '...': '...',
    },
}
create_vpc(**kwargs)

Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses). To help you decide how big to make your VPC, see Your VPC and Subnets in the Amazon Virtual Private Cloud User Guide .

You can optionally request an Amazon-provided IPv6 CIDR block for the VPC. The IPv6 CIDR block uses a /56 prefix length, and is allocated from Amazon's pool of IPv6 addresses. You cannot choose the IPv6 range for your VPC.

By default, each instance you launch in the VPC has the default DHCP options, which includes only a default DNS server that we provide (AmazonProvidedDNS). For more information about DHCP options, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide .

You can specify the instance tenancy value for the VPC when you create it. You can't change this value for the VPC after you create it. For more information, see Dedicated Instances in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_vpc(
    CidrBlock='string',
    AmazonProvidedIpv6CidrBlock=True|False,
    DryRun=True|False,
    InstanceTenancy='default'|'dedicated'|'host'
)
Parameters
  • CidrBlock (string) --

    [REQUIRED]

    The IPv4 network range for the VPC, in CIDR notation. For example, 10.0.0.0/16 .

  • AmazonProvidedIpv6CidrBlock (boolean) -- Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • InstanceTenancy (string) --

    The tenancy options for instances launched into the VPC. For default , instances are launched with shared tenancy by default. You can launch instances with any tenancy into a shared tenancy VPC. For dedicated , instances are launched as dedicated tenancy instances by default. You can only launch instances with a tenancy of dedicated or host into a dedicated tenancy VPC.

    Important: The host value cannot be used with this parameter. Use the default or dedicated values only.

    Default: default

Return type

dict

Returns

Response Syntax

{
    'Vpc': {
        'CidrBlock': 'string',
        'DhcpOptionsId': 'string',
        'State': 'pending'|'available',
        'VpcId': 'string',
        'InstanceTenancy': 'default'|'dedicated'|'host',
        'Ipv6CidrBlockAssociationSet': [
            {
                'AssociationId': 'string',
                'Ipv6CidrBlock': 'string',
                'Ipv6CidrBlockState': {
                    'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
                    'StatusMessage': 'string'
                }
            },
        ],
        'CidrBlockAssociationSet': [
            {
                'AssociationId': 'string',
                'CidrBlock': 'string',
                'CidrBlockState': {
                    'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
                    'StatusMessage': 'string'
                }
            },
        ],
        'IsDefault': True|False,
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateVpc.

    • Vpc (dict) --

      Information about the VPC.

      • CidrBlock (string) --

        The primary IPv4 CIDR block for the VPC.

      • DhcpOptionsId (string) --

        The ID of the set of DHCP options you've associated with the VPC (or default if the default options are associated with the VPC).

      • State (string) --

        The current state of the VPC.

      • VpcId (string) --

        The ID of the VPC.

      • InstanceTenancy (string) --

        The allowed tenancy of instances launched into the VPC.

      • Ipv6CidrBlockAssociationSet (list) --

        Information about the IPv6 CIDR blocks associated with the VPC.

        • (dict) --

          Describes an IPv6 CIDR block associated with a VPC.

          • AssociationId (string) --

            The association ID for the IPv6 CIDR block.

          • Ipv6CidrBlock (string) --

            The IPv6 CIDR block.

          • Ipv6CidrBlockState (dict) --

            Information about the state of the CIDR block.

            • State (string) --

              The state of the CIDR block.

            • StatusMessage (string) --

              A message about the status of the CIDR block, if applicable.

      • CidrBlockAssociationSet (list) --

        Information about the IPv4 CIDR blocks associated with the VPC.

        • (dict) --

          Describes an IPv4 CIDR block associated with a VPC.

          • AssociationId (string) --

            The association ID for the IPv4 CIDR block.

          • CidrBlock (string) --

            The IPv4 CIDR block.

          • CidrBlockState (dict) --

            Information about the state of the CIDR block.

            • State (string) --

              The state of the CIDR block.

            • StatusMessage (string) --

              A message about the status of the CIDR block, if applicable.

      • IsDefault (boolean) --

        Indicates whether the VPC is the default VPC.

      • Tags (list) --

        Any tags assigned to the VPC.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example creates a VPC with the specified CIDR block.

response = client.create_vpc(
    CidrBlock='10.0.0.0/16',
)

print(response)

Expected Output:

{
    'Vpc': {
        'CidrBlock': '10.0.0.0/16',
        'DhcpOptionsId': 'dopt-7a8b9c2d',
        'InstanceTenancy': 'default',
        'State': 'pending',
        'VpcId': 'vpc-a01106c2',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}
create_vpc_endpoint(**kwargs)

Creates a VPC endpoint for a specified AWS service. An endpoint enables you to create a private connection between your VPC and another AWS service in your account. You can specify an endpoint policy to attach to the endpoint that will control access to the service from your VPC. You can also specify the VPC route tables that use the endpoint.

Use DescribeVpcEndpointServices to get a list of supported AWS services.

See also: AWS API Documentation

Request Syntax

response = client.create_vpc_endpoint(
    ClientToken='string',
    DryRun=True|False,
    PolicyDocument='string',
    RouteTableIds=[
        'string',
    ],
    ServiceName='string',
    VpcId='string'
)
Parameters
  • ClientToken (string) -- Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency .
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • PolicyDocument (string) -- A policy to attach to the endpoint that controls access to the service. The policy must be in valid JSON format. If this parameter is not specified, we attach a default policy that allows full access to the service.
  • RouteTableIds (list) --

    One or more route table IDs.

    • (string) --
  • ServiceName (string) --

    [REQUIRED]

    The AWS service name, in the form ``com.amazonaws.*region* .*service* `` . To get a list of available services, use the DescribeVpcEndpointServices request.

  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC in which the endpoint will be used.

Return type

dict

Returns

Response Syntax

{
    'ClientToken': 'string',
    'VpcEndpoint': {
        'CreationTimestamp': datetime(2015, 1, 1),
        'PolicyDocument': 'string',
        'RouteTableIds': [
            'string',
        ],
        'ServiceName': 'string',
        'State': 'Pending'|'Available'|'Deleting'|'Deleted',
        'VpcEndpointId': 'string',
        'VpcId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateVpcEndpoint.

    • ClientToken (string) --

      Unique, case-sensitive identifier you provide to ensure the idempotency of the request.

    • VpcEndpoint (dict) --

      Information about the endpoint.

      • CreationTimestamp (datetime) --

        The date and time the VPC endpoint was created.

      • PolicyDocument (string) --

        The policy document associated with the endpoint.

      • RouteTableIds (list) --

        One or more route tables associated with the endpoint.

        • (string) --
      • ServiceName (string) --

        The name of the AWS service to which the endpoint is associated.

      • State (string) --

        The state of the VPC endpoint.

      • VpcEndpointId (string) --

        The ID of the VPC endpoint.

      • VpcId (string) --

        The ID of the VPC to which the endpoint is associated.

create_vpc_peering_connection(**kwargs)

Requests a VPC peering connection between two VPCs: a requester VPC that you own and a peer VPC with which to create the connection. The peer VPC can belong to another AWS account. The requester VPC and peer VPC cannot have overlapping CIDR blocks.

The owner of the peer VPC must accept the peering request to activate the peering connection. The VPC peering connection request expires after 7 days, after which it cannot be accepted or rejected.

If you try to create a VPC peering connection between VPCs that have overlapping CIDR blocks, the VPC peering connection status goes to failed .

See also: AWS API Documentation

Request Syntax

response = client.create_vpc_peering_connection(
    DryRun=True|False,
    PeerOwnerId='string',
    PeerVpcId='string',
    VpcId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • PeerOwnerId (string) --

    The AWS account ID of the owner of the peer VPC.

    Default: Your AWS account ID

  • PeerVpcId (string) -- The ID of the VPC with which you are creating the VPC peering connection.
  • VpcId (string) -- The ID of the requester VPC.
Return type

dict

Returns

Response Syntax

{
    'VpcPeeringConnection': {
        'AccepterVpcInfo': {
            'CidrBlock': 'string',
            'Ipv6CidrBlockSet': [
                {
                    'Ipv6CidrBlock': 'string'
                },
            ],
            'CidrBlockSet': [
                {
                    'CidrBlock': 'string'
                },
            ],
            'OwnerId': 'string',
            'PeeringOptions': {
                'AllowDnsResolutionFromRemoteVpc': True|False,
                'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                'AllowEgressFromLocalVpcToRemoteClassicLink': True|False
            },
            'VpcId': 'string'
        },
        'ExpirationTime': datetime(2015, 1, 1),
        'RequesterVpcInfo': {
            'CidrBlock': 'string',
            'Ipv6CidrBlockSet': [
                {
                    'Ipv6CidrBlock': 'string'
                },
            ],
            'CidrBlockSet': [
                {
                    'CidrBlock': 'string'
                },
            ],
            'OwnerId': 'string',
            'PeeringOptions': {
                'AllowDnsResolutionFromRemoteVpc': True|False,
                'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                'AllowEgressFromLocalVpcToRemoteClassicLink': True|False
            },
            'VpcId': 'string'
        },
        'Status': {
            'Code': 'initiating-request'|'pending-acceptance'|'active'|'deleted'|'rejected'|'failed'|'expired'|'provisioning'|'deleting',
            'Message': 'string'
        },
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'VpcPeeringConnectionId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateVpcPeeringConnection.

    • VpcPeeringConnection (dict) --

      Information about the VPC peering connection.

      • AccepterVpcInfo (dict) --

        Information about the accepter VPC. CIDR block information is only returned when describing an active VPC peering connection.

        • CidrBlock (string) --

          The IPv4 CIDR block for the VPC.

        • Ipv6CidrBlockSet (list) --

          The IPv6 CIDR block for the VPC.

          • (dict) --

            Describes an IPv6 CIDR block.

            • Ipv6CidrBlock (string) --

              The IPv6 CIDR block.

        • CidrBlockSet (list) --

          Information about the IPv4 CIDR blocks for the VPC.

          • (dict) --

            Describes an IPv4 CIDR block.

            • CidrBlock (string) --

              The IPv4 CIDR block.

        • OwnerId (string) --

          The AWS account ID of the VPC owner.

        • PeeringOptions (dict) --

          Information about the VPC peering connection options for the accepter or requester VPC.

          • AllowDnsResolutionFromRemoteVpc (boolean) --

            Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

          • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

            Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

          • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

            Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

        • VpcId (string) --

          The ID of the VPC.

      • ExpirationTime (datetime) --

        The time that an unaccepted VPC peering connection will expire.

      • RequesterVpcInfo (dict) --

        Information about the requester VPC. CIDR block information is only returned when describing an active VPC peering connection.

        • CidrBlock (string) --

          The IPv4 CIDR block for the VPC.

        • Ipv6CidrBlockSet (list) --

          The IPv6 CIDR block for the VPC.

          • (dict) --

            Describes an IPv6 CIDR block.

            • Ipv6CidrBlock (string) --

              The IPv6 CIDR block.

        • CidrBlockSet (list) --

          Information about the IPv4 CIDR blocks for the VPC.

          • (dict) --

            Describes an IPv4 CIDR block.

            • CidrBlock (string) --

              The IPv4 CIDR block.

        • OwnerId (string) --

          The AWS account ID of the VPC owner.

        • PeeringOptions (dict) --

          Information about the VPC peering connection options for the accepter or requester VPC.

          • AllowDnsResolutionFromRemoteVpc (boolean) --

            Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

          • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

            Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

          • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

            Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

        • VpcId (string) --

          The ID of the VPC.

      • Status (dict) --

        The status of the VPC peering connection.

        • Code (string) --

          The status of the VPC peering connection.

        • Message (string) --

          A message that provides more information about the status, if applicable.

      • Tags (list) --

        Any tags assigned to the resource.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

      • VpcPeeringConnectionId (string) --

        The ID of the VPC peering connection.

create_vpn_connection(**kwargs)

Creates a VPN connection between an existing virtual private gateway and a VPN customer gateway. The only supported connection type is ipsec.1 .

The response includes information that you need to give to your network administrator to configure your customer gateway.

Warning

We strongly recommend that you use HTTPS when calling this operation because the response contains sensitive cryptographic information for configuring your customer gateway.

If you decide to shut down your VPN connection for any reason and later create a new VPN connection, you must reconfigure your customer gateway with the new information returned from this call.

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn't return an error.

For more information about VPN connections, see Adding a Hardware Virtual Private Gateway to Your VPC in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_vpn_connection(
    CustomerGatewayId='string',
    Type='string',
    VpnGatewayId='string',
    DryRun=True|False,
    Options={
        'StaticRoutesOnly': True|False
    }
)
Parameters
  • CustomerGatewayId (string) --

    [REQUIRED]

    The ID of the customer gateway.

  • Type (string) --

    [REQUIRED]

    The type of VPN connection (ipsec.1 ).

  • VpnGatewayId (string) --

    [REQUIRED]

    The ID of the virtual private gateway.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Options (dict) --

    Indicates whether the VPN connection requires static routes. If you are creating a VPN connection for a device that does not support BGP, you must specify true .

    Default: false

    • StaticRoutesOnly (boolean) --

      Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.

Return type

dict

Returns

Response Syntax

{
    'VpnConnection': {
        'CustomerGatewayConfiguration': 'string',
        'CustomerGatewayId': 'string',
        'State': 'pending'|'available'|'deleting'|'deleted',
        'Type': 'ipsec.1',
        'VpnConnectionId': 'string',
        'VpnGatewayId': 'string',
        'Options': {
            'StaticRoutesOnly': True|False
        },
        'Routes': [
            {
                'DestinationCidrBlock': 'string',
                'Source': 'Static',
                'State': 'pending'|'available'|'deleting'|'deleted'
            },
        ],
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'VgwTelemetry': [
            {
                'AcceptedRouteCount': 123,
                'LastStatusChange': datetime(2015, 1, 1),
                'OutsideIpAddress': 'string',
                'Status': 'UP'|'DOWN',
                'StatusMessage': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateVpnConnection.

    • VpnConnection (dict) --

      Information about the VPN connection.

      • CustomerGatewayConfiguration (string) --

        The configuration information for the VPN connection's customer gateway (in the native XML format). This element is always present in the CreateVpnConnection response; however, it's present in the DescribeVpnConnections response only if the VPN connection is in the pending or available state.

      • CustomerGatewayId (string) --

        The ID of the customer gateway at your end of the VPN connection.

      • State (string) --

        The current state of the VPN connection.

      • Type (string) --

        The type of VPN connection.

      • VpnConnectionId (string) --

        The ID of the VPN connection.

      • VpnGatewayId (string) --

        The ID of the virtual private gateway at the AWS side of the VPN connection.

      • Options (dict) --

        The VPN connection options.

        • StaticRoutesOnly (boolean) --

          Indicates whether the VPN connection uses static routes only. Static routes must be used for devices that don't support BGP.

      • Routes (list) --

        The static routes associated with the VPN connection.

        • (dict) --

          Describes a static route for a VPN connection.

          • DestinationCidrBlock (string) --

            The CIDR block associated with the local subnet of the customer data center.

          • Source (string) --

            Indicates how the routes were provided.

          • State (string) --

            The current state of the static route.

      • Tags (list) --

        Any tags assigned to the VPN connection.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

      • VgwTelemetry (list) --

        Information about the VPN tunnel.

        • (dict) --

          Describes telemetry for a VPN tunnel.

          • AcceptedRouteCount (integer) --

            The number of accepted routes.

          • LastStatusChange (datetime) --

            The date and time of the last change in status.

          • OutsideIpAddress (string) --

            The Internet-routable IP address of the virtual private gateway's outside interface.

          • Status (string) --

            The status of the VPN tunnel.

          • StatusMessage (string) --

            If an error occurs, a description of the error.

create_vpn_connection_route(**kwargs)

Creates a static route associated with a VPN connection between an existing virtual private gateway and a VPN customer gateway. The static route allows traffic to be routed from the virtual private gateway to the VPN customer gateway.

For more information about VPN connections, see Adding a Hardware Virtual Private Gateway to Your VPC in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_vpn_connection_route(
    DestinationCidrBlock='string',
    VpnConnectionId='string'
)
Parameters
  • DestinationCidrBlock (string) --

    [REQUIRED]

    The CIDR block associated with the local subnet of the customer network.

