2023/08/21 - FinSpace User Environment Management service - 5 updated api methods
Changes Allow customers to manage outbound traffic from their Kx Environment when attaching a transit gateway by providing network acl entries. Allow the customer to choose how they want to update the databases on a cluster allowing updates to possibly be faster than usual.
{'transitGatewayConfiguration': {'attachmentNetworkAclConfiguration': [{'cidrBlock': 'string',
'icmpTypeCode': {'code': 'integer',
'type': 'integer'},
'portRange': {'from': 'integer',
'to': 'integer'},
'protocol': 'string',
'ruleAction': 'allow '
'| '
'deny',
'ruleNumber': 'integer'}]}}
Retrieves all the information for the specified kdb environment.
See also: AWS API Documentation
Request Syntax
client.get_kx_environment(
environmentId='string'
)
string
[REQUIRED]
A unique identifier for the kdb environment.
dict
Response Syntax
{
'name': 'string',
'environmentId': 'string',
'awsAccountId': 'string',
'status': 'CREATE_REQUESTED'|'CREATING'|'CREATED'|'DELETE_REQUESTED'|'DELETING'|'DELETED'|'FAILED_CREATION'|'RETRY_DELETION'|'FAILED_DELETION'|'UPDATE_NETWORK_REQUESTED'|'UPDATING_NETWORK'|'FAILED_UPDATING_NETWORK'|'SUSPENDED',
'tgwStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED',
'dnsStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED',
'errorMessage': 'string',
'description': 'string',
'environmentArn': 'string',
'kmsKeyId': 'string',
'dedicatedServiceAccountId': 'string',
'transitGatewayConfiguration': {
'transitGatewayID': 'string',
'routableCIDRSpace': 'string',
'attachmentNetworkAclConfiguration': [
{
'ruleNumber': 123,
'protocol': 'string',
'ruleAction': 'allow'|'deny',
'portRange': {
'from': 123,
'to': 123
},
'icmpTypeCode': {
'type': 123,
'code': 123
},
'cidrBlock': 'string'
},
]
},
'customDNSConfiguration': [
{
'customDNSServerName': 'string',
'customDNSServerIP': 'string'
},
],
'creationTimestamp': datetime(2015, 1, 1),
'updateTimestamp': datetime(2015, 1, 1),
'availabilityZoneIds': [
'string',
],
'certificateAuthorityArn': 'string'
}
Response Structure
(dict) --
name (string) --
The name of the kdb environment.
environmentId (string) --
A unique identifier for the kdb environment.
awsAccountId (string) --
The unique identifier of the AWS account that is used to create the kdb environment.
status (string) --
The status of the kdb environment.
tgwStatus (string) --
The status of the network configuration.
dnsStatus (string) --
The status of DNS configuration.
errorMessage (string) --
Specifies the error message that appears if a flow fails.
description (string) --
A description for the kdb environment.
environmentArn (string) --
The ARN identifier of the environment.
kmsKeyId (string) --
The KMS key ID to encrypt your data in the FinSpace environment.
dedicatedServiceAccountId (string) --
A unique identifier for the AWS environment infrastructure account.
transitGatewayConfiguration (dict) --
The structure of the transit gateway and network configuration that is used to connect the kdb environment to an internal network.
transitGatewayID (string) --
The identifier of the transit gateway created by the customer to connect outbound traffics from kdb network to your internal network.
routableCIDRSpace (string) --
The routing CIDR on behalf of kdb environment. It could be any "/26 range in the 100.64.0.0 CIDR space. After providing, it will be added to the customer's transit gateway routing table so that the traffics could be routed to kdb network.
attachmentNetworkAclConfiguration (list) --
The rules that define how you manage the outbound traffic from kdb network to your internal network.
