Amazon Elastic Compute Cloud

2020/04/16 - Amazon Elastic Compute Cloud - 3 updated api methods

Changes  Amazon EC2 now supports adding AWS resource tags for placement groups and key pairs, at creation time. The CreatePlacementGroup API will now return placement group information when created successfully. The DeleteKeyPair API now supports deletion by resource ID.

CreateKeyPair (updated) Link ¶
Changes (response) 
{'Tags': [{'Key': 'string', 'Value': 'string'}]}

Creates a 2048-bit RSA key pair with the specified name. Amazon EC2 stores the public key and displays the private key for you to save to a file. The private key is returned as an unencrypted PEM encoded PKCS#1 private key. If a key with the specified name already exists, Amazon EC2 returns an error.

You can have up to five thousand key pairs per Region.

The key pair returned to you is available only in the Region in which you create it. If you prefer, you can create your own key pair using a third-party tool and upload it to any Region using ImportKeyPair.

For more information, see Key Pairs in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

client.create_key_pair(
    KeyName='string',
    DryRun=True|False,
    TagSpecifications=[
        {
            'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'elastic-ip'|'fleet'|'fpga-image'|'host-reservation'|'image'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'natgateway'|'network-acl'|'network-interface'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ]
)
type KeyName

string

param KeyName

[REQUIRED]

A unique name for the key pair.

Constraints: Up to 255 ASCII characters

type DryRun

boolean

param DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .

type TagSpecifications

list

param TagSpecifications

The tags to apply to the new key pair.

  • (dict) --

    The tags to apply to a resource when the resource is being created.

    • ResourceType (string) --

      The type of resource to tag. Currently, the resource types that support tagging on creation are: capacity-reservation | client-vpn-endpoint | dedicated-host | fleet | fpga-image | instance | key-pair | launch-template | | natgateway | spot-fleet-request | placement-group | snapshot | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target | transit-gateway | transit-gateway-attachment | transit-gateway-route-table | vpc-endpoint (for interface VPC endpoints)| vpc-endpoint-service (for gateway VPC endpoints) | volume | vpc-flow-log .

      To tag a resource after it has been created, see CreateTags.

    • Tags (list) --

      The tags to apply to the resource.

      • (dict) --

        Describes a tag.

        • Key (string) --

          The key of the tag.

          Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .

        • Value (string) --

          The value of the tag.

          Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

rtype

dict

returns

Response Syntax

{
    'KeyFingerprint': 'string',
    'KeyMaterial': 'string',
    'KeyName': 'string',
    'KeyPairId': 'string',
    'Tags': [
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Describes a key pair.

    • KeyFingerprint (string) --

      The SHA-1 digest of the DER encoded private key.

    • KeyMaterial (string) --

      An unencrypted PEM encoded RSA private key.

    • KeyName (string) --

      The name of the key pair.

    • KeyPairId (string) --

      The ID of the key pair.

    • Tags (list) --

      Any tags applied to the key pair.

      • (dict) --

        Describes a tag.

        • Key (string) --

          The key of the tag.

          Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .

        • Value (string) --

          The value of the tag.

          Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

DeleteKeyPair (updated) Link ¶
Changes (request) 
{'KeyPairId': 'string'}

Deletes the specified key pair, by removing the public key from Amazon EC2.

See also: AWS API Documentation

Request Syntax

client.delete_key_pair(
    KeyName='string',
    KeyPairId='string',
    DryRun=True|False
)
type KeyName

string

param KeyName

The name of the key pair.

type KeyPairId

string

param KeyPairId

The ID of the key pair.

type DryRun

boolean

param DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .

returns

None

ImportKeyPair (updated) Link ¶
Changes (response) 
{'KeyPairId': 'string', 'Tags': [{'Key': 'string', 'Value': 'string'}]}

Imports the public key from an RSA key pair that you created with a third-party tool. Compare this with CreateKeyPair, in which AWS creates the key pair and gives the keys to you (AWS keeps a copy of the public key). With ImportKeyPair, you create the key pair and give AWS just the public key. The private key is never transferred between you and AWS.

For more information about key pairs, see Key Pairs in the Amazon Elastic Compute Cloud User Guide .

See also: AWS API Documentation

Request Syntax

client.import_key_pair(
    DryRun=True|False,
    KeyName='string',
    PublicKeyMaterial=b'bytes',
    TagSpecifications=[
        {
            'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'elastic-ip'|'fleet'|'fpga-image'|'host-reservation'|'image'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'natgateway'|'network-acl'|'network-interface'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ]
)
type DryRun

boolean

param DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .

type KeyName

string

param KeyName

[REQUIRED]

A unique name for the key pair.

type PublicKeyMaterial

bytes

param PublicKeyMaterial

[REQUIRED]

The public key. For API calls, the text must be base64-encoded. For command line tools, base64 encoding is performed for you.

type TagSpecifications

list

param TagSpecifications

The tags to apply to the imported key pair.

  • (dict) --

    The tags to apply to a resource when the resource is being created.

    • ResourceType (string) --

      The type of resource to tag. Currently, the resource types that support tagging on creation are: capacity-reservation | client-vpn-endpoint | dedicated-host | fleet | fpga-image | instance | key-pair | launch-template | | natgateway | spot-fleet-request | placement-group | snapshot | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target | transit-gateway | transit-gateway-attachment | transit-gateway-route-table | vpc-endpoint (for interface VPC endpoints)| vpc-endpoint-service (for gateway VPC endpoints) | volume | vpc-flow-log .

      To tag a resource after it has been created, see CreateTags.

    • Tags (list) --

      The tags to apply to the resource.

      • (dict) --

        Describes a tag.

        • Key (string) --

          The key of the tag.

          Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .

        • Value (string) --

          The value of the tag.

          Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

rtype

dict

returns

Response Syntax

{
    'KeyFingerprint': 'string',
    'KeyName': 'string',
    'KeyPairId': 'string',
    'Tags': [
        {
            'Key': 'string',
            'Value': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    • KeyFingerprint (string) --

      The MD5 public key fingerprint as specified in section 4 of RFC 4716.

    • KeyName (string) --

      The key pair name you provided.

    • KeyPairId (string) --

      The ID of the resulting key pair.

    • Tags (list) --

      The tags applied to the imported key pair.

      • (dict) --

        Describes a tag.

        • Key (string) --

          The key of the tag.

          Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .

        • Value (string) --

          The value of the tag.

          Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.