  • VpnConnectionId (string) --

    [REQUIRED]

    The ID of the VPN connection.

Returns

None

create_vpn_gateway(**kwargs)

Creates a virtual private gateway. A virtual private gateway is the endpoint on the VPC side of your VPN connection. You can create a virtual private gateway before creating the VPC itself.

For more information about virtual private gateways, see Adding a Hardware Virtual Private Gateway to Your VPC in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.create_vpn_gateway(
    AvailabilityZone='string',
    Type='ipsec.1',
    DryRun=True|False
)
Parameters
  • AvailabilityZone (string) -- The Availability Zone for the virtual private gateway.
  • Type (string) --

    [REQUIRED]

    The type of VPN connection this virtual private gateway supports.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'VpnGateway': {
        'AvailabilityZone': 'string',
        'State': 'pending'|'available'|'deleting'|'deleted',
        'Type': 'ipsec.1',
        'VpcAttachments': [
            {
                'State': 'attaching'|'attached'|'detaching'|'detached',
                'VpcId': 'string'
            },
        ],
        'VpnGatewayId': 'string',
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateVpnGateway.

    • VpnGateway (dict) --

      Information about the virtual private gateway.

      • AvailabilityZone (string) --

        The Availability Zone where the virtual private gateway was created, if applicable. This field may be empty or not returned.

      • State (string) --

        The current state of the virtual private gateway.

      • Type (string) --

        The type of VPN connection the virtual private gateway supports.

      • VpcAttachments (list) --

        Any VPCs attached to the virtual private gateway.

        • (dict) --

          Describes an attachment between a virtual private gateway and a VPC.

          • State (string) --

            The current state of the attachment.

          • VpcId (string) --

            The ID of the VPC.

      • VpnGatewayId (string) --

        The ID of the virtual private gateway.

      • Tags (list) --

        Any tags assigned to the virtual private gateway.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

delete_customer_gateway(**kwargs)

Deletes the specified customer gateway. You must delete the VPN connection before you can delete the customer gateway.

See also: AWS API Documentation

Request Syntax

response = client.delete_customer_gateway(
    CustomerGatewayId='string',
    DryRun=True|False
)
Parameters
  • CustomerGatewayId (string) --

    [REQUIRED]

    The ID of the customer gateway.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

Examples

This example deletes the specified customer gateway.

response = client.delete_customer_gateway(
    CustomerGatewayId='cgw-0e11f167',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_dhcp_options(**kwargs)

Deletes the specified set of DHCP options. You must disassociate the set of DHCP options before you can delete it. You can disassociate the set of DHCP options by associating either a new set of options or the default set of options with the VPC.

See also: AWS API Documentation

Request Syntax

response = client.delete_dhcp_options(
    DhcpOptionsId='string',
    DryRun=True|False
)
Parameters
  • DhcpOptionsId (string) --

    [REQUIRED]

    The ID of the DHCP options set.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

Examples

This example deletes the specified DHCP options set.

response = client.delete_dhcp_options(
    DhcpOptionsId='dopt-d9070ebb',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_egress_only_internet_gateway(**kwargs)

Deletes an egress-only Internet gateway.

See also: AWS API Documentation

Request Syntax

response = client.delete_egress_only_internet_gateway(
    DryRun=True|False,
    EgressOnlyInternetGatewayId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • EgressOnlyInternetGatewayId (string) --

    [REQUIRED]

    The ID of the egress-only Internet gateway.

Return type

dict

Returns

Response Syntax

{
    'ReturnCode': True|False
}

Response Structure

  • (dict) --

    • ReturnCode (boolean) --

      Returns true if the request succeeds; otherwise, it returns an error.

delete_flow_logs(**kwargs)

Deletes one or more flow logs.

See also: AWS API Documentation

Request Syntax

response = client.delete_flow_logs(
    FlowLogIds=[
        'string',
    ]
)
Parameters
FlowLogIds (list) --

[REQUIRED]

One or more flow log IDs.

  • (string) --
Return type
dict
Returns
Response Syntax
{
    'Unsuccessful': [
        {
            'Error': {
                'Code': 'string',
                'Message': 'string'
            },
            'ResourceId': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DeleteFlowLogs.

    • Unsuccessful (list) --

      Information about the flow logs that could not be deleted successfully.

      • (dict) --

        Information about items that were not successfully processed in a batch call.

        • Error (dict) --

          Information about the error.

          • Code (string) --

            The error code.

          • Message (string) --

            The error message accompanying the error code.

        • ResourceId (string) --

          The ID of the resource.

delete_fpga_image(**kwargs)

Deletes the specified Amazon FPGA Image (AFI).

See also: AWS API Documentation

Request Syntax

response = client.delete_fpga_image(
    DryRun=True|False,
    FpgaImageId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • FpgaImageId (string) --

    [REQUIRED]

    The ID of the AFI.

Return type

dict

Returns

Response Syntax

{
    'Return': True|False
}

Response Structure

  • (dict) --

    • Return (boolean) --

      Is true if the request succeeds, and an error otherwise.

delete_internet_gateway(**kwargs)

Deletes the specified Internet gateway. You must detach the Internet gateway from the VPC before you can delete it.

See also: AWS API Documentation

Request Syntax

response = client.delete_internet_gateway(
    DryRun=True|False,
    InternetGatewayId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • InternetGatewayId (string) --

    [REQUIRED]

    The ID of the Internet gateway.

Returns

None

Examples

This example deletes the specified Internet gateway.

response = client.delete_internet_gateway(
    InternetGatewayId='igw-c0a643a9',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_key_pair(**kwargs)

Deletes the specified key pair, by removing the public key from Amazon EC2.

See also: AWS API Documentation

Request Syntax

response = client.delete_key_pair(
    KeyName='string',
    DryRun=True|False
)
Parameters
  • KeyName (string) --

    [REQUIRED]

    The name of the key pair.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

Examples

This example deletes the specified key pair.

response = client.delete_key_pair(
    KeyName='my-key-pair',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_nat_gateway(**kwargs)

Deletes the specified NAT gateway. Deleting a NAT gateway disassociates its Elastic IP address, but does not release the address from your account. Deleting a NAT gateway does not delete any NAT gateway routes in your route tables.

See also: AWS API Documentation

Request Syntax

response = client.delete_nat_gateway(
    NatGatewayId='string'
)
Parameters
NatGatewayId (string) --

[REQUIRED]

The ID of the NAT gateway.

Return type
dict
Returns
Response Syntax
{
    'NatGatewayId': 'string'
}

Response Structure

  • (dict) --

    Contains the output of DeleteNatGateway.

    • NatGatewayId (string) --

      The ID of the NAT gateway.

Examples

This example deletes the specified NAT gateway.

response = client.delete_nat_gateway(
    NatGatewayId='nat-04ae55e711cec5680',
)

print(response)

Expected Output:

{
    'NatGatewayId': 'nat-04ae55e711cec5680',
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_network_acl(**kwargs)

Deletes the specified network ACL. You can't delete the ACL if it's associated with any subnets. You can't delete the default network ACL.

See also: AWS API Documentation

Request Syntax

response = client.delete_network_acl(
    DryRun=True|False,
    NetworkAclId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • NetworkAclId (string) --

    [REQUIRED]

    The ID of the network ACL.

Returns

None

Examples

This example deletes the specified network ACL.

response = client.delete_network_acl(
    NetworkAclId='acl-5fb85d36',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_network_acl_entry(**kwargs)

Deletes the specified ingress or egress entry (rule) from the specified network ACL.

See also: AWS API Documentation

Request Syntax

response = client.delete_network_acl_entry(
    DryRun=True|False,
    Egress=True|False,
    NetworkAclId='string',
    RuleNumber=123
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Egress (boolean) --

    [REQUIRED]

    Indicates whether the rule is an egress rule.

  • NetworkAclId (string) --

    [REQUIRED]

    The ID of the network ACL.

  • RuleNumber (integer) --

    [REQUIRED]

    The rule number of the entry to delete.

Returns

None

Examples

This example deletes ingress rule number 100 from the specified network ACL.

response = client.delete_network_acl_entry(
    Egress=True,
    NetworkAclId='acl-5fb85d36',
    RuleNumber=100,
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_network_interface(**kwargs)

Deletes the specified network interface. You must detach the network interface before you can delete it.

See also: AWS API Documentation

Request Syntax

response = client.delete_network_interface(
    DryRun=True|False,
    NetworkInterfaceId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • NetworkInterfaceId (string) --

    [REQUIRED]

    The ID of the network interface.

Returns

None

Examples

This example deletes the specified network interface.

response = client.delete_network_interface(
    NetworkInterfaceId='eni-e5aa89a3',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_network_interface_permission(**kwargs)

Deletes a permission for a network interface. By default, you cannot delete the permission if the account for which you're removing the permission has attached the network interface to an instance. However, you can force delete the permission, regardless of any attachment.

See also: AWS API Documentation

Request Syntax

response = client.delete_network_interface_permission(
    NetworkInterfacePermissionId='string',
    Force=True|False,
    DryRun=True|False
)
Parameters
  • NetworkInterfacePermissionId (string) --

    [REQUIRED]

    The ID of the network interface permission.

  • Force (boolean) -- Specify true to remove the permission even if the network interface is attached to an instance.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'Return': True|False
}

Response Structure

  • (dict) --

    Contains the output for DeleteNetworkInterfacePermission.

    • Return (boolean) --

      Returns true if the request succeeds, otherwise returns an error.

delete_placement_group(**kwargs)

Deletes the specified placement group. You must terminate all instances in the placement group before you can delete the placement group. For more information about placement groups and cluster instances, see Cluster Instances in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.delete_placement_group(
    DryRun=True|False,
    GroupName='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • GroupName (string) --

    [REQUIRED]

    The name of the placement group.

Returns

None

Examples

This example deletes the specified placement group.

response = client.delete_placement_group(
    GroupName='my-cluster',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_route(**kwargs)

Deletes the specified route from the specified route table.

See also: AWS API Documentation

Request Syntax

response = client.delete_route(
    DestinationCidrBlock='string',
    DestinationIpv6CidrBlock='string',
    DryRun=True|False,
    RouteTableId='string'
)
Parameters
  • DestinationCidrBlock (string) -- The IPv4 CIDR range for the route. The value you specify must match the CIDR for the route exactly.
  • DestinationIpv6CidrBlock (string) -- The IPv6 CIDR range for the route. The value you specify must match the CIDR for the route exactly.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • RouteTableId (string) --

    [REQUIRED]

    The ID of the route table.

Returns

None

Examples

This example deletes the specified route from the specified route table.

response = client.delete_route(
    DestinationCidrBlock='0.0.0.0/0',
    RouteTableId='rtb-22574640',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_route_table(**kwargs)

Deletes the specified route table. You must disassociate the route table from any subnets before you can delete it. You can't delete the main route table.

See also: AWS API Documentation

Request Syntax

response = client.delete_route_table(
    DryRun=True|False,
    RouteTableId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • RouteTableId (string) --

    [REQUIRED]

    The ID of the route table.

Returns

None

Examples

This example deletes the specified route table.

response = client.delete_route_table(
    RouteTableId='rtb-22574640',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_security_group(**kwargs)

Deletes a security group.

If you attempt to delete a security group that is associated with an instance, or is referenced by another security group, the operation fails with InvalidGroup.InUse in EC2-Classic or DependencyViolation in EC2-VPC.

See also: AWS API Documentation

Request Syntax

response = client.delete_security_group(
    GroupId='string',
    GroupName='string',
    DryRun=True|False
)
Parameters
  • GroupId (string) -- The ID of the security group. Required for a nondefault VPC.
  • GroupName (string) -- [EC2-Classic, default VPC] The name of the security group. You can specify either the security group name or the security group ID.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

delete_snapshot(**kwargs)

Deletes the specified snapshot.

When you make periodic snapshots of a volume, the snapshots are incremental, and only the blocks on the device that have changed since your last snapshot are saved in the new snapshot. When you delete a snapshot, only the data not needed for any other snapshot is removed. So regardless of which prior snapshots have been deleted, all active snapshots will have access to all the information needed to restore the volume.

You cannot delete a snapshot of the root device of an EBS volume used by a registered AMI. You must first de-register the AMI before you can delete the snapshot.

For more information, see Deleting an Amazon EBS Snapshot in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.delete_snapshot(
    SnapshotId='string',
    DryRun=True|False
)
Parameters
  • SnapshotId (string) --

    [REQUIRED]

    The ID of the EBS snapshot.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

Examples

This example deletes a snapshot with the snapshot ID of snap-1234567890abcdef0. If the command succeeds, no output is returned.

response = client.delete_snapshot(
    SnapshotId='snap-1234567890abcdef0',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_spot_datafeed_subscription(**kwargs)

Deletes the data feed for Spot instances.

See also: AWS API Documentation

Request Syntax

response = client.delete_spot_datafeed_subscription(
    DryRun=True|False
)
Parameters
DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns
None

Examples

This example deletes a Spot data feed subscription for the account.

response = client.delete_spot_datafeed_subscription(
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_subnet(**kwargs)

Deletes the specified subnet. You must terminate all running instances in the subnet before you can delete the subnet.

See also: AWS API Documentation

Request Syntax

response = client.delete_subnet(
    SubnetId='string',
    DryRun=True|False
)
Parameters
  • SubnetId (string) --

    [REQUIRED]

    The ID of the subnet.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

Examples

This example deletes the specified subnet.

response = client.delete_subnet(
    SubnetId='subnet-9d4a7b6c',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_tags(**kwargs)

Deletes the specified set of tags from the specified set of resources.

To list the current tags, use DescribeTags . For more information about tags, see Tagging Your Resources in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.delete_tags(
    DryRun=True|False,
    Resources=[
        'string',
    ],
    Tags=[
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Resources (list) --

    [REQUIRED]

    The IDs of one or more resources.

    • (string) --
  • Tags (list) --

    One or more tags to delete. If you omit this parameter, we delete all tags for the specified resources. Specify a tag key and an optional tag value to delete specific tags. If you specify a tag key without a tag value, we delete any tag with this key regardless of its value. If you specify a tag key with an empty string as the tag value, we delete the tag only if its value is an empty string.

    • (dict) --

      Describes a tag.

      • Key (string) --

        The key of the tag.

        Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

      • Value (string) --

        The value of the tag.

        Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Returns

None

Examples

This example deletes the tag Stack=test from the specified image.

response = client.delete_tags(
    Resources=[
        'ami-78a54011',
    ],
    Tags=[
        {
            'Key': 'Stack',
            'Value': 'test',
        },
    ],
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_volume(**kwargs)

Deletes the specified EBS volume. The volume must be in the available state (not attached to an instance).

Note

The volume may remain in the deleting state for several minutes.

For more information, see Deleting an Amazon EBS Volume in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.delete_volume(
    VolumeId='string',
    DryRun=True|False
)
Parameters
  • VolumeId (string) --

    [REQUIRED]

    The ID of the volume.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

Examples

This example deletes an available volume with the volume ID of vol-049df61146c4d7901. If the command succeeds, no output is returned.

response = client.delete_volume(
    VolumeId='vol-049df61146c4d7901',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_vpc(**kwargs)

Deletes the specified VPC. You must detach or delete all gateways and resources that are associated with the VPC before you can delete it. For example, you must terminate all instances running in the VPC, delete all security groups associated with the VPC (except the default one), delete all route tables associated with the VPC (except the default one), and so on.

See also: AWS API Documentation

Request Syntax

response = client.delete_vpc(
    VpcId='string',
    DryRun=True|False
)
Parameters
  • VpcId (string) --

    [REQUIRED]

    The ID of the VPC.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

Examples

This example deletes the specified VPC.

response = client.delete_vpc(
    VpcId='vpc-a01106c2',
)

print(response)

Expected Output:

{
    'ResponseMetadata': {
        '...': '...',
    },
}
delete_vpc_endpoints(**kwargs)

Deletes one or more specified VPC endpoints. Deleting the endpoint also deletes the endpoint routes in the route tables that were associated with the endpoint.

See also: AWS API Documentation

Request Syntax

response = client.delete_vpc_endpoints(
    DryRun=True|False,
    VpcEndpointIds=[
        'string',
    ]
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • VpcEndpointIds (list) --

    [REQUIRED]

    One or more endpoint IDs.