(dict) --
The network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. The entry is a set of numbered ingress and egress rules that determine whether a packet should be allowed in or out of a subnet associated with the ACL. We process the entries in the ACL according to the rule numbers, in ascending order.
ruleNumber (integer) --
The rule number for the entry. For example 100. All the network ACL entries are processed in ascending order by rule number.
protocol (string) --
The protocol number. A value of -1 means all the protocols.
ruleAction (string) --
Indicates whether to allow or deny the traffic that matches the rule.
portRange (dict) --
The range of ports the rule applies to.
from (integer) --
The first port in the range.
to (integer) --
The last port in the range.
icmpTypeCode (dict) --
Defines the ICMP protocol that consists of the ICMP type and code.
type (integer) --
The ICMP type. A value of -1 means all types.
code (integer) --
The ICMP code. A value of -1 means all codes for the specified ICMP type.
cidrBlock (string) --
The IPv4 network range to allow or deny, in CIDR notation. For example, 172.16.0.0/24. We modify the specified CIDR block to its canonical form. For example, if you specify 100.68.0.18/18, we modify it to 100.68.0.0/18.
customDNSConfiguration (list) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
(dict) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
customDNSServerName (string) --
The name of the DNS server.
customDNSServerIP (string) --
The IP address of the DNS server.
creationTimestamp (datetime) --
The timestamp at which the kdb environment was created in FinSpace.
updateTimestamp (datetime) --
The timestamp at which the kdb environment was updated.
availabilityZoneIds (list) --
The identifier of the availability zones where subnets for the environment are created.
(string) --
certificateAuthorityArn (string) --
The Amazon Resource Name (ARN) of the certificate authority of the kdb environment.
{'environments': {'transitGatewayConfiguration': {'attachmentNetworkAclConfiguration': [{'cidrBlock': 'string',
'icmpTypeCode': {'code': 'integer',
'type': 'integer'},
'portRange': {'from': 'integer',
'to': 'integer'},
'protocol': 'string',
'ruleAction': 'allow '
'| '
'deny',
'ruleNumber': 'integer'}]}}}
Returns a list of kdb environments created in an account.
See also: AWS API Documentation
Request Syntax
client.list_kx_environments(
nextToken='string',
maxResults=123
)
string
A token that indicates where a results page should begin.
integer
The maximum number of results to return in this request.
dict
Response Syntax
{
'environments': [
{
'name': 'string',
'environmentId': 'string',
'awsAccountId': 'string',
'status': 'CREATE_REQUESTED'|'CREATING'|'CREATED'|'DELETE_REQUESTED'|'DELETING'|'DELETED'|'FAILED_CREATION'|'RETRY_DELETION'|'FAILED_DELETION'|'UPDATE_NETWORK_REQUESTED'|'UPDATING_NETWORK'|'FAILED_UPDATING_NETWORK'|'SUSPENDED',
'tgwStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED',
'dnsStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED',
'errorMessage': 'string',
'description': 'string',
'environmentArn': 'string',
'kmsKeyId': 'string',
'dedicatedServiceAccountId': 'string',
'transitGatewayConfiguration': {
'transitGatewayID': 'string',
'routableCIDRSpace': 'string',
'attachmentNetworkAclConfiguration': [
{
'ruleNumber': 123,
'protocol': 'string',
'ruleAction': 'allow'|'deny',
'portRange': {
'from': 123,
'to': 123
},
'icmpTypeCode': {
'type': 123,
'code': 123
},
'cidrBlock': 'string'
},
]
},
'customDNSConfiguration': [
{
'customDNSServerName': 'string',
'customDNSServerIP': 'string'
},
],
'creationTimestamp': datetime(2015, 1, 1),
'updateTimestamp': datetime(2015, 1, 1),
'availabilityZoneIds': [
'string',
],
'certificateAuthorityArn': 'string'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
environments (list) --
A list of environments in an account.
(dict) --
The details of a kdb environment.
name (string) --
The name of the kdb environment.
environmentId (string) --
A unique identifier for the kdb environment.
awsAccountId (string) --
The unique identifier of the AWS account in which you create the kdb environment.
status (string) --
The status of the environment creation.
CREATE_REQUESTED – Environment creation has been requested.
CREATING – Environment is in the process of being created.
FAILED_CREATION – Environment creation has failed.
CREATED – Environment is successfully created and is currently active.
DELETE REQUESTED – Environment deletion has been requested.
DELETING – Environment is in the process of being deleted.
RETRY_DELETION – Initial environment deletion failed, system is reattempting delete.
DELETED – Environment has been deleted.