    • (string) --
Return type

dict

Returns

Response Syntax

{
    'Unsuccessful': [
        {
            'Error': {
                'Code': 'string',
                'Message': 'string'
            },
            'ResourceId': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DeleteVpcEndpoints.

    • Unsuccessful (list) --

      Information about the endpoints that were not successfully deleted.

      • (dict) --

        Information about items that were not successfully processed in a batch call.

        • Error (dict) --

          Information about the error.

          • Code (string) --

            The error code.

          • Message (string) --

            The error message accompanying the error code.

        • ResourceId (string) --

          The ID of the resource.

delete_vpc_peering_connection(**kwargs)

Deletes a VPC peering connection. Either the owner of the requester VPC or the owner of the peer VPC can delete the VPC peering connection if it's in the active state. The owner of the requester VPC can delete a VPC peering connection in the pending-acceptance state.

See also: AWS API Documentation

Request Syntax

response = client.delete_vpc_peering_connection(
    DryRun=True|False,
    VpcPeeringConnectionId='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • VpcPeeringConnectionId (string) --

    [REQUIRED]

    The ID of the VPC peering connection.

Return type

dict

Returns

Response Syntax

{
    'Return': True|False
}

Response Structure

  • (dict) --

    Contains the output of DeleteVpcPeeringConnection.

    • Return (boolean) --

      Returns true if the request succeeds; otherwise, it returns an error.

delete_vpn_connection(**kwargs)

Deletes the specified VPN connection.

If you're deleting the VPC and its associated components, we recommend that you detach the virtual private gateway from the VPC and delete the VPC before deleting the VPN connection. If you believe that the tunnel credentials for your VPN connection have been compromised, you can delete the VPN connection and create a new one that has new keys, without needing to delete the VPC or virtual private gateway. If you create a new VPN connection, you must reconfigure the customer gateway using the new configuration information returned with the new VPN connection ID.

See also: AWS API Documentation

Request Syntax

response = client.delete_vpn_connection(
    VpnConnectionId='string',
    DryRun=True|False
)
Parameters
  • VpnConnectionId (string) --

    [REQUIRED]

    The ID of the VPN connection.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

delete_vpn_connection_route(**kwargs)

Deletes the specified static route associated with a VPN connection between an existing virtual private gateway and a VPN customer gateway. The static route allows traffic to be routed from the virtual private gateway to the VPN customer gateway.

See also: AWS API Documentation

Request Syntax

response = client.delete_vpn_connection_route(
    DestinationCidrBlock='string',
    VpnConnectionId='string'
)
Parameters
  • DestinationCidrBlock (string) --

    [REQUIRED]

    The CIDR block associated with the local subnet of the customer network.

  • VpnConnectionId (string) --

    [REQUIRED]

    The ID of the VPN connection.

Returns

None

delete_vpn_gateway(**kwargs)

Deletes the specified virtual private gateway. We recommend that before you delete a virtual private gateway, you detach it from the VPC and delete the VPN connection. Note that you don't need to delete the virtual private gateway if you plan to delete and recreate the VPN connection between your VPC and your network.

See also: AWS API Documentation

Request Syntax

response = client.delete_vpn_gateway(
    VpnGatewayId='string',
    DryRun=True|False
)
Parameters
  • VpnGatewayId (string) --

    [REQUIRED]

    The ID of the virtual private gateway.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

deregister_image(**kwargs)

Deregisters the specified AMI. After you deregister an AMI, it can't be used to launch new instances; however, it doesn't affect any instances that you've already launched from the AMI. You'll continue to incur usage costs for those instances until you terminate them.

When you deregister an Amazon EBS-backed AMI, it doesn't affect the snapshot that was created for the root volume of the instance during the AMI creation process. When you deregister an instance store-backed AMI, it doesn't affect the files that you uploaded to Amazon S3 when you created the AMI.

See also: AWS API Documentation

Request Syntax

response = client.deregister_image(
    ImageId='string',
    DryRun=True|False
)
Parameters
  • ImageId (string) --

    [REQUIRED]

    The ID of the AMI.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Returns

None

describe_account_attributes(**kwargs)

Describes attributes of your AWS account. The following are the supported account attributes:

  • supported-platforms : Indicates whether your account can launch instances into EC2-Classic and EC2-VPC, or only into EC2-VPC.
  • default-vpc : The ID of the default VPC for your account, or none .
  • max-instances : The maximum number of On-Demand instances that you can run.
  • vpc-max-security-groups-per-interface : The maximum number of security groups that you can assign to a network interface.
  • max-elastic-ips : The maximum number of Elastic IP addresses that you can allocate for use with EC2-Classic.
  • vpc-max-elastic-ips : The maximum number of Elastic IP addresses that you can allocate for use with EC2-VPC.

See also: AWS API Documentation

Request Syntax

response = client.describe_account_attributes(
    AttributeNames=[
        'supported-platforms'|'default-vpc',
    ],
    DryRun=True|False
)
Parameters
  • AttributeNames (list) --

    One or more account attribute names.

    • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'AccountAttributes': [
        {
            'AttributeName': 'string',
            'AttributeValues': [
                {
                    'AttributeValue': 'string'
                },
            ]
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeAccountAttributes.

    • AccountAttributes (list) --

      Information about one or more account attributes.

      • (dict) --

        Describes an account attribute.

        • AttributeName (string) --

          The name of the account attribute.

        • AttributeValues (list) --

          One or more values for the account attribute.

          • (dict) --

            Describes a value of an account attribute.

            • AttributeValue (string) --

              The value of the attribute.

Examples

This example describes the supported-platforms attribute for your AWS account.

response = client.describe_account_attributes(
    AttributeNames=[
        'supported-platforms',
    ],
)

print(response)

Expected Output:

{
    'AccountAttributes': [
        {
            'AttributeName': 'supported-platforms',
            'AttributeValues': [
                {
                    'AttributeValue': 'EC2',
                },
                {
                    'AttributeValue': 'VPC',
                },
            ],
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}

This example describes the attributes for your AWS account.

response = client.describe_account_attributes(
)

print(response)

Expected Output:

{
    'AccountAttributes': [
        {
            'AttributeName': 'supported-platforms',
            'AttributeValues': [
                {
                    'AttributeValue': 'EC2',
                },
                {
                    'AttributeValue': 'VPC',
                },
            ],
        },
        {
            'AttributeName': 'vpc-max-security-groups-per-interface',
            'AttributeValues': [
                {
                    'AttributeValue': '5',
                },
            ],
        },
        {
            'AttributeName': 'max-elastic-ips',
            'AttributeValues': [
                {
                    'AttributeValue': '5',
                },
            ],
        },
        {
            'AttributeName': 'max-instances',
            'AttributeValues': [
                {
                    'AttributeValue': '20',
                },
            ],
        },
        {
            'AttributeName': 'vpc-max-elastic-ips',
            'AttributeValues': [
                {
                    'AttributeValue': '5',
                },
            ],
        },
        {
            'AttributeName': 'default-vpc',
            'AttributeValues': [
                {
                    'AttributeValue': 'none',
                },
            ],
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}
describe_addresses(**kwargs)

Describes one or more of your Elastic IP addresses.

An Elastic IP address is for use in either the EC2-Classic platform or in a VPC. For more information, see Elastic IP Addresses in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.describe_addresses(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    PublicIps=[
        'string',
    ],
    AllocationIds=[
        'string',
    ],
    DryRun=True|False
)
Parameters
  • Filters (list) --

    One or more filters. Filter names and values are case-sensitive.

    • allocation-id - [EC2-VPC] The allocation ID for the address.
    • association-id - [EC2-VPC] The association ID for the address.
    • domain - Indicates whether the address is for use in EC2-Classic (standard ) or in a VPC (vpc ).
    • instance-id - The ID of the instance the address is associated with, if any.
    • network-interface-id - [EC2-VPC] The ID of the network interface that the address is associated with, if any.
    • network-interface-owner-id - The AWS account ID of the owner.
    • private-ip-address - [EC2-VPC] The private IP address associated with the Elastic IP address.
    • public-ip - The Elastic IP address.
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • PublicIps (list) --

    [EC2-Classic] One or more Elastic IP addresses.

    Default: Describes all your Elastic IP addresses.

    • (string) --
  • AllocationIds (list) --

    [EC2-VPC] One or more allocation IDs.

    Default: Describes all your Elastic IP addresses.

    • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'Addresses': [
        {
            'InstanceId': 'string',
            'PublicIp': 'string',
            'AllocationId': 'string',
            'AssociationId': 'string',
            'Domain': 'vpc'|'standard',
            'NetworkInterfaceId': 'string',
            'NetworkInterfaceOwnerId': 'string',
            'PrivateIpAddress': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeAddresses.

    • Addresses (list) --

      Information about one or more Elastic IP addresses.

      • (dict) --

        Describes an Elastic IP address.

        • InstanceId (string) --

          The ID of the instance that the address is associated with (if any).

        • PublicIp (string) --

          The Elastic IP address.

        • AllocationId (string) --

          The ID representing the allocation of the address for use with EC2-VPC.

        • AssociationId (string) --

          The ID representing the association of the address with an instance in a VPC.

        • Domain (string) --

          Indicates whether this Elastic IP address is for use with instances in EC2-Classic (standard ) or instances in a VPC (vpc ).

        • NetworkInterfaceId (string) --

          The ID of the network interface.

        • NetworkInterfaceOwnerId (string) --

          The ID of the AWS account that owns the network interface.

        • PrivateIpAddress (string) --

          The private IP address associated with the Elastic IP address.

Examples

This example describes your Elastic IP addresses.

response = client.describe_addresses(
)

print(response)

Expected Output:

{
    'Addresses': [
        {
            'Domain': 'standard',
            'InstanceId': 'i-1234567890abcdef0',
            'PublicIp': '198.51.100.0',
        },
        {
            'AllocationId': 'eipalloc-12345678',
            'AssociationId': 'eipassoc-12345678',
            'Domain': 'vpc',
            'InstanceId': 'i-1234567890abcdef0',
            'NetworkInterfaceId': 'eni-12345678',
            'NetworkInterfaceOwnerId': '123456789012',
            'PrivateIpAddress': '10.0.1.241',
            'PublicIp': '203.0.113.0',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}

This example describes your Elastic IP addresses for use with instances in a VPC.

response = client.describe_addresses(
    Filters=[
        {
            'Name': 'domain',
            'Values': [
                'vpc',
            ],
        },
    ],
)

print(response)

Expected Output:

{
    'Addresses': [
        {
            'AllocationId': 'eipalloc-12345678',
            'AssociationId': 'eipassoc-12345678',
            'Domain': 'vpc',
            'InstanceId': 'i-1234567890abcdef0',
            'NetworkInterfaceId': 'eni-12345678',
            'NetworkInterfaceOwnerId': '123456789012',
            'PrivateIpAddress': '10.0.1.241',
            'PublicIp': '203.0.113.0',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}

This example describes your Elastic IP addresses for use with instances in EC2-Classic.

response = client.describe_addresses(
    Filters=[
        {
            'Name': 'domain',
            'Values': [
                'standard',
            ],
        },
    ],
)

print(response)

Expected Output:

{
    'Addresses': [
        {
            'Domain': 'standard',
            'InstanceId': 'i-1234567890abcdef0',
            'PublicIp': '198.51.100.0',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}
describe_availability_zones(**kwargs)

Describes one or more of the Availability Zones that are available to you. The results include zones only for the region you're currently using. If there is an event impacting an Availability Zone, you can use this request to view the state and any provided message for that Availability Zone.

For more information, see Regions and Availability Zones in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.describe_availability_zones(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    ZoneNames=[
        'string',
    ],
    DryRun=True|False
)
Parameters
  • Filters (list) --

    One or more filters.

    • message - Information about the Availability Zone.
    • region-name - The name of the region for the Availability Zone (for example, us-east-1 ).
    • state - The state of the Availability Zone (available | information | impaired | unavailable ).
    • zone-name - The name of the Availability Zone (for example, us-east-1a ).
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • ZoneNames (list) --

    The names of one or more Availability Zones.

    • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'AvailabilityZones': [
        {
            'State': 'available'|'information'|'impaired'|'unavailable',
            'Messages': [
                {
                    'Message': 'string'
                },
            ],
            'RegionName': 'string',
            'ZoneName': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeAvailabiltyZones.

    • AvailabilityZones (list) --

      Information about one or more Availability Zones.

      • (dict) --

        Describes an Availability Zone.

        • State (string) --

          The state of the Availability Zone.

        • Messages (list) --

          Any messages about the Availability Zone.

          • (dict) --

            Describes a message about an Availability Zone.

            • Message (string) --

              The message about the Availability Zone.

        • RegionName (string) --

          The name of the region.

        • ZoneName (string) --

          The name of the Availability Zone.

Examples

This example describes the Availability Zones that are available to you. The response includes Availability Zones only for the current region.

response = client.describe_availability_zones(
)

print(response)

Expected Output:

{
    'AvailabilityZones': [
        {
            'Messages': [
            ],
            'RegionName': 'us-east-1',
            'State': 'available',
            'ZoneName': 'us-east-1b',
        },
        {
            'Messages': [
            ],
            'RegionName': 'us-east-1',
            'State': 'available',
            'ZoneName': 'us-east-1c',
        },
        {
            'Messages': [
            ],
            'RegionName': 'us-east-1',
            'State': 'available',
            'ZoneName': 'us-east-1d',
        },
        {
            'Messages': [
            ],
            'RegionName': 'us-east-1',
            'State': 'available',
            'ZoneName': 'us-east-1e',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}
describe_bundle_tasks(**kwargs)

Describes one or more of your bundling tasks.

Note

Completed bundle tasks are listed for only a limited time. If your bundle task is no longer in the list, you can still register an AMI from it. Just use RegisterImage with the Amazon S3 bucket name and image manifest name you provided to the bundle task.

See also: AWS API Documentation

Request Syntax

response = client.describe_bundle_tasks(
    BundleIds=[
        'string',
    ],
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    DryRun=True|False
)
Parameters
  • BundleIds (list) --

    One or more bundle task IDs.

    Default: Describes all your bundle tasks.

    • (string) --
  • Filters (list) --

    One or more filters.

    • bundle-id - The ID of the bundle task.
    • error-code - If the task failed, the error code returned.
    • error-message - If the task failed, the error message returned.
    • instance-id - The ID of the instance.
    • progress - The level of task completion, as a percentage (for example, 20%).
    • s3-bucket - The Amazon S3 bucket to store the AMI.
    • s3-prefix - The beginning of the AMI name.
    • start-time - The time the task started (for example, 2013-09-15T17:15:20.000Z).
    • state - The state of the task (pending | waiting-for-shutdown | bundling | storing | cancelling | complete | failed ).
    • update-time - The time of the most recent update for the task.
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'BundleTasks': [
        {
            'BundleId': 'string',
            'BundleTaskError': {
                'Code': 'string',
                'Message': 'string'
            },
            'InstanceId': 'string',
            'Progress': 'string',
            'StartTime': datetime(2015, 1, 1),
            'State': 'pending'|'waiting-for-shutdown'|'bundling'|'storing'|'cancelling'|'complete'|'failed',
            'Storage': {
                'S3': {
                    'AWSAccessKeyId': 'string',
                    'Bucket': 'string',
                    'Prefix': 'string',
                    'UploadPolicy': b'bytes',
                    'UploadPolicySignature': 'string'
                }
            },
            'UpdateTime': datetime(2015, 1, 1)
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeBundleTasks.

    • BundleTasks (list) --

      Information about one or more bundle tasks.

      • (dict) --

        Describes a bundle task.

        • BundleId (string) --

          The ID of the bundle task.

        • BundleTaskError (dict) --

          If the task fails, a description of the error.

          • Code (string) --

            The error code.

          • Message (string) --

            The error message.

        • InstanceId (string) --

          The ID of the instance associated with this bundle task.

        • Progress (string) --

          The level of task completion, as a percent (for example, 20%).

        • StartTime (datetime) --

          The time this task started.

        • State (string) --

          The state of the task.

        • Storage (dict) --

          The Amazon S3 storage locations.

          • S3 (dict) --

            An Amazon S3 storage location.

            • AWSAccessKeyId (string) --

              The access key ID of the owner of the bucket. Before you specify a value for your access key ID, review and follow the guidance in Best Practices for Managing AWS Access Keys .

            • Bucket (string) --

              The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.

            • Prefix (string) --

              The beginning of the file name of the AMI.

            • UploadPolicy (bytes) --

              An Amazon S3 upload policy that gives Amazon EC2 permission to upload items into Amazon S3 on your behalf.

            • UploadPolicySignature (string) --

              The signature of the JSON document.

        • UpdateTime (datetime) --

          The time of the most recent update for the task.

Describes one or more of your linked EC2-Classic instances. This request only returns information about EC2-Classic instances linked to a VPC through ClassicLink; you cannot use this request to return information about other instances.

See also: AWS API Documentation

Request Syntax

response = client.describe_classic_link_instances(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    DryRun=True|False,
    InstanceIds=[
        'string',
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • Filters (list) --

    One or more filters.

    • group-id - The ID of a VPC security group that's associated with the instance.
    • instance-id - The ID of the instance.
    • tag :key =*value* - The key/value combination of a tag assigned to the resource.
    • tag-key - The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag :key =*value* filter.
    • tag-value - The value of a tag assigned to the resource. This filter is independent of the tag-key filter.
    • vpc-id - The ID of the VPC that the instance is linked to.
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • InstanceIds (list) --

    One or more instance IDs. Must be instances linked to a VPC through ClassicLink.

    • (string) --
  • MaxResults (integer) --

    The maximum number of results to return for the request in a single page. The remaining results of the initial request can be seen by sending another request with the returned NextToken value. This value can be between 5 and 1000; if MaxResults is given a value larger than 1000, only 1000 results are returned. You cannot specify this parameter and the instance IDs parameter in the same request.

    Constraint: If the value is greater than 1000, we return only 1000 items.

  • NextToken (string) -- The token to retrieve the next page of results.
Return type

dict

Returns

Response Syntax

{
    'Instances': [
        {
            'Groups': [
                {
                    'GroupName': 'string',
                    'GroupId': 'string'
                },
            ],
            'InstanceId': 'string',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'VpcId': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    Contains the output of DescribeClassicLinkInstances.

    • Instances (list) --

      Information about one or more linked EC2-Classic instances.

      • (dict) --

        Describes a linked EC2-Classic instance.

        • Groups (list) --

          A list of security groups.

          • (dict) --

            Describes a security group.

            • GroupName (string) --

              The name of the security group.

            • GroupId (string) --

              The ID of the security group.

        • InstanceId (string) --

          The ID of the instance.

        • Tags (list) --

          Any tags assigned to the instance.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

        • VpcId (string) --

          The ID of the VPC.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

describe_conversion_tasks(**kwargs)

Describes one or more of your conversion tasks. For more information, see the VM Import/Export User Guide .

For information about the import manifest referenced by this API action, see VM Import Manifest .

See also: AWS API Documentation

Request Syntax

response = client.describe_conversion_tasks(
    ConversionTaskIds=[
        'string',
    ],
    DryRun=True|False
)
Parameters
  • ConversionTaskIds (list) --

    One or more conversion task IDs.

    • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'ConversionTasks': [
        {
            'ConversionTaskId': 'string',
            'ExpirationTime': 'string',
            'ImportInstance': {
                'Description': 'string',
                'InstanceId': 'string',
                'Platform': 'Windows',
                'Volumes': [
                    {
                        'AvailabilityZone': 'string',
                        'BytesConverted': 123,
                        'Description': 'string',
                        'Image': {
                            'Checksum': 'string',
                            'Format': 'VMDK'|'RAW'|'VHD',
                            'ImportManifestUrl': 'string',
                            'Size': 123
                        },
                        'Status': 'string',
                        'StatusMessage': 'string',
                        'Volume': {
                            'Id': 'string',
                            'Size': 123
                        }
                    },
                ]
            },
            'ImportVolume': {
                'AvailabilityZone': 'string',
                'BytesConverted': 123,
                'Description': 'string',
                'Image': {
                    'Checksum': 'string',
                    'Format': 'VMDK'|'RAW'|'VHD',
                    'ImportManifestUrl': 'string',
                    'Size': 123
                },
                'Volume': {
                    'Id': 'string',
                    'Size': 123
                }
            },
            'State': 'active'|'cancelling'|'cancelled'|'completed',
            'StatusMessage': 'string',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output for DescribeConversionTasks.

    • ConversionTasks (list) --

      Information about the conversion tasks.

      • (dict) --

        Describes a conversion task.

        • ConversionTaskId (string) --

          The ID of the conversion task.

        • ExpirationTime (string) --

          The time when the task expires. If the upload isn't complete before the expiration time, we automatically cancel the task.

        • ImportInstance (dict) --

          If the task is for importing an instance, this contains information about the import instance task.

          • Description (string) --

            A description of the task.

          • InstanceId (string) --

            The ID of the instance.

          • Platform (string) --

            The instance operating system.

          • Volumes (list) --

            One or more volumes.

            • (dict) --

              Describes an import volume task.

              • AvailabilityZone (string) --

                The Availability Zone where the resulting instance will reside.

              • BytesConverted (integer) --

                The number of bytes converted so far.

              • Description (string) --

                A description of the task.

              • Image (dict) --

                The image.

                • Checksum (string) --

                  The checksum computed for the disk image.

                • Format (string) --

                  The disk image format.

                • ImportManifestUrl (string) --

                  A presigned URL for the import manifest stored in Amazon S3. For information about creating a presigned URL for an Amazon S3 object, read the "Query String Request Authentication Alternative" section of the Authenticating REST Requests topic in the Amazon Simple Storage Service Developer Guide .

                  For information about the import manifest referenced by this API action, see VM Import Manifest .

                • Size (integer) --

                  The size of the disk image, in GiB.

              • Status (string) --

                The status of the import of this particular disk image.

              • StatusMessage (string) --

                The status information or errors related to the disk image.

              • Volume (dict) --

                The volume.

                • Id (string) --

                  The volume identifier.

                • Size (integer) --

                  The size of the volume, in GiB.

        • ImportVolume (dict) --

          If the task is for importing a volume, this contains information about the import volume task.

          • AvailabilityZone (string) --

            The Availability Zone where the resulting volume will reside.

          • BytesConverted (integer) --

            The number of bytes converted so far.

          • Description (string) --

            The description you provided when starting the import volume task.

          • Image (dict) --

            The image.

            • Checksum (string) --

              The checksum computed for the disk image.

            • Format (string) --

              The disk image format.

            • ImportManifestUrl (string) --

              A presigned URL for the import manifest stored in Amazon S3. For information about creating a presigned URL for an Amazon S3 object, read the "Query String Request Authentication Alternative" section of the Authenticating REST Requests topic in the Amazon Simple Storage Service Developer Guide .

              For information about the import manifest referenced by this API action, see VM Import Manifest .

            • Size (integer) --

              The size of the disk image, in GiB.

          • Volume (dict) --

            The volume.

            • Id (string) --

              The volume identifier.

            • Size (integer) --

              The size of the volume, in GiB.

        • State (string) --

          The state of the conversion task.

        • StatusMessage (string) --

          The status message related to the conversion task.

        • Tags (list) --

          Any tags assigned to the task.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

describe_customer_gateways(**kwargs)

Describes one or more of your VPN customer gateways.

For more information about VPN customer gateways, see Adding a Hardware Virtual Private Gateway to Your VPC in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.describe_customer_gateways(
    CustomerGatewayIds=[
        'string',
    ],
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    DryRun=True|False
)
Parameters
  • CustomerGatewayIds (list) --

    One or more customer gateway IDs.

    Default: Describes all your customer gateways.

    • (string) --
  • Filters (list) --

    One or more filters.

    • bgp-asn - The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).
    • customer-gateway-id - The ID of the customer gateway.
    • ip-address - The IP address of the customer gateway's Internet-routable external interface.
    • state - The state of the customer gateway (pending | available | deleting | deleted ).
    • type - The type of customer gateway. Currently, the only supported type is ipsec.1 .
    • tag :key =*value* - The key/value combination of a tag assigned to the resource. Specify the key of the tag in the filter name and the value of the tag in the filter value. For example, for the tag Purpose=X, specify tag:Purpose for the filter name and X for the filter value.
    • tag-key - The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag :key =*value* filter.
    • tag-value - The value of a tag assigned to the resource. This filter is independent of the tag-key filter.
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'CustomerGateways': [
        {
            'BgpAsn': 'string',
            'CustomerGatewayId': 'string',
            'IpAddress': 'string',
            'State': 'string',
            'Type': 'string',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeCustomerGateways.

    • CustomerGateways (list) --

      Information about one or more customer gateways.

      • (dict) --

        Describes a customer gateway.

        • BgpAsn (string) --

          The customer gateway's Border Gateway Protocol (BGP) Autonomous System Number (ASN).

        • CustomerGatewayId (string) --

          The ID of the customer gateway.

        • IpAddress (string) --

          The Internet-routable IP address of the customer gateway's outside interface.

        • State (string) --

          The current state of the customer gateway (pending | available | deleting | deleted ).

        • Type (string) --

          The type of VPN connection the customer gateway supports (ipsec.1 ).

        • Tags (list) --

          Any tags assigned to the customer gateway.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example describes the specified customer gateway.

response = client.describe_customer_gateways(
    CustomerGatewayIds=[
        'cgw-0e11f167',
    ],
)

print(response)

Expected Output:

{
    'CustomerGateways': [
        {
            'BgpAsn': '65534',
            'CustomerGatewayId': 'cgw-0e11f167',
            'IpAddress': '12.1.2.3',
            'State': 'available',
            'Type': 'ipsec.1',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}
describe_dhcp_options(**kwargs)

Describes one or more of your DHCP options sets.

For more information about DHCP options sets, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.describe_dhcp_options(
    DhcpOptionsIds=[
        'string',
    ],
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    DryRun=True|False
)
Parameters
  • DhcpOptionsIds (list) --

    The IDs of one or more DHCP options sets.

    Default: Describes all your DHCP options sets.

    • (string) --
  • Filters (list) --

    One or more filters.

    • dhcp-options-id - The ID of a set of DHCP options.
    • key - The key for one of the options (for example, domain-name ).
    • value - The value for one of the options.
    • tag :key =*value* - The key/value combination of a tag assigned to the resource. Specify the key of the tag in the filter name and the value of the tag in the filter value. For example, for the tag Purpose=X, specify tag:Purpose for the filter name and X for the filter value.
    • tag-key - The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag :key =*value* filter.
    • tag-value - The value of a tag assigned to the resource. This filter is independent of the tag-key filter.
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'DhcpOptions': [
        {
            'DhcpConfigurations': [
                {
                    'Key': 'string',
                    'Values': [
                        {
                            'Value': 'string'
                        },
                    ]
                },
            ],
            'DhcpOptionsId': 'string',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeDhcpOptions.

    • DhcpOptions (list) --

      Information about one or more DHCP options sets.

      • (dict) --

        Describes a set of DHCP options.

        • DhcpConfigurations (list) --

          One or more DHCP options in the set.

          • (dict) --

            Describes a DHCP configuration option.

            • Key (string) --

              The name of a DHCP option.

            • Values (list) --

              One or more values for the DHCP option.

              • (dict) --

                Describes a value for a resource attribute that is a String.

                • Value (string) --

                  The attribute value. Note that the value is case-sensitive.

        • DhcpOptionsId (string) --

          The ID of the set of DHCP options.

        • Tags (list) --

          Any tags assigned to the DHCP options set.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

Examples

This example describes the specified DHCP options set.

response = client.describe_dhcp_options(
    DhcpOptionsIds=[
        'dopt-d9070ebb',
    ],
)

print(response)

Expected Output:

{
    'DhcpOptions': [
        {
            'DhcpConfigurations': [
                {
                    'Key': 'domain-name-servers',
                    'Values': [
                        {
                            'Value': '10.2.5.2',
                        },
                        {
                            'Value': '10.2.5.1',
                        },
                    ],
                },
            ],
            'DhcpOptionsId': 'dopt-d9070ebb',
        },
    ],
    'ResponseMetadata': {
        '...': '...',
    },
}
describe_egress_only_internet_gateways(**kwargs)

Describes one or more of your egress-only Internet gateways.

See also: AWS API Documentation

Request Syntax

response = client.describe_egress_only_internet_gateways(
    DryRun=True|False,
    EgressOnlyInternetGatewayIds=[
        'string',
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • EgressOnlyInternetGatewayIds (list) --

    One or more egress-only Internet gateway IDs.

    • (string) --
  • MaxResults (integer) -- The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned NextToken value. This value can be between 5 and 1000; if MaxResults is given a value larger than 1000, only 1000 results are returned.
  • NextToken (string) -- The token to retrieve the next page of results.
Return type

dict

Returns

Response Syntax

{
    'EgressOnlyInternetGateways': [
        {
            'Attachments': [
                {
                    'State': 'attaching'|'attached'|'detaching'|'detached',
                    'VpcId': 'string'
                },
            ],
            'EgressOnlyInternetGatewayId': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • EgressOnlyInternetGateways (list) --

      Information about the egress-only Internet gateways.

      • (dict) --

        Describes an egress-only Internet gateway.

        • Attachments (list) --

          Information about the attachment of the egress-only Internet gateway.

          • (dict) --

            Describes the attachment of a VPC to an Internet gateway or an egress-only Internet gateway.

            • State (string) --

              The current state of the attachment.

            • VpcId (string) --

              The ID of the VPC.

        • EgressOnlyInternetGatewayId (string) --

          The ID of the egress-only Internet gateway.

    • NextToken (string) --

      The token to use to retrieve the next page of results.

describe_elastic_gpus(**kwargs)

Describes the Elastic GPUs associated with your instances. For more information about Elastic GPUs, see Amazon EC2 Elastic GPUs .

See also: AWS API Documentation

Request Syntax

response = client.describe_elastic_gpus(
    ElasticGpuIds=[
        'string',
    ],
    DryRun=True|False,
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • ElasticGpuIds (list) --

    One or more Elastic GPU IDs.

    • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Filters (list) --

    One or more filters.

    • availability-zone - The Availability Zone in which the Elastic GPU resides.
    • elastic-gpu-health - The status of the Elastic GPU (OK | IMPAIRED ).
    • elastic-gpu-state - The state of the Elastic GPU (ATTACHED ).
    • elastic-gpu-type - The type of Elastic GPU; for example, eg1.medium .
    • instance-id - The ID of the instance to which the Elastic GPU is associated.
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • MaxResults (integer) -- The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value. This value can be between 5 and 1000.
  • NextToken (string) -- The token to request the next page of results.
Return type

dict

Returns

Response Syntax

{
    'ElasticGpuSet': [
        {
            'ElasticGpuId': 'string',
            'AvailabilityZone': 'string',
            'ElasticGpuType': 'string',
            'ElasticGpuHealth': {
                'Status': 'OK'|'IMPAIRED'
            },
            'ElasticGpuState': 'ATTACHED',
            'InstanceId': 'string'
        },
    ],
    'MaxResults': 123,
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • ElasticGpuSet (list) --

      Information about the Elastic GPUs.

      • (dict) --

        Describes an Elastic GPU.

        • ElasticGpuId (string) --

          The ID of the Elastic GPU.

        • AvailabilityZone (string) --

          The Availability Zone in the which the Elastic GPU resides.

        • ElasticGpuType (string) --

          The type of Elastic GPU.

        • ElasticGpuHealth (dict) --

          The status of the Elastic GPU.

          • Status (string) --

            The health status.

        • ElasticGpuState (string) --

          The state of the Elastic GPU.

        • InstanceId (string) --

          The ID of the instance to which the Elastic GPU is attached.

    • MaxResults (integer) --

      The total number of items to return. If the total number of items available is more than the value specified in max-items then a Next-Token will be provided in the output that you can use to resume pagination.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

describe_export_tasks(**kwargs)

Describes one or more of your export tasks.

See also: AWS API Documentation

Request Syntax

response = client.describe_export_tasks(
    ExportTaskIds=[
        'string',
    ]
)
Parameters
ExportTaskIds (list) --

One or more export task IDs.