FAILED_DELETION – Environment deletion has failed.
tgwStatus (string) --
The status of the network configuration.
dnsStatus (string) --
The status of DNS configuration.
errorMessage (string) --
Specifies the error message that appears if a flow fails.
description (string) --
A description of the kdb environment.
environmentArn (string) --
The Amazon Resource Name (ARN) of your kdb environment.
kmsKeyId (string) --
The unique identifier of the KMS key.
dedicatedServiceAccountId (string) --
A unique identifier for the AWS environment infrastructure account.
transitGatewayConfiguration (dict) --
Specifies the transit gateway and network configuration to connect the kdb environment to an internal network.
transitGatewayID (string) --
The identifier of the transit gateway created by the customer to connect outbound traffics from kdb network to your internal network.
routableCIDRSpace (string) --
The routing CIDR on behalf of kdb environment. It could be any "/26 range in the 100.64.0.0 CIDR space. After providing, it will be added to the customer's transit gateway routing table so that the traffics could be routed to kdb network.
attachmentNetworkAclConfiguration (list) --
The rules that define how you manage the outbound traffic from kdb network to your internal network.
(dict) --
The network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. The entry is a set of numbered ingress and egress rules that determine whether a packet should be allowed in or out of a subnet associated with the ACL. We process the entries in the ACL according to the rule numbers, in ascending order.
ruleNumber (integer) --
The rule number for the entry. For example 100. All the network ACL entries are processed in ascending order by rule number.
protocol (string) --
The protocol number. A value of -1 means all the protocols.
ruleAction (string) --
Indicates whether to allow or deny the traffic that matches the rule.
portRange (dict) --
The range of ports the rule applies to.
from (integer) --
The first port in the range.
to (integer) --
The last port in the range.
icmpTypeCode (dict) --
Defines the ICMP protocol that consists of the ICMP type and code.
type (integer) --
The ICMP type. A value of -1 means all types.
code (integer) --
The ICMP code. A value of -1 means all codes for the specified ICMP type.
cidrBlock (string) --
The IPv4 network range to allow or deny, in CIDR notation. For example, 172.16.0.0/24. We modify the specified CIDR block to its canonical form. For example, if you specify 100.68.0.18/18, we modify it to 100.68.0.0/18.
customDNSConfiguration (list) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
(dict) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
customDNSServerName (string) --
The name of the DNS server.
customDNSServerIP (string) --
The IP address of the DNS server.
creationTimestamp (datetime) --
The timestamp at which the kdb environment was created in FinSpace. The value is determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.
updateTimestamp (datetime) --
The timestamp at which the kdb environment was modified in FinSpace. The value is determined as epoch time in milliseconds. For example, the value for Monday, November 1, 2021 12:00:00 PM UTC is specified as 1635768000000.
availabilityZoneIds (list) --
The identifier of the availability zones where subnets for the environment are created.
(string) --
certificateAuthorityArn (string) --
The Amazon Resource Name (ARN) of the certificate authority:
nextToken (string) --
A token that indicates where a results page should begin.
{'deploymentConfiguration': {'deploymentStrategy': 'NO_RESTART | ROLLING'}}
Updates the databases mounted on a kdb cluster, which includes the changesetId and all the dbPaths to be cached. This API does not allow you to change a database name or add a database if you created a cluster without one.
Using this API you can point a cluster to a different changeset and modify a list of partitions being cached.
See also: AWS API Documentation
Request Syntax
client.update_kx_cluster_databases(
environmentId='string',
clusterName='string',
clientToken='string',
databases=[
{
'databaseName': 'string',
'cacheConfigurations': [
{
'cacheType': 'string',
'dbPaths': [
'string',
]
},
],
'changesetId': 'string'
},
],
deploymentConfiguration={
'deploymentStrategy': 'NO_RESTART'|'ROLLING'
}
)
string
[REQUIRED]
The unique identifier of a kdb environment.
string
[REQUIRED]
A unique name for the cluster that you want to modify.
string
A token that ensures idempotency. This token expires in 10 minutes.
This field is autopopulated if not provided.
list
[REQUIRED]
The structure of databases mounted on the cluster.
(dict) --
The configuration of data that is available for querying from this database.
databaseName (string) -- [REQUIRED]
The name of the kdb database. When this parameter is specified in the structure, S3 with the whole database is included by default.
cacheConfigurations (list) --
Configuration details for the disk cache used to increase performance reading from a kdb database mounted to the cluster.