  • (string) --
Return type
dict
Returns
Response Syntax
{
    'ExportTasks': [
        {
            'Description': 'string',
            'ExportTaskId': 'string',
            'ExportToS3Task': {
                'ContainerFormat': 'ova',
                'DiskImageFormat': 'VMDK'|'RAW'|'VHD',
                'S3Bucket': 'string',
                'S3Key': 'string'
            },
            'InstanceExportDetails': {
                'InstanceId': 'string',
                'TargetEnvironment': 'citrix'|'vmware'|'microsoft'
            },
            'State': 'active'|'cancelling'|'cancelled'|'completed',
            'StatusMessage': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output for DescribeExportTasks.

    • ExportTasks (list) --

      Information about the export tasks.

      • (dict) --

        Describes an instance export task.

        • Description (string) --

          A description of the resource being exported.

        • ExportTaskId (string) --

          The ID of the export task.

        • ExportToS3Task (dict) --

          Information about the export task.

          • ContainerFormat (string) --

            The container format used to combine disk images with metadata (such as OVF). If absent, only the disk image is exported.

          • DiskImageFormat (string) --

            The format for the exported image.

          • S3Bucket (string) --

            The S3 bucket for the destination image. The destination bucket must exist and grant WRITE and READ_ACP permissions to the AWS account vm-import-export@amazon.com .

          • S3Key (string) --

            The encryption key for your S3 bucket.

        • InstanceExportDetails (dict) --

          Information about the instance to export.

          • InstanceId (string) --

            The ID of the resource being exported.

          • TargetEnvironment (string) --

            The target virtualization environment.

        • State (string) --

          The state of the export task.

        • StatusMessage (string) --

          The status message related to the export task.

describe_flow_logs(**kwargs)

Describes one or more flow logs. To view the information in your flow logs (the log streams for the network interfaces), you must use the CloudWatch Logs console or the CloudWatch Logs API.

See also: AWS API Documentation

Request Syntax

response = client.describe_flow_logs(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    FlowLogIds=[
        'string',
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • Filters (list) --

    One or more filters.

    • deliver-log-status - The status of the logs delivery (SUCCESS | FAILED ).
    • flow-log-id - The ID of the flow log.
    • log-group-name - The name of the log group.
    • resource-id - The ID of the VPC, subnet, or network interface.
    • traffic-type - The type of traffic (ACCEPT | REJECT | ALL )
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • FlowLogIds (list) --

    One or more flow log IDs.

    • (string) --
  • MaxResults (integer) -- The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned NextToken value. This value can be between 5 and 1000; if MaxResults is given a value larger than 1000, only 1000 results are returned. You cannot specify this parameter and the flow log IDs parameter in the same request.
  • NextToken (string) -- The token to retrieve the next page of results.
Return type

dict

Returns

Response Syntax

{
    'FlowLogs': [
        {
            'CreationTime': datetime(2015, 1, 1),
            'DeliverLogsErrorMessage': 'string',
            'DeliverLogsPermissionArn': 'string',
            'DeliverLogsStatus': 'string',
            'FlowLogId': 'string',
            'FlowLogStatus': 'string',
            'LogGroupName': 'string',
            'ResourceId': 'string',
            'TrafficType': 'ACCEPT'|'REJECT'|'ALL'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    Contains the output of DescribeFlowLogs.

    • FlowLogs (list) --

      Information about the flow logs.

      • (dict) --

        Describes a flow log.

        • CreationTime (datetime) --

          The date and time the flow log was created.

        • DeliverLogsErrorMessage (string) --

          Information about the error that occurred. Rate limited indicates that CloudWatch logs throttling has been applied for one or more network interfaces, or that you've reached the limit on the number of CloudWatch Logs log groups that you can create. Access error indicates that the IAM role associated with the flow log does not have sufficient permissions to publish to CloudWatch Logs. Unknown error indicates an internal error.

        • DeliverLogsPermissionArn (string) --

          The ARN of the IAM role that posts logs to CloudWatch Logs.

        • DeliverLogsStatus (string) --

          The status of the logs delivery (SUCCESS | FAILED ).

        • FlowLogId (string) --

          The flow log ID.

        • FlowLogStatus (string) --

          The status of the flow log (ACTIVE ).

        • LogGroupName (string) --

          The name of the flow log group.

        • ResourceId (string) --

          The ID of the resource on which the flow log was created.

        • TrafficType (string) --

          The type of traffic captured for the flow log.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

describe_fpga_image_attribute(**kwargs)

Describes the specified attribute of the specified Amazon FPGA Image (AFI).

See also: AWS API Documentation

Request Syntax

response = client.describe_fpga_image_attribute(
    DryRun=True|False,
    FpgaImageId='string',
    Attribute='description'|'name'|'loadPermission'|'productCodes'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • FpgaImageId (string) --

    [REQUIRED]

    The ID of the AFI.

  • Attribute (string) --

    [REQUIRED]

    The AFI attribute.

Return type

dict

Returns

Response Syntax

{
    'FpgaImageAttribute': {
        'FpgaImageId': 'string',
        'Name': 'string',
        'Description': 'string',
        'LoadPermissions': [
            {
                'UserId': 'string',
                'Group': 'all'
            },
        ],
        'ProductCodes': [
            {
                'ProductCodeId': 'string',
                'ProductCodeType': 'devpay'|'marketplace'
            },
        ]
    }
}

Response Structure

  • (dict) --

    • FpgaImageAttribute (dict) --

      Information about the attribute.

      • FpgaImageId (string) --

        The ID of the AFI.

      • Name (string) --

        The name of the AFI.

      • Description (string) --

        The description of the AFI.

      • LoadPermissions (list) --

        One or more load permissions.

        • (dict) --

          Describes a load permission.

          • UserId (string) --

            The AWS account ID.

          • Group (string) --

            The name of the group.

      • ProductCodes (list) --

        One or more product codes.

        • (dict) --

          Describes a product code.

          • ProductCodeId (string) --

            The product code.

          • ProductCodeType (string) --

            The type of product code.

describe_fpga_images(**kwargs)

Describes one or more available Amazon FPGA Images (AFIs). These include public AFIs, private AFIs that you own, and AFIs owned by other AWS accounts for which you have load permissions.

See also: AWS API Documentation

Request Syntax

response = client.describe_fpga_images(
    DryRun=True|False,
    FpgaImageIds=[
        'string',
    ],
    Owners=[
        'string',
    ],
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    NextToken='string',
    MaxResults=123
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • FpgaImageIds (list) --

    One or more AFI IDs.

    • (string) --
  • Owners (list) --

    Filters the AFI by owner. Specify an AWS account ID, self (owner is the sender of the request), or an AWS owner alias (valid values are amazon | aws-marketplace ).

    • (string) --
  • Filters (list) --

    One or more filters.

    • create-time - The creation time of the AFI.
    • fpga-image-id - The FPGA image identifier (AFI ID).
    • fpga-image-global-id - The global FPGA image identifier (AGFI ID).
    • name - The name of the AFI.
    • owner-id - The AWS account ID of the AFI owner.
    • product-code - The product code.
    • shell-version - The version of the AWS Shell that was used to create the bitstream.
    • state - The state of the AFI (pending | failed | available | unavailable ).
    • tag :key =*value* - The key/value combination of a tag assigned to the resource. Specify the key of the tag in the filter name and the value of the tag in the filter value. For example, for the tag Purpose=X, specify tag:Purpose for the filter name and X for the filter value.
    • tag-key - The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag :key =*value* filter.
    • tag-value - The value of a tag assigned to the resource. This filter is independent of the tag-key filter.
    • update-time - The time of the most recent update.
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • NextToken (string) -- The token to retrieve the next page of results.
  • MaxResults (integer) -- The maximum number of results to return in a single call.
Return type

dict

Returns

Response Syntax

{
    'FpgaImages': [
        {
            'FpgaImageId': 'string',
            'FpgaImageGlobalId': 'string',
            'Name': 'string',
            'Description': 'string',
            'ShellVersion': 'string',
            'PciId': {
                'DeviceId': 'string',
                'VendorId': 'string',
                'SubsystemId': 'string',
                'SubsystemVendorId': 'string'
            },
            'State': {
                'Code': 'pending'|'failed'|'available'|'unavailable',
                'Message': 'string'
            },
            'CreateTime': datetime(2015, 1, 1),
            'UpdateTime': datetime(2015, 1, 1),
            'OwnerId': 'string',
            'OwnerAlias': 'string',
            'ProductCodes': [
                {
                    'ProductCodeId': 'string',
                    'ProductCodeType': 'devpay'|'marketplace'
                },
            ],
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'Public': True|False
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • FpgaImages (list) --

      Information about one or more FPGA images.

      • (dict) --

        Describes an Amazon FPGA image (AFI).

        • FpgaImageId (string) --

          The FPGA image identifier (AFI ID).

        • FpgaImageGlobalId (string) --

          The global FPGA image identifier (AGFI ID).

        • Name (string) --

          The name of the AFI.

        • Description (string) --

          The description of the AFI.

        • ShellVersion (string) --

          The version of the AWS Shell that was used to create the bitstream.

        • PciId (dict) --

          Information about the PCI bus.

          • DeviceId (string) --

            The ID of the device.

          • VendorId (string) --

            The ID of the vendor.

          • SubsystemId (string) --

            The ID of the subsystem.

          • SubsystemVendorId (string) --

            The ID of the vendor for the subsystem.

        • State (dict) --

          Information about the state of the AFI.

          • Code (string) --

            The state. The following are the possible values:

            • pending - AFI bitstream generation is in progress.
            • available - The AFI is available for use.
            • failed - AFI bitstream generation failed.
            • unavailable - The AFI is no longer available for use.
          • Message (string) --

            If the state is failed , this is the error message.

        • CreateTime (datetime) --

          The date and time the AFI was created.

        • UpdateTime (datetime) --

          The time of the most recent update to the AFI.

        • OwnerId (string) --

          The AWS account ID of the AFI owner.

        • OwnerAlias (string) --

          The alias of the AFI owner. Possible values include self , amazon , and aws-marketplace .

        • ProductCodes (list) --

          The product codes for the AFI.

          • (dict) --

            Describes a product code.

            • ProductCodeId (string) --

              The product code.

            • ProductCodeType (string) --

              The type of product code.

        • Tags (list) --

          Any tags assigned to the AFI.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

        • Public (boolean) --

          Indicates whether the AFI is public.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

describe_host_reservation_offerings(**kwargs)

Describes the Dedicated Host Reservations that are available to purchase.

The results describe all the Dedicated Host Reservation offerings, including offerings that may not match the instance family and region of your Dedicated Hosts. When purchasing an offering, ensure that the the instance family and region of the offering matches that of the Dedicated Host/s it will be associated with. For an overview of supported instance types, see Dedicated Hosts Overview in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.describe_host_reservation_offerings(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    MaxDuration=123,
    MaxResults=123,
    MinDuration=123,
    NextToken='string',
    OfferingId='string'
)
Parameters
  • Filters (list) --

    One or more filters.

    • instance-family - The instance family of the offering (e.g., m4 ).
    • payment-option - The payment option (NoUpfront | PartialUpfront | AllUpfront ).
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • MaxDuration (integer) -- This is the maximum duration of the reservation you'd like to purchase, specified in seconds. Reservations are available in one-year and three-year terms. The number of seconds specified must be the number of seconds in a year (365x24x60x60) times one of the supported durations (1 or 3). For example, specify 94608000 for three years.
  • MaxResults (integer) -- The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500; if maxResults is given a larger value than 500, you will receive an error.
  • MinDuration (integer) -- This is the minimum duration of the reservation you'd like to purchase, specified in seconds. Reservations are available in one-year and three-year terms. The number of seconds specified must be the number of seconds in a year (365x24x60x60) times one of the supported durations (1 or 3). For example, specify 31536000 for one year.
  • NextToken (string) -- The token to use to retrieve the next page of results.
  • OfferingId (string) -- The ID of the reservation offering.
Return type

dict

Returns

Response Syntax

{
    'NextToken': 'string',
    'OfferingSet': [
        {
            'CurrencyCode': 'USD',
            'Duration': 123,
            'HourlyPrice': 'string',
            'InstanceFamily': 'string',
            'OfferingId': 'string',
            'PaymentOption': 'AllUpfront'|'PartialUpfront'|'NoUpfront',
            'UpfrontPrice': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

    • OfferingSet (list) --

      Information about the offerings.

      • (dict) --

        Details about the Dedicated Host Reservation offering.

        • CurrencyCode (string) --

          The currency of the offering.

        • Duration (integer) --

          The duration of the offering (in seconds).

        • HourlyPrice (string) --

          The hourly price of the offering.

        • InstanceFamily (string) --

          The instance family of the offering.

        • OfferingId (string) --

          The ID of the offering.

        • PaymentOption (string) --

          The available payment option.

        • UpfrontPrice (string) --

          The upfront price of the offering. Does not apply to No Upfront offerings.

describe_host_reservations(**kwargs)

Describes Dedicated Host Reservations which are associated with Dedicated Hosts in your account.

See also: AWS API Documentation

Request Syntax

response = client.describe_host_reservations(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    HostReservationIdSet=[
        'string',
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • Filters (list) --

    One or more filters.

    • instance-family - The instance family (e.g., m4 ).
    • payment-option - The payment option (NoUpfront | PartialUpfront | AllUpfront ).
    • state - The state of the reservation (payment-pending | payment-failed | active | retired ).
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • HostReservationIdSet (list) --

    One or more host reservation IDs.

    • (string) --
  • MaxResults (integer) -- The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500; if maxResults is given a larger value than 500, you will receive an error.
  • NextToken (string) -- The token to use to retrieve the next page of results.
Return type

dict

Returns

Response Syntax

{
    'HostReservationSet': [
        {
            'Count': 123,
            'CurrencyCode': 'USD',
            'Duration': 123,
            'End': datetime(2015, 1, 1),
            'HostIdSet': [
                'string',
            ],
            'HostReservationId': 'string',
            'HourlyPrice': 'string',
            'InstanceFamily': 'string',
            'OfferingId': 'string',
            'PaymentOption': 'AllUpfront'|'PartialUpfront'|'NoUpfront',
            'Start': datetime(2015, 1, 1),
            'State': 'payment-pending'|'payment-failed'|'active'|'retired',
            'UpfrontPrice': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • HostReservationSet (list) --

      Details about the reservation's configuration.

      • (dict) --

        Details about the Dedicated Host Reservation and associated Dedicated Hosts.

        • Count (integer) --

          The number of Dedicated Hosts the reservation is associated with.

        • CurrencyCode (string) --

          The currency in which the upfrontPrice and hourlyPrice amounts are specified. At this time, the only supported currency is USD .

        • Duration (integer) --

          The length of the reservation's term, specified in seconds. Can be 31536000 (1 year) | 94608000 (3 years) .

        • End (datetime) --

          The date and time that the reservation ends.

        • HostIdSet (list) --

          The IDs of the Dedicated Hosts associated with the reservation.

          • (string) --
        • HostReservationId (string) --

          The ID of the reservation that specifies the associated Dedicated Hosts.

        • HourlyPrice (string) --

          The hourly price of the reservation.

        • InstanceFamily (string) --

          The instance family of the Dedicated Host Reservation. The instance family on the Dedicated Host must be the same in order for it to benefit from the reservation.

        • OfferingId (string) --

          The ID of the reservation. This remains the same regardless of which Dedicated Hosts are associated with it.

        • PaymentOption (string) --

          The payment option selected for this reservation.

        • Start (datetime) --

          The date and time that the reservation started.

        • State (string) --

          The state of the reservation.

        • UpfrontPrice (string) --

          The upfront price of the reservation.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

describe_hosts(**kwargs)

Describes one or more of your Dedicated Hosts.

The results describe only the Dedicated Hosts in the region you're currently using. All listed instances consume capacity on your Dedicated Host. Dedicated Hosts that have recently been released will be listed with the state released .

See also: AWS API Documentation

Request Syntax

response = client.describe_hosts(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    HostIds=[
        'string',
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • Filters (list) --

    One or more filters.

    • instance-type - The instance type size that the Dedicated Host is configured to support.
    • auto-placement - Whether auto-placement is enabled or disabled (on | off ).
    • host-reservation-id - The ID of the reservation assigned to this host.
    • client-token - The idempotency token you provided when you launched the instance
    • state - The allocation state of the Dedicated Host (available | under-assessment | permanent-failure | released | released-permanent-failure ).
    • availability-zone - The Availability Zone of the host.
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • HostIds (list) --

    The IDs of the Dedicated Hosts. The IDs are used for targeted instance launches.

    • (string) --
  • MaxResults (integer) -- The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500; if maxResults is given a larger value than 500, you will receive an error. You cannot specify this parameter and the host IDs parameter in the same request.
  • NextToken (string) -- The token to retrieve the next page of results.
Return type

dict

Returns

Response Syntax

{
    'Hosts': [
        {
            'AutoPlacement': 'on'|'off',
            'AvailabilityZone': 'string',
            'AvailableCapacity': {
                'AvailableInstanceCapacity': [
                    {
                        'AvailableCapacity': 123,
                        'InstanceType': 'string',
                        'TotalCapacity': 123
                    },
                ],
                'AvailableVCpus': 123
            },
            'ClientToken': 'string',
            'HostId': 'string',
            'HostProperties': {
                'Cores': 123,
                'InstanceType': 'string',
                'Sockets': 123,
                'TotalVCpus': 123
            },
            'HostReservationId': 'string',
            'Instances': [
                {
                    'InstanceId': 'string',
                    'InstanceType': 'string'
                },
            ],
            'State': 'available'|'under-assessment'|'permanent-failure'|'released'|'released-permanent-failure'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    Contains the output of DescribeHosts.

    • Hosts (list) --

      Information about the Dedicated Hosts.

      • (dict) --

        Describes the properties of the Dedicated Host.

        • AutoPlacement (string) --

          Whether auto-placement is on or off.

        • AvailabilityZone (string) --

          The Availability Zone of the Dedicated Host.

        • AvailableCapacity (dict) --

          The number of new instances that can be launched onto the Dedicated Host.

          • AvailableInstanceCapacity (list) --

            The total number of instances that the Dedicated Host supports.

            • (dict) --

              Information about the instance type that the Dedicated Host supports.

              • AvailableCapacity (integer) --

                The number of instances that can still be launched onto the Dedicated Host.

              • InstanceType (string) --

                The instance type size supported by the Dedicated Host.

              • TotalCapacity (integer) --

                The total number of instances that can be launched onto the Dedicated Host.

          • AvailableVCpus (integer) --

            The number of vCPUs available on the Dedicated Host.

        • ClientToken (string) --

          Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see How to Ensure Idempotency in the Amazon Elastic Compute Cloud User Guide .

        • HostId (string) --

          The ID of the Dedicated Host.

        • HostProperties (dict) --

          The hardware specifications of the Dedicated Host.

          • Cores (integer) --

            The number of cores on the Dedicated Host.

          • InstanceType (string) --

            The instance type size that the Dedicated Host supports (for example, m3.medium ).

          • Sockets (integer) --

            The number of sockets on the Dedicated Host.

          • TotalVCpus (integer) --

            The number of vCPUs on the Dedicated Host.

        • HostReservationId (string) --

          The reservation ID of the Dedicated Host. This returns a null response if the Dedicated Host doesn't have an associated reservation.

        • Instances (list) --

          The IDs and instance type that are currently running on the Dedicated Host.

          • (dict) --

            Describes an instance running on a Dedicated Host.

            • InstanceId (string) --

              the IDs of instances that are running on the Dedicated Host.

            • InstanceType (string) --

              The instance type size (for example, m3.medium ) of the running instance.

        • State (string) --

          The Dedicated Host's state.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

describe_iam_instance_profile_associations(**kwargs)

Describes your IAM instance profile associations.

See also: AWS API Documentation

Request Syntax

response = client.describe_iam_instance_profile_associations(
    AssociationIds=[
        'string',
    ],
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • AssociationIds (list) --

    One or more IAM instance profile associations.

    • (string) --
  • Filters (list) --

    One or more filters.

    • instance-id - The ID of the instance.
    • state - The state of the association (associating | associated | disassociating | disassociated ).
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • MaxResults (integer) -- The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value.
  • NextToken (string) -- The token to request the next page of results.
Return type

dict

Returns

Response Syntax

{
    'IamInstanceProfileAssociations': [
        {
            'AssociationId': 'string',
            'InstanceId': 'string',
            'IamInstanceProfile': {
                'Arn': 'string',
                'Id': 'string'
            },
            'State': 'associating'|'associated'|'disassociating'|'disassociated',
            'Timestamp': datetime(2015, 1, 1)
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • IamInstanceProfileAssociations (list) --

      Information about one or more IAM instance profile associations.

      • (dict) --

        Describes an association between an IAM instance profile and an instance.

        • AssociationId (string) --

          The ID of the association.

        • InstanceId (string) --

          The ID of the instance.

        • IamInstanceProfile (dict) --

          The IAM instance profile.

          • Arn (string) --

            The Amazon Resource Name (ARN) of the instance profile.

          • Id (string) --

            The ID of the instance profile.

        • State (string) --

          The state of the association.

        • Timestamp (datetime) --

          The time the IAM instance profile was associated with the instance.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

describe_id_format(**kwargs)

Describes the ID format settings for your resources on a per-region basis, for example, to view which resource types are enabled for longer IDs. This request only returns information about resource types whose ID formats can be modified; it does not return information about other resource types.

The following resource types support longer IDs: instance | reservation | snapshot | volume .

These settings apply to the IAM user who makes the request; they do not apply to the entire AWS account. By default, an IAM user defaults to the same settings as the root user, unless they explicitly override the settings by running the ModifyIdFormat command. Resources created with longer IDs are visible to all IAM users, regardless of these settings and provided that they have permission to use the relevant Describe command for the resource type.

See also: AWS API Documentation

Request Syntax

response = client.describe_id_format(
    Resource='string'
)
Parameters
Resource (string) -- The type of resource: instance | reservation | snapshot | volume
Return type
dict
Returns
Response Syntax
{
    'Statuses': [
        {
            'Deadline': datetime(2015, 1, 1),
            'Resource': 'string',
            'UseLongIds': True|False
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeIdFormat.

    • Statuses (list) --

      Information about the ID format for the resource.

      • (dict) --

        Describes the ID format for a resource.

        • Deadline (datetime) --

          The date in UTC at which you are permanently switched over to using longer IDs. If a deadline is not yet available for this resource type, this field is not returned.

        • Resource (string) --

          The type of resource.

        • UseLongIds (boolean) --

          Indicates whether longer IDs (17-character IDs) are enabled for the resource.

describe_identity_id_format(**kwargs)

Describes the ID format settings for resources for the specified IAM user, IAM role, or root user. For example, you can view the resource types that are enabled for longer IDs. This request only returns information about resource types whose ID formats can be modified; it does not return information about other resource types. For more information, see Resource IDs in the Amazon Elastic Compute Cloud User Guide .

The following resource types support longer IDs: instance | reservation | snapshot | volume .

These settings apply to the principal specified in the request. They do not apply to the principal that makes the request.

See also: AWS API Documentation

Request Syntax

response = client.describe_identity_id_format(
    PrincipalArn='string',
    Resource='string'
)
Parameters
  • PrincipalArn (string) --

    [REQUIRED]

    The ARN of the principal, which can be an IAM role, IAM user, or the root user.

  • Resource (string) -- The type of resource: instance | reservation | snapshot | volume
Return type

dict

Returns

Response Syntax

{
    'Statuses': [
        {
            'Deadline': datetime(2015, 1, 1),
            'Resource': 'string',
            'UseLongIds': True|False
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeIdentityIdFormat.

    • Statuses (list) --

      Information about the ID format for the resources.

      • (dict) --

        Describes the ID format for a resource.

        • Deadline (datetime) --

          The date in UTC at which you are permanently switched over to using longer IDs. If a deadline is not yet available for this resource type, this field is not returned.

        • Resource (string) --

          The type of resource.

        • UseLongIds (boolean) --

          Indicates whether longer IDs (17-character IDs) are enabled for the resource.

describe_image_attribute(**kwargs)

Describes the specified attribute of the specified AMI. You can specify only one attribute at a time.

See also: AWS API Documentation

Request Syntax

response = client.describe_image_attribute(
    Attribute='description'|'kernel'|'ramdisk'|'launchPermission'|'productCodes'|'blockDeviceMapping'|'sriovNetSupport',
    ImageId='string',
    DryRun=True|False
)
Parameters
  • Attribute (string) --

    [REQUIRED]

    The AMI attribute.

    Note : Depending on your account privileges, the blockDeviceMapping attribute may return a Client.AuthFailure error. If this happens, use DescribeImages to get information about the block device mapping for the AMI.
  • ImageId (string) --

    [REQUIRED]

    The ID of the AMI.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'BlockDeviceMappings': [
        {
            'DeviceName': 'string',
            'VirtualName': 'string',
            'Ebs': {
                'Encrypted': True|False,
                'DeleteOnTermination': True|False,
                'Iops': 123,
                'SnapshotId': 'string',
                'VolumeSize': 123,
                'VolumeType': 'standard'|'io1'|'gp2'|'sc1'|'st1'
            },
            'NoDevice': 'string'
        },
    ],
    'ImageId': 'string',
    'LaunchPermissions': [
        {
            'Group': 'all',
            'UserId': 'string'
        },
    ],
    'ProductCodes': [
        {
            'ProductCodeId': 'string',
            'ProductCodeType': 'devpay'|'marketplace'
        },
    ],
    'Description': {
        'Value': 'string'
    },
    'KernelId': {
        'Value': 'string'
    },
    'RamdiskId': {
        'Value': 'string'
    },
    'SriovNetSupport': {
        'Value': 'string'
    }
}

Response Structure

  • (dict) --

    Describes an image attribute.

    • BlockDeviceMappings (list) --

      One or more block device mapping entries.

      • (dict) --

        Describes a block device mapping.

        • DeviceName (string) --

          The device name exposed to the instance (for example, /dev/sdh or xvdh ).

        • VirtualName (string) --

          The virtual device name (ephemeral N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1 .The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.

          Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.

        • Ebs (dict) --

          Parameters used to automatically set up EBS volumes when the instance is launched.

          • Encrypted (boolean) --

            Indicates whether the EBS volume is encrypted. Encrypted Amazon EBS volumes may only be attached to instances that support Amazon EBS encryption.

          • DeleteOnTermination (boolean) --

            Indicates whether the EBS volume is deleted on instance termination.

          • Iops (integer) --

            The number of I/O operations per second (IOPS) that the volume supports. For io1 , this represents the number of IOPS that are provisioned for the volume. For gp2 , this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide .

            Constraint: Range is 100-20000 IOPS for io1 volumes and 100-10000 IOPS for gp2 volumes.

            Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2 , st1 , sc1 , or standard volumes.

          • SnapshotId (string) --

            The ID of the snapshot.

          • VolumeSize (integer) --

            The size of the volume, in GiB.

            Constraints: 1-16384 for General Purpose SSD (gp2 ), 4-16384 for Provisioned IOPS SSD (io1 ), 500-16384 for Throughput Optimized HDD (st1 ), 500-16384 for Cold HDD (sc1 ), and 1-1024 for Magnetic (standard ) volumes. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.

            Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.

          • VolumeType (string) --

            The volume type: gp2 , io1 , st1 , sc1 , or standard .

            Default: standard

        • NoDevice (string) --

          Suppresses the specified device included in the block device mapping of the AMI.

    • ImageId (string) --

      The ID of the AMI.

    • LaunchPermissions (list) --

      One or more launch permissions.

      • (dict) --

        Describes a launch permission.

        • Group (string) --

          The name of the group.

        • UserId (string) --

          The AWS account ID.

    • ProductCodes (list) --

      One or more product codes.

      • (dict) --

        Describes a product code.

        • ProductCodeId (string) --

          The product code.

        • ProductCodeType (string) --

          The type of product code.

    • Description (dict) --

      A description for the AMI.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • KernelId (dict) --

      The kernel ID.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • RamdiskId (dict) --

      The RAM disk ID.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • SriovNetSupport (dict) --

      Indicates whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

describe_images(**kwargs)

Describes one or more of the images (AMIs, AKIs, and ARIs) available to you. Images available to you include public images, private images that you own, and private images owned by other AWS accounts but for which you have explicit launch permissions.

Note

Deregistered images are included in the returned results for an unspecified interval after deregistration.

See also: AWS API Documentation

Request Syntax

response = client.describe_images(
    ExecutableUsers=[
        'string',
    ],
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    ImageIds=[
        'string',
    ],
    Owners=[
        'string',
    ],
    DryRun=True|False
)
Parameters
  • ExecutableUsers (list) --

    Scopes the images by users with explicit launch permissions. Specify an AWS account ID, self (the sender of the request), or all (public AMIs).

    • (string) --
  • Filters (list) --

    One or more filters.

    • architecture - The image architecture (i386 | x86_64 ).
    • block-device-mapping.delete-on-termination - A Boolean value that indicates whether the Amazon EBS volume is deleted on instance termination.
    • block-device-mapping.device-name - The device name for the EBS volume (for example, /dev/sdh ).
    • block-device-mapping.snapshot-id - The ID of the snapshot used for the EBS volume.
    • block-device-mapping.volume-size - The volume size of the EBS volume, in GiB.
    • block-device-mapping.volume-type - The volume type of the EBS volume (gp2 | io1 | st1 | sc1 | standard ).
    • description - The description of the image (provided during image creation).
    • ena-support - A Boolean that indicates whether enhanced networking with ENA is enabled.
    • hypervisor - The hypervisor type (ovm | xen ).
    • image-id - The ID of the image.
    • image-type - The image type (machine | kernel | ramdisk ).
    • is-public - A Boolean that indicates whether the image is public.
    • kernel-id - The kernel ID.
    • manifest-location - The location of the image manifest.
    • name - The name of the AMI (provided during image creation).
    • owner-alias - String value from an Amazon-maintained list (amazon | aws-marketplace | microsoft ) of snapshot owners. Not to be confused with the user-configured AWS account alias, which is set from the IAM console.
    • owner-id - The AWS account ID of the image owner.
    • platform - The platform. To only list Windows-based AMIs, use windows .
    • product-code - The product code.
    • product-code.type - The type of the product code (devpay | marketplace ).
    • ramdisk-id - The RAM disk ID.
    • root-device-name - The name of the root device volume (for example, /dev/sda1 ).
    • root-device-type - The type of the root device volume (ebs | instance-store ).
    • state - The state of the image (available | pending | failed ).
    • state-reason-code - The reason code for the state change.
    • state-reason-message - The message for the state change.
    • tag :key =*value* - The key/value combination of a tag assigned to the resource. Specify the key of the tag in the filter name and the value of the tag in the filter value. For example, for the tag Purpose=X, specify tag:Purpose for the filter name and X for the filter value.
    • tag-key - The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag :key =*value* filter.
    • tag-value - The value of a tag assigned to the resource. This filter is independent of the tag-key filter.
    • virtualization-type - The virtualization type (paravirtual | hvm ).
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • ImageIds (list) --

    One or more image IDs.

    Default: Describes all images available to you.

    • (string) --
  • Owners (list) --

    Filters the images by the owner. Specify an AWS account ID, self (owner is the sender of the request), or an AWS owner alias (valid values are amazon | aws-marketplace | microsoft ). Omitting this option returns all images for which you have launch permissions, regardless of ownership.