(dict) --
The structure of database cache configuration that is used for mapping database paths to cache types in clusters.
cacheType (string) -- [REQUIRED]
The type of disk cache. This parameter is used to map the database path to cache storage. The valid values are:
CACHE_1000 – This type provides at least 1000 MB/s disk access throughput.
dbPaths (list) -- [REQUIRED]
Specifies the portions of database that will be loaded into the cache for access.
(string) --
changesetId (string) --
A unique identifier of the changeset that is associated with the cluster.
dict
The configuration that allows you to choose how you want to update the databases on a cluster.
deploymentStrategy (string) -- [REQUIRED]
The type of deployment that you want on a cluster.
ROLLING – This options loads the updated database by stopping the exiting q process and starting a new q process with updated configuration.
NO_RESTART – This option loads the updated database on the running q process without stopping it. This option is quicker as it reduces the turn around time to update a kdb database changeset configuration on a cluster.
dict
Response Syntax
{}
Response Structure
(dict) --
{'transitGatewayConfiguration': {'attachmentNetworkAclConfiguration': [{'cidrBlock': 'string',
'icmpTypeCode': {'code': 'integer',
'type': 'integer'},
'portRange': {'from': 'integer',
'to': 'integer'},
'protocol': 'string',
'ruleAction': 'allow '
'| '
'deny',
'ruleNumber': 'integer'}]}}
Updates information for the given kdb environment.
See also: AWS API Documentation
Request Syntax
client.update_kx_environment(
environmentId='string',
name='string',
description='string',
clientToken='string'
)
string
[REQUIRED]
A unique identifier for the kdb environment.
string
The name of the kdb environment.
string
A description of the kdb environment.
string
A token that ensures idempotency. This token expires in 10 minutes.
dict
Response Syntax
{
'name': 'string',
'environmentId': 'string',
'awsAccountId': 'string',
'status': 'CREATE_REQUESTED'|'CREATING'|'CREATED'|'DELETE_REQUESTED'|'DELETING'|'DELETED'|'FAILED_CREATION'|'RETRY_DELETION'|'FAILED_DELETION'|'UPDATE_NETWORK_REQUESTED'|'UPDATING_NETWORK'|'FAILED_UPDATING_NETWORK'|'SUSPENDED',
'tgwStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED',
'dnsStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED',
'errorMessage': 'string',
'description': 'string',
'environmentArn': 'string',
'kmsKeyId': 'string',
'dedicatedServiceAccountId': 'string',
'transitGatewayConfiguration': {
'transitGatewayID': 'string',
'routableCIDRSpace': 'string',
'attachmentNetworkAclConfiguration': [
{
'ruleNumber': 123,
'protocol': 'string',
'ruleAction': 'allow'|'deny',
'portRange': {
'from': 123,
'to': 123
},
'icmpTypeCode': {
'type': 123,
'code': 123
},
'cidrBlock': 'string'
},
]
},
'customDNSConfiguration': [
{
'customDNSServerName': 'string',
'customDNSServerIP': 'string'
},
],
'creationTimestamp': datetime(2015, 1, 1),
'updateTimestamp': datetime(2015, 1, 1),
'availabilityZoneIds': [
'string',
]
}
Response Structure
(dict) --
name (string) --
The name of the kdb environment.
environmentId (string) --
A unique identifier for the kdb environment.
awsAccountId (string) --
The unique identifier of the AWS account that is used to create the kdb environment.
status (string) --
The status of the kdb environment.
tgwStatus (string) --
The status of the network configuration.
dnsStatus (string) --
The status of DNS configuration.
errorMessage (string) --
Specifies the error message that appears if a flow fails.
description (string) --
The description of the environment.
environmentArn (string) --
The ARN identifier of the environment.
kmsKeyId (string) --
The KMS key ID to encrypt your data in the FinSpace environment.
dedicatedServiceAccountId (string) --
A unique identifier for the AWS environment infrastructure account.
transitGatewayConfiguration (dict) --
The structure of the transit gateway and network configuration that is used to connect the kdb environment to an internal network.
transitGatewayID (string) --
The identifier of the transit gateway created by the customer to connect outbound traffics from kdb network to your internal network.
routableCIDRSpace (string) --
The routing CIDR on behalf of kdb environment. It could be any "/26 range in the 100.64.0.0 CIDR space. After providing, it will be added to the customer's transit gateway routing table so that the traffics could be routed to kdb network.
attachmentNetworkAclConfiguration (list) --
The rules that define how you manage the outbound traffic from kdb network to your internal network.
(dict) --
The network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. The entry is a set of numbered ingress and egress rules that determine whether a packet should be allowed in or out of a subnet associated with the ACL. We process the entries in the ACL according to the rule numbers, in ascending order.
ruleNumber (integer) --
The rule number for the entry. For example 100. All the network ACL entries are processed in ascending order by rule number.
protocol (string) --
The protocol number. A value of -1 means all the protocols.
ruleAction (string) --
Indicates whether to allow or deny the traffic that matches the rule.
portRange (dict) --
The range of ports the rule applies to.
from (integer) --
The first port in the range.
to (integer) --
The last port in the range.
icmpTypeCode (dict) --
Defines the ICMP protocol that consists of the ICMP type and code.
type (integer) --
The ICMP type. A value of -1 means all types.
code (integer) --
The ICMP code. A value of -1 means all codes for the specified ICMP type.
cidrBlock (string) --
The IPv4 network range to allow or deny, in CIDR notation. For example, 172.16.0.0/24. We modify the specified CIDR block to its canonical form. For example, if you specify 100.68.0.18/18, we modify it to 100.68.0.0/18.
customDNSConfiguration (list) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
(dict) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
customDNSServerName (string) --
The name of the DNS server.
customDNSServerIP (string) --
The IP address of the DNS server.
creationTimestamp (datetime) --
The timestamp at which the kdb environment was created in FinSpace.
updateTimestamp (datetime) --
The timestamp at which the kdb environment was updated.
availabilityZoneIds (list) --
The identifier of the availability zones where subnets for the environment are created.
(string) --
{'transitGatewayConfiguration': {'attachmentNetworkAclConfiguration': [{'cidrBlock': 'string',
'icmpTypeCode': {'code': 'integer',
'type': 'integer'},
'portRange': {'from': 'integer',
'to': 'integer'},
'protocol': 'string',
'ruleAction': 'allow '
'| '
'deny',
'ruleNumber': 'integer'}]}}
Updates environment network to connect to your internal network by using a transit gateway. This API supports request to create a transit gateway attachment from FinSpace VPC to your transit gateway ID and create a custom Route-53 outbound resolvers.
Once you send a request to update a network, you cannot change it again. Network update might require termination of any clusters that are running in the existing network.
See also: AWS API Documentation
Request Syntax
client.update_kx_environment_network(
environmentId='string',
transitGatewayConfiguration={
'transitGatewayID': 'string',
'routableCIDRSpace': 'string',
'attachmentNetworkAclConfiguration': [
{
'ruleNumber': 123,
'protocol': 'string',
'ruleAction': 'allow'|'deny',
'portRange': {
'from': 123,
'to': 123
},
'icmpTypeCode': {
'type': 123,
'code': 123
},
'cidrBlock': 'string'
},
]
},
customDNSConfiguration=[
{
'customDNSServerName': 'string',
'customDNSServerIP': 'string'
},
],
clientToken='string'
)
string
[REQUIRED]
A unique identifier for the kdb environment.
dict
Specifies the transit gateway and network configuration to connect the kdb environment to an internal network.
transitGatewayID (string) -- [REQUIRED]
The identifier of the transit gateway created by the customer to connect outbound traffics from kdb network to your internal network.
routableCIDRSpace (string) -- [REQUIRED]
The routing CIDR on behalf of kdb environment. It could be any "/26 range in the 100.64.0.0 CIDR space. After providing, it will be added to the customer's transit gateway routing table so that the traffics could be routed to kdb network.
attachmentNetworkAclConfiguration (list) --
The rules that define how you manage the outbound traffic from kdb network to your internal network.
(dict) --
The network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. The entry is a set of numbered ingress and egress rules that determine whether a packet should be allowed in or out of a subnet associated with the ACL. We process the entries in the ACL according to the rule numbers, in ascending order.
ruleNumber (integer) -- [REQUIRED]
The rule number for the entry. For example 100. All the network ACL entries are processed in ascending order by rule number.
protocol (string) -- [REQUIRED]
The protocol number. A value of -1 means all the protocols.
ruleAction (string) -- [REQUIRED]
Indicates whether to allow or deny the traffic that matches the rule.
portRange (dict) --
The range of ports the rule applies to.
from (integer) -- [REQUIRED]
The first port in the range.
to (integer) -- [REQUIRED]
The last port in the range.
icmpTypeCode (dict) --
Defines the ICMP protocol that consists of the ICMP type and code.
type (integer) -- [REQUIRED]
The ICMP type. A value of -1 means all types.
code (integer) -- [REQUIRED]
The ICMP code. A value of -1 means all codes for the specified ICMP type.
cidrBlock (string) -- [REQUIRED]
The IPv4 network range to allow or deny, in CIDR notation. For example, 172.16.0.0/24. We modify the specified CIDR block to its canonical form. For example, if you specify 100.68.0.18/18, we modify it to 100.68.0.0/18.
list
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
(dict) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
customDNSServerName (string) -- [REQUIRED]
The name of the DNS server.
customDNSServerIP (string) -- [REQUIRED]
The IP address of the DNS server.
string
A token that ensures idempotency. This token expires in 10 minutes.
dict
Response Syntax
{
'name': 'string',
'environmentId': 'string',
'awsAccountId': 'string',
'status': 'CREATE_REQUESTED'|'CREATING'|'CREATED'|'DELETE_REQUESTED'|'DELETING'|'DELETED'|'FAILED_CREATION'|'RETRY_DELETION'|'FAILED_DELETION'|'UPDATE_NETWORK_REQUESTED'|'UPDATING_NETWORK'|'FAILED_UPDATING_NETWORK'|'SUSPENDED',
'tgwStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED',
'dnsStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED',
'errorMessage': 'string',
'description': 'string',
'environmentArn': 'string',
'kmsKeyId': 'string',
'dedicatedServiceAccountId': 'string',
'transitGatewayConfiguration': {
'transitGatewayID': 'string',
'routableCIDRSpace': 'string',
'attachmentNetworkAclConfiguration': [
{
'ruleNumber': 123,
'protocol': 'string',
'ruleAction': 'allow'|'deny',
'portRange': {
'from': 123,
'to': 123
},
'icmpTypeCode': {
'type': 123,
'code': 123
},
'cidrBlock': 'string'
},
]
},
'customDNSConfiguration': [
{
'customDNSServerName': 'string',
'customDNSServerIP': 'string'
},
],
'creationTimestamp': datetime(2015, 1, 1),
'updateTimestamp': datetime(2015, 1, 1),
'availabilityZoneIds': [
'string',
]
}
Response Structure
(dict) --
name (string) --
The name of the kdb environment.
environmentId (string) --
A unique identifier for the kdb environment.
awsAccountId (string) --
The unique identifier of the AWS account that is used to create the kdb environment.
status (string) --
The status of the kdb environment.
tgwStatus (string) --
The status of the network configuration.
dnsStatus (string) --
The status of DNS configuration.
errorMessage (string) --
Specifies the error message that appears if a flow fails.
description (string) --
The description of the environment.
environmentArn (string) --
The ARN identifier of the environment.
kmsKeyId (string) --
The KMS key ID to encrypt your data in the FinSpace environment.
dedicatedServiceAccountId (string) --
A unique identifier for the AWS environment infrastructure account.
transitGatewayConfiguration (dict) --
The structure of the transit gateway and network configuration that is used to connect the kdb environment to an internal network.
transitGatewayID (string) --
The identifier of the transit gateway created by the customer to connect outbound traffics from kdb network to your internal network.
routableCIDRSpace (string) --
The routing CIDR on behalf of kdb environment. It could be any "/26 range in the 100.64.0.0 CIDR space. After providing, it will be added to the customer's transit gateway routing table so that the traffics could be routed to kdb network.
attachmentNetworkAclConfiguration (list) --
The rules that define how you manage the outbound traffic from kdb network to your internal network.
(dict) --
The network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. The entry is a set of numbered ingress and egress rules that determine whether a packet should be allowed in or out of a subnet