    • (string) --
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
Return type

dict

Returns

Response Syntax

{
    'Images': [
        {
            'Architecture': 'i386'|'x86_64',
            'CreationDate': 'string',
            'ImageId': 'string',
            'ImageLocation': 'string',
            'ImageType': 'machine'|'kernel'|'ramdisk',
            'Public': True|False,
            'KernelId': 'string',
            'OwnerId': 'string',
            'Platform': 'Windows',
            'ProductCodes': [
                {
                    'ProductCodeId': 'string',
                    'ProductCodeType': 'devpay'|'marketplace'
                },
            ],
            'RamdiskId': 'string',
            'State': 'pending'|'available'|'invalid'|'deregistered'|'transient'|'failed'|'error',
            'BlockDeviceMappings': [
                {
                    'DeviceName': 'string',
                    'VirtualName': 'string',
                    'Ebs': {
                        'Encrypted': True|False,
                        'DeleteOnTermination': True|False,
                        'Iops': 123,
                        'SnapshotId': 'string',
                        'VolumeSize': 123,
                        'VolumeType': 'standard'|'io1'|'gp2'|'sc1'|'st1'
                    },
                    'NoDevice': 'string'
                },
            ],
            'Description': 'string',
            'EnaSupport': True|False,
            'Hypervisor': 'ovm'|'xen',
            'ImageOwnerAlias': 'string',
            'Name': 'string',
            'RootDeviceName': 'string',
            'RootDeviceType': 'ebs'|'instance-store',
            'SriovNetSupport': 'string',
            'StateReason': {
                'Code': 'string',
                'Message': 'string'
            },
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'VirtualizationType': 'hvm'|'paravirtual'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeImages.

    • Images (list) --

      Information about one or more images.

      • (dict) --

        Describes an image.

        • Architecture (string) --

          The architecture of the image.

        • CreationDate (string) --

          The date and time the image was created.

        • ImageId (string) --

          The ID of the AMI.

        • ImageLocation (string) --

          The location of the AMI.

        • ImageType (string) --

          The type of image.

        • Public (boolean) --

          Indicates whether the image has public launch permissions. The value is true if this image has public launch permissions or false if it has only implicit and explicit launch permissions.

        • KernelId (string) --

          The kernel associated with the image, if any. Only applicable for machine images.

        • OwnerId (string) --

          The AWS account ID of the image owner.

        • Platform (string) --

          The value is Windows for Windows AMIs; otherwise blank.

        • ProductCodes (list) --

          Any product codes associated with the AMI.

          • (dict) --

            Describes a product code.

            • ProductCodeId (string) --

              The product code.

            • ProductCodeType (string) --

              The type of product code.

        • RamdiskId (string) --

          The RAM disk associated with the image, if any. Only applicable for machine images.

        • State (string) --

          The current state of the AMI. If the state is available , the image is successfully registered and can be used to launch an instance.

        • BlockDeviceMappings (list) --

          Any block device mapping entries.

          • (dict) --

            Describes a block device mapping.

            • DeviceName (string) --

              The device name exposed to the instance (for example, /dev/sdh or xvdh ).

            • VirtualName (string) --

              The virtual device name (ephemeral N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1 .The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.

              Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.

            • Ebs (dict) --

              Parameters used to automatically set up EBS volumes when the instance is launched.

              • Encrypted (boolean) --

                Indicates whether the EBS volume is encrypted. Encrypted Amazon EBS volumes may only be attached to instances that support Amazon EBS encryption.

              • DeleteOnTermination (boolean) --

                Indicates whether the EBS volume is deleted on instance termination.

              • Iops (integer) --

                The number of I/O operations per second (IOPS) that the volume supports. For io1 , this represents the number of IOPS that are provisioned for the volume. For gp2 , this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. For more information about General Purpose SSD baseline performance, I/O credits, and bursting, see Amazon EBS Volume Types in the Amazon Elastic Compute Cloud User Guide .

                Constraint: Range is 100-20000 IOPS for io1 volumes and 100-10000 IOPS for gp2 volumes.

                Condition: This parameter is required for requests to create io1 volumes; it is not used in requests to create gp2 , st1 , sc1 , or standard volumes.

              • SnapshotId (string) --

                The ID of the snapshot.

              • VolumeSize (integer) --

                The size of the volume, in GiB.

                Constraints: 1-16384 for General Purpose SSD (gp2 ), 4-16384 for Provisioned IOPS SSD (io1 ), 500-16384 for Throughput Optimized HDD (st1 ), 500-16384 for Cold HDD (sc1 ), and 1-1024 for Magnetic (standard ) volumes. If you specify a snapshot, the volume size must be equal to or larger than the snapshot size.

                Default: If you're creating the volume from a snapshot and don't specify a volume size, the default is the snapshot size.

              • VolumeType (string) --

                The volume type: gp2 , io1 , st1 , sc1 , or standard .

                Default: standard

            • NoDevice (string) --

              Suppresses the specified device included in the block device mapping of the AMI.

        • Description (string) --

          The description of the AMI that was provided during image creation.

        • EnaSupport (boolean) --

          Specifies whether enhanced networking with ENA is enabled.

        • Hypervisor (string) --

          The hypervisor type of the image.

        • ImageOwnerAlias (string) --

          The AWS account alias (for example, amazon , self ) or the AWS account ID of the AMI owner.

        • Name (string) --

          The name of the AMI that was provided during image creation.

        • RootDeviceName (string) --

          The device name of the root device (for example, /dev/sda1 or /dev/xvda ).

        • RootDeviceType (string) --

          The type of root device used by the AMI. The AMI can use an EBS volume or an instance store volume.

        • SriovNetSupport (string) --

          Specifies whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.

        • StateReason (dict) --

          The reason for the state change.

          • Code (string) --

            The reason code for the state change.

          • Message (string) --

            The message for the state change.

            • Server.InsufficientInstanceCapacity : There was insufficient instance capacity to satisfy the launch request.
            • Server.InternalError : An internal error occurred during instance launch, resulting in termination.
            • Server.ScheduledStop : The instance was stopped due to a scheduled retirement.
            • Server.SpotInstanceTermination : A Spot instance was terminated due to an increase in the market price.
            • Client.InternalError : A client error caused the instance to terminate on launch.
            • Client.InstanceInitiatedShutdown : The instance was shut down using the shutdown -h command from the instance.
            • Client.InstanceTerminated : The instance was terminated or rebooted during AMI creation.
            • Client.UserInitiatedShutdown : The instance was shut down using the Amazon EC2 API.
            • Client.VolumeLimitExceeded : The limit on the number of EBS volumes or total storage was exceeded. Decrease usage or request an increase in your limits.
            • Client.InvalidSnapshot.NotFound : The specified snapshot was not found.
        • Tags (list) --

          Any tags assigned to the image.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

        • VirtualizationType (string) --

          The type of virtualization of the AMI.

describe_import_image_tasks(**kwargs)

Displays details about an import virtual machine or import snapshot tasks that are already created.

See also: AWS API Documentation

Request Syntax

response = client.describe_import_image_tasks(
    DryRun=True|False,
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    ImportTaskIds=[
        'string',
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Filters (list) --

    Filter tasks using the task-state filter and one of the following values: active, completed, deleting, deleted.

    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • ImportTaskIds (list) --

    A list of import image task IDs.

    • (string) --
  • MaxResults (integer) -- The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value.
  • NextToken (string) -- A token that indicates the next page of results.
Return type

dict

Returns

Response Syntax

{
    'ImportImageTasks': [
        {
            'Architecture': 'string',
            'Description': 'string',
            'Hypervisor': 'string',
            'ImageId': 'string',
            'ImportTaskId': 'string',
            'LicenseType': 'string',
            'Platform': 'string',
            'Progress': 'string',
            'SnapshotDetails': [
                {
                    'Description': 'string',
                    'DeviceName': 'string',
                    'DiskImageSize': 123.0,
                    'Format': 'string',
                    'Progress': 'string',
                    'SnapshotId': 'string',
                    'Status': 'string',
                    'StatusMessage': 'string',
                    'Url': 'string',
                    'UserBucket': {
                        'S3Bucket': 'string',
                        'S3Key': 'string'
                    }
                },
            ],
            'Status': 'string',
            'StatusMessage': 'string'
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    Contains the output for DescribeImportImageTasks.

    • ImportImageTasks (list) --

      A list of zero or more import image tasks that are currently active or were completed or canceled in the previous 7 days.

      • (dict) --

        Describes an import image task.

        • Architecture (string) --

          The architecture of the virtual machine.

          Valid values: i386 | x86_64

        • Description (string) --

          A description of the import task.

        • Hypervisor (string) --

          The target hypervisor for the import task.

          Valid values: xen

        • ImageId (string) --

          The ID of the Amazon Machine Image (AMI) of the imported virtual machine.

        • ImportTaskId (string) --

          The ID of the import image task.

        • LicenseType (string) --

          The license type of the virtual machine.

        • Platform (string) --

          The description string for the import image task.

        • Progress (string) --

          The percentage of progress of the import image task.

        • SnapshotDetails (list) --

          Information about the snapshots.

          • (dict) --

            Describes the snapshot created from the imported disk.

            • Description (string) --

              A description for the snapshot.

            • DeviceName (string) --

              The block device mapping for the snapshot.

            • DiskImageSize (float) --

              The size of the disk in the snapshot, in GiB.

            • Format (string) --

              The format of the disk image from which the snapshot is created.

            • Progress (string) --

              The percentage of progress for the task.

            • SnapshotId (string) --

              The snapshot ID of the disk being imported.

            • Status (string) --

              A brief status of the snapshot creation.

            • StatusMessage (string) --

              A detailed status message for the snapshot creation.

            • Url (string) --

              The URL used to access the disk image.

            • UserBucket (dict) --

              The S3 bucket for the disk image.

              • S3Bucket (string) --

                The S3 bucket from which the disk image was created.

              • S3Key (string) --

                The file name of the disk image.

        • Status (string) --

          A brief status for the import image task.

        • StatusMessage (string) --

          A descriptive status message for the import image task.

    • NextToken (string) --

      The token to use to get the next page of results. This value is null when there are no more results to return.

describe_import_snapshot_tasks(**kwargs)

Describes your import snapshot tasks.

See also: AWS API Documentation

Request Syntax

response = client.describe_import_snapshot_tasks(
    DryRun=True|False,
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    ImportTaskIds=[
        'string',
    ],
    MaxResults=123,
    NextToken='string'
)
Parameters
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • Filters (list) --

    One or more filters.

    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • ImportTaskIds (list) --

    A list of import snapshot task IDs.

    • (string) --
  • MaxResults (integer) -- The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value.
  • NextToken (string) -- A token that indicates the next page of results.
Return type

dict

Returns

Response Syntax

{
    'ImportSnapshotTasks': [
        {
            'Description': 'string',
            'ImportTaskId': 'string',
            'SnapshotTaskDetail': {
                'Description': 'string',
                'DiskImageSize': 123.0,
                'Format': 'string',
                'Progress': 'string',
                'SnapshotId': 'string',
                'Status': 'string',
                'StatusMessage': 'string',
                'Url': 'string',
                'UserBucket': {
                    'S3Bucket': 'string',
                    'S3Key': 'string'
                }
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    Contains the output for DescribeImportSnapshotTasks.

    • ImportSnapshotTasks (list) --

      A list of zero or more import snapshot tasks that are currently active or were completed or canceled in the previous 7 days.

      • (dict) --

        Describes an import snapshot task.

        • Description (string) --

          A description of the import snapshot task.

        • ImportTaskId (string) --

          The ID of the import snapshot task.

        • SnapshotTaskDetail (dict) --

          Describes an import snapshot task.

          • Description (string) --

            The description of the snapshot.

          • DiskImageSize (float) --

            The size of the disk in the snapshot, in GiB.

          • Format (string) --

            The format of the disk image from which the snapshot is created.

          • Progress (string) --

            The percentage of completion for the import snapshot task.

          • SnapshotId (string) --

            The snapshot ID of the disk being imported.

          • Status (string) --

            A brief status for the import snapshot task.

          • StatusMessage (string) --

            A detailed status message for the import snapshot task.

          • Url (string) --

            The URL of the disk image from which the snapshot is created.

          • UserBucket (dict) --

            The S3 bucket for the disk image.

            • S3Bucket (string) --

              The S3 bucket from which the disk image was created.

            • S3Key (string) --

              The file name of the disk image.

    • NextToken (string) --

      The token to use to get the next page of results. This value is null when there are no more results to return.

describe_instance_attribute(**kwargs)

Describes the specified attribute of the specified instance. You can specify only one attribute at a time. Valid attribute values are: instanceType | kernel | ramdisk | userData | disableApiTermination | instanceInitiatedShutdownBehavior | rootDeviceName | blockDeviceMapping | productCodes | sourceDestCheck | groupSet | ebsOptimized | sriovNetSupport

See also: AWS API Documentation

Request Syntax

response = client.describe_instance_attribute(
    Attribute='instanceType'|'kernel'|'ramdisk'|'userData'|'disableApiTermination'|'instanceInitiatedShutdownBehavior'|'rootDeviceName'|'blockDeviceMapping'|'productCodes'|'sourceDestCheck'|'groupSet'|'ebsOptimized'|'sriovNetSupport'|'enaSupport',
    DryRun=True|False,
    InstanceId='string'
)
Parameters
  • Attribute (string) --

    [REQUIRED]

    The instance attribute.

    Note: The enaSupport attribute is not supported at this time.

  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • InstanceId (string) --

    [REQUIRED]

    The ID of the instance.

Return type

dict

Returns

Response Syntax

{
    'Groups': [
        {
            'GroupName': 'string',
            'GroupId': 'string'
        },
    ],
    'BlockDeviceMappings': [
        {
            'DeviceName': 'string',
            'Ebs': {
                'AttachTime': datetime(2015, 1, 1),
                'DeleteOnTermination': True|False,
                'Status': 'attaching'|'attached'|'detaching'|'detached',
                'VolumeId': 'string'
            }
        },
    ],
    'DisableApiTermination': {
        'Value': True|False
    },
    'EnaSupport': {
        'Value': True|False
    },
    'EbsOptimized': {
        'Value': True|False
    },
    'InstanceId': 'string',
    'InstanceInitiatedShutdownBehavior': {
        'Value': 'string'
    },
    'InstanceType': {
        'Value': 'string'
    },
    'KernelId': {
        'Value': 'string'
    },
    'ProductCodes': [
        {
            'ProductCodeId': 'string',
            'ProductCodeType': 'devpay'|'marketplace'
        },
    ],
    'RamdiskId': {
        'Value': 'string'
    },
    'RootDeviceName': {
        'Value': 'string'
    },
    'SourceDestCheck': {
        'Value': True|False
    },
    'SriovNetSupport': {
        'Value': 'string'
    },
    'UserData': {
        'Value': 'string'
    }
}

Response Structure

  • (dict) --

    Describes an instance attribute.

    • Groups (list) --

      The security groups associated with the instance.

      • (dict) --

        Describes a security group.

        • GroupName (string) --

          The name of the security group.

        • GroupId (string) --

          The ID of the security group.

    • BlockDeviceMappings (list) --

      The block device mapping of the instance.

      • (dict) --

        Describes a block device mapping.

        • DeviceName (string) --

          The device name exposed to the instance (for example, /dev/sdh or xvdh ).

        • Ebs (dict) --

          Parameters used to automatically set up EBS volumes when the instance is launched.

          • AttachTime (datetime) --

            The time stamp when the attachment initiated.

          • DeleteOnTermination (boolean) --

            Indicates whether the volume is deleted on instance termination.

          • Status (string) --

            The attachment state.

          • VolumeId (string) --

            The ID of the EBS volume.

    • DisableApiTermination (dict) --

      If the value is true , you can't terminate the instance through the Amazon EC2 console, CLI, or API; otherwise, you can.

      • Value (boolean) --

        The attribute value. The valid values are true or false .

    • EnaSupport (dict) --

      Indicates whether enhanced networking with ENA is enabled.

      • Value (boolean) --

        The attribute value. The valid values are true or false .

    • EbsOptimized (dict) --

      Indicates whether the instance is optimized for EBS I/O.

      • Value (boolean) --

        The attribute value. The valid values are true or false .

    • InstanceId (string) --

      The ID of the instance.

    • InstanceInitiatedShutdownBehavior (dict) --

      Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • InstanceType (dict) --

      The instance type.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • KernelId (dict) --

      The kernel ID.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • ProductCodes (list) --

      A list of product codes.

      • (dict) --

        Describes a product code.

        • ProductCodeId (string) --

          The product code.

        • ProductCodeType (string) --

          The type of product code.

    • RamdiskId (dict) --

      The RAM disk ID.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • RootDeviceName (dict) --

      The name of the root device (for example, /dev/sda1 or /dev/xvda ).

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • SourceDestCheck (dict) --

      Indicates whether source/destination checking is enabled. A value of true means checking is enabled, and false means checking is disabled. This value must be false for a NAT instance to perform NAT.

      • Value (boolean) --

        The attribute value. The valid values are true or false .

    • SriovNetSupport (dict) --

      Indicates whether enhanced networking with the Intel 82599 Virtual Function interface is enabled.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

    • UserData (dict) --

      The user data.

      • Value (string) --

        The attribute value. Note that the value is case-sensitive.

Examples

This example describes the instance type of the specified instance.

response = client.describe_instance_attribute(
    Attribute='instanceType',
    InstanceId='i-1234567890abcdef0',
)

print(response)

Expected Output:

{
    'InstanceId': 'i-1234567890abcdef0',
    'InstanceType': {
        'Value': 't1.micro',
    },
    'ResponseMetadata': {
        '...': '...',
    },
}

This example describes the disableApiTermination attribute of the specified instance.

response = client.describe_instance_attribute(
    Attribute='disableApiTermination',
    InstanceId='i-1234567890abcdef0',
)

print(response)

Expected Output:

{
    'DisableApiTermination': {
        'Value': 'false',
    },
    'InstanceId': 'i-1234567890abcdef0',
    'ResponseMetadata': {
        '...': '...',
    },
}

This example describes the blockDeviceMapping attribute of the specified instance.

response = client.describe_instance_attribute(
    Attribute='blockDeviceMapping',
    InstanceId='i-1234567890abcdef0',
)

print(response)

Expected Output:

{
    'BlockDeviceMappings': [
        {
            'DeviceName': '/dev/sda1',
            'Ebs': {
                'AttachTime': datetime(2013, 5, 17, 22, 42, 34, 4, 137, 0),
                'DeleteOnTermination': True,
                'Status': 'attached',
                'VolumeId': 'vol-049df61146c4d7901',
            },
        },
        {
            'DeviceName': '/dev/sdf',
            'Ebs': {
                'AttachTime': datetime(2013, 9, 10, 23, 7, 0, 1, 253, 0),
                'DeleteOnTermination': False,
                'Status': 'attached',
                'VolumeId': 'vol-049df61146c4d7901',
            },
        },
    ],
    'InstanceId': 'i-1234567890abcdef0',
    'ResponseMetadata': {
        '...': '...',
    },
}
describe_instance_status(**kwargs)

Describes the status of one or more instances. By default, only running instances are described, unless you specifically indicate to return the status of all instances.

Instance status includes the following components:

  • Status checks - Amazon EC2 performs status checks on running EC2 instances to identify hardware and software issues. For more information, see Status Checks for Your Instances and Troubleshooting Instances with Failed Status Checks in the Amazon Elastic Compute Cloud User Guide .
  • Scheduled events - Amazon EC2 can schedule events (such as reboot, stop, or terminate) for your instances related to hardware issues, software updates, or system maintenance. For more information, see Scheduled Events for Your Instances in the Amazon Elastic Compute Cloud User Guide .
  • Instance state - You can manage your instances from the moment you launch them through their termination. For more information, see Instance Lifecycle in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

response = client.describe_instance_status(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    InstanceIds=[
        'string',
    ],
    MaxResults=123,
    NextToken='string',
    DryRun=True|False,
    IncludeAllInstances=True|False
)
Parameters
  • Filters (list) --

    One or more filters.

    • availability-zone - The Availability Zone of the instance.
    • event.code - The code for the scheduled event (instance-reboot | system-reboot | system-maintenance | instance-retirement | instance-stop ).
    • event.description - A description of the event.
    • event.not-after - The latest end time for the scheduled event (for example, 2014-09-15T17:15:20.000Z ).
    • event.not-before - The earliest start time for the scheduled event (for example, 2014-09-15T17:15:20.000Z ).
    • instance-state-code - The code for the instance state, as a 16-bit unsigned integer. The high byte is an opaque internal value and should be ignored. The low byte is set based on the state represented. The valid values are 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).
    • instance-state-name - The state of the instance (pending | running | shutting-down | terminated | stopping | stopped ).
    • instance-status.reachability - Filters on instance status where the name is reachability (passed | failed | initializing | insufficient-data ).
    • instance-status.status - The status of the instance (ok | impaired | initializing | insufficient-data | not-applicable ).
    • system-status.reachability - Filters on system status where the name is reachability (passed | failed | initializing | insufficient-data ).
    • system-status.status - The system status of the instance (ok | impaired | initializing | insufficient-data | not-applicable ).
    • (dict) --

      A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

      • Name (string) --

        The name of the filter. Filter names are case-sensitive.

      • Values (list) --

        One or more filter values. Filter values are case-sensitive.

        • (string) --
  • InstanceIds (list) --

    One or more instance IDs.

    Default: Describes all your instances.

    Constraints: Maximum 100 explicitly specified instance IDs.

    • (string) --
  • MaxResults (integer) -- The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value. This value can be between 5 and 1000. You cannot specify this parameter and the instance IDs parameter in the same call.
  • NextToken (string) -- The token to retrieve the next page of results.
  • DryRun (boolean) -- Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
  • IncludeAllInstances (boolean) --

    When true , includes the health status for all instances. When false , includes the health status for running instances only.

    Default: false

Return type

dict

Returns

Response Syntax

{
    'InstanceStatuses': [
        {
            'AvailabilityZone': 'string',
            'Events': [
                {
                    'Code': 'instance-reboot'|'system-reboot'|'system-maintenance'|'instance-retirement'|'instance-stop',
                    'Description': 'string',
                    'NotAfter': datetime(2015, 1, 1),
                    'NotBefore': datetime(2015, 1, 1)
                },
            ],
            'InstanceId': 'string',
            'InstanceState': {
                'Code': 123,
                'Name': 'pending'|'running'|'shutting-down'|'terminated'|'stopping'|'stopped'
            },
            'InstanceStatus': {
                'Details': [
                    {
                        'ImpairedSince': datetime(2015, 1, 1),
                        'Name': 'reachability',
                        'Status': 'passed'|'failed'|'insufficient-data'|'initializing'
                    },
                ],
                'Status': 'ok'|'impaired'|'insufficient-data'|'not-applicable'|'initializing'
            },
            'SystemStatus': {
                'Details': [
                    {
                        'ImpairedSince': datetime(2015, 1, 1),
                        'Name': 'reachability',
                        'Status': 'passed'|'failed'|'insufficient-data'|'initializing'
                    },
                ],
                'Status': 'ok'|'impaired'|'insufficient-data'|'not-applicable'|'initializing'
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    Contains the output of DescribeInstanceStatus.

    • InstanceStatuses (list) --

      One or more instance status descriptions.

      • (dict) --

        Describes the status of an instance.

        • AvailabilityZone (string) --

          The Availability Zone of the instance.

        • Events (list) --

          Any scheduled events associated with the instance.

          • (dict) --

            Describes a scheduled event for an instance.

            • Code (string) --

              The event code.

            • Description (string) --

              A description of the event.

              After a scheduled event is completed, it can still be described for up to a week. If the event has been completed, this description starts with the following text: [Completed].

            • NotAfter (datetime) --

              The latest scheduled end time for the event.

            • NotBefore (datetime) --

              The earliest scheduled start time for the event.

        • InstanceId (string) --

          The ID of the instance.

        • InstanceState (dict) --

          The intended state of the instance. DescribeInstanceStatus requires that an instance be in the running state.

          • Code (integer) --

            The low byte represents the state. The high byte is an opaque internal value and should be ignored.

            • 0 : pending
            • 16 : running
            • 32 : shutting-down
            • 48 : terminated
            • 64 : stopping
            • 80 : stopped
          • Name (string) --

            The current state of the instance.

        • InstanceStatus (dict) --

          Reports impaired functionality that stems from issues internal to the instance, such as impaired reachability.

          • Details (list) --

            The system instance health or application instance health.

            • (dict) --

              Describes the instance status.

              • ImpairedSince (datetime) --

                The time when a status check failed. For an instance that was launched and impaired, this is the time when the instance was launched.

              • Name (string) --

                The type of instance status.

              • Status (string) --

                The status.

          • Status (string) --

            The status.

        • SystemStatus (dict) --

          Reports impaired functionality that stems from issues related to the systems that support an instance, such as hardware failures and network connectivity problems.

          • Details (list) --

            The system instance health or application instance health.

            • (dict) --

              Describes the instance status.

              • ImpairedSince (datetime) --

                The time when a status check failed. For an instance that was launched and impaired, this is the time when the instance was launched.

              • Name (string) --

                The type of instance status.

              • Status (string) --

                The status.

          • Status (string) --

            The status.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

describe_instances(**kwargs)

Describes one or more of your instances.

If you specify one or more instance IDs, Amazon EC2 returns information for those instances. If you do not specify instance IDs, Amazon EC2 returns information for all relevant instances. If you specify an instance ID that is not valid, an error is returned. If you specify an instance that you do not own, it is not included in the returned results.

Recently terminated instances might appear in the returned results. This interval is usually less than one hour.

If you describe instances in the rare case where an Availability Zone is experiencing a service disruption and you specify instance IDs that are in the affected zone, or do not specify any instance IDs at all, the call fails. If you describe instances and specify only instance IDs that are in an unaffected zone, the call works normally.

See also: AWS API Documentation

Request Syntax

response = client.describe_instances(
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    InstanceIds=[
        'string',
    ],
    DryRun=True|False,
    MaxResults=123,
    NextToken='string'
)
Parameters
  • Filters (list) --

    One or more filters.

    • affinity - The affinity setting for an instance running on a Dedicated Host (default | host ).
    • architecture - The instance architecture (i386 | x86_64 ).
    • availability-zone - The Availability Zone of the instance.
    • block-device-mapping.attach-time - The attach time for an EBS volume mapped to the instance, for example, 2010-09-15T17:15:20.000Z .
    • block-device-mapping.delete-on-termination - A Boolean that indicates whether the EBS volume is deleted on instance termination.
    • block-device-mapping.device-name - The device name for the EBS volume (for example, /dev/sdh or xvdh ).
    • block-device-mapping.status - The status for the EBS volume (attaching | attached | detaching | detached ).
    • block-device-mapping.volume-id - The volume ID of the EBS volume.
    • client-token - The idempotency token you provided when you launched the instance.
    • dns-name - The public DNS name of the instance.
    • group-id - The ID of the security group for the instance. EC2-Classic only.
    • group-name - The name of the security group for the instance. EC2-Classic only.
    • host-id - The ID of the Dedicated Host on which the instance is running, if applicable.
    • hypervisor - The hypervisor type of the instance (ovm | xen ).
    • iam-instance-profile.arn - The instance profile associated with the instance. Specified as an ARN.
    • image-id - The ID of the image used to launch the instance.
    • instance-id - The ID of the instance.
    • instance-lifecycle - Indicates whether this is a Spot Instance or a Scheduled Instance (spot | scheduled ).
    • instance-state-code - The state of the instance, as a 16-bit unsigned integer. The high byte is an opaque internal value and should be ignored. The low byte is set based on the state represented. The valid values are: 0 (pending), 16 (running), 32 (shutting-down), 48 (terminated), 64 (stopping), and 80 (stopped).
    • instance-state-name - The state of the instance (pending | running | shutting-down | terminated | stopping | stopped ).
    • instance-type - The type of instance (for example, t2.micro ).
    • instance.group-id - The ID of the security group for the instance.
    • instance.group-name - The name of the security group for the instance.
    • ip-address - The public IPv4 address of the instance.
    • kernel-id - The kernel ID.
    • key-name - The name of the key pair used when the instance was launched.
    • launch-index - When launching multiple instances, this is the index for the instance in the launch group (for example, 0, 1, 2, and so on).
    • launch-time - The time when the instance was launched.
    • monitoring-state - Indicates whether detailed monitoring is enabled (disabled | enabled ).
    • network-interface.addresses.private-ip-address - The private IPv4 address associated with the network interface.
    • network-interface.addresses.primary - Specifies whether the IPv4 address of the network interface is the primary private IPv4 address.
    • network-interface.addresses.association.public-ip - The ID of the association of an Elastic IP address (IPv4) with a network interface.
    • network-interface.addresses.association.ip-owner-id - The owner ID of the private IPv4 address associated with the network interface.
    • network-interface.association.public-ip - The address of the Elastic IP address (IPv4) bound to the network interface.
    • network-interface.association.ip-owner-id - The owner of the Elastic IP address (IPv4) associated with the network interface.
    • network-interface.association.allocation-id - The allocation ID returned when you allocated the Elastic IP address (IPv4) for your network interface.
    • network-interface.association.association-id - The association ID returned when the network interface was associated with an IPv4 address.
    • network-interface.attachment.attachment-id - The ID of the interface attachment.
    • network-interface.attachment.instance-id - The ID of the instance to which the network interface is attached.
    • network-interface.attachment.instance-owner-id - The owner ID of the instance to which the network interface is attached.
    • network-interface.attachment.device-index - The device index to which the network interface is attached.
    • network-interface.attachment.status - The status of the attachment (attaching | attached | detaching | detached ).
    • network-interface.attachment.attach-time - The time that the network interface was attached to an instance.
    • network-interface.attachment.delete-on-termination - Specifies whether the attachment is deleted when an instance is terminated.
    • network-interface.availability-zone - The Availability Zone for the network interface.
    • network-interface.description - The description of the network interface.
    • network-interface.group-id - The ID of a security group associated with the network interface.
    • network-interface.group-name - The name of a security group associated with the network interface.
    • network-interface.ipv6-addresses.ipv6-address - The IPv6 address associated with the network interface.
    • network-interface.mac-address - The MAC address of the network interface.
    • network-interface.network-interface-id - The ID of the network interface.
    • network-interface.owner-id - The ID of the owner of the network interface.
    • network-interface.private-dns-name - The private DNS name of the network interface.
    • network-interface.requester-id - The requester ID for the network interface.
    • network-interface.requester-managed - Indicates whether the network interface is being managed by AWS.
    • network-interface.status - The status of the network interface (available ) | in-use ).
    • network-interface.source-dest-check - Whether the network interface performs source/destination checking. A value of true means checking is enabled, and false means checking is disabled. The value must be false for the network interface to perform network address translation (NAT) in your VPC.
    • network-interface.subnet-id - The ID of the subnet for the network interface.
    • network-interface.vpc-id - The ID of the VPC for the network interface.
    • owner-id - The AWS account ID of the instance owner.
    • placement-group-name - The name of the placement group for the instance.
    • platform - The platform. Use windows if you have Windows instances; otherwise, leave blank.
    • private-dns-name - The private IPv4 DNS name of the instance.
    • private-ip-address - The private IPv4 address of the instance.
    • product-code - The product code associated with the AMI used to launch the instance.
    • product-code.type - The type of product code (devpay | marketplace ).
    • ramdisk-id - The RAM disk ID.
    • reason - The reason for the current state of the instance (for example, shows "User Initiated [date]" when you stop or terminate the instance). Similar to the state-reason-code filter.
    • requester-id - The ID of the entity that launched the instance on your behalf (for example, AWS Management Console, Auto Scaling, and so on).
    • reservation-id - The ID of the instance's reservation. A reservation ID is created any time you launch an instance. A reservation ID has a one-to-one relationship with an instance launch request, but can be associated with more than one instance if you launch multiple instances using the same launch request. For example, if you launch one instance, you'll get one reservation ID. If you launch ten instances using the same launch request, you'll also get one reservation ID.
    • root-device-name - The name of the root device for the instance (for example, /dev/sda1 or /dev/xvda ).
    • root-device-type - The type of root device that the instance uses (ebs | instance-store ).
    • source-dest-check - Indicates whether the instance performs source/destination checking. A value of true means that checking is enabled, and false means checking is disabled. The value must be false for the instance to perform network address translation (NAT) in your VPC.
    • spot-instance-request-id - The ID of the Spot instance request.
    • state-reason-code - The reason code for the state change.
    • state-reason-message - A message that describes the state change.
    • subnet-id - The ID of the subnet for the instance.
    • tag :key =*value* - The key/value combination of a tag assigned to the resource. Specify the key of the tag in the filter name and the value of the tag in the filter value. For example, for the tag Purpose=X, specify tag:Purpose for the filter name and X for the filter value.
    • tag-key - The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag :key =*value* filter.
    • tag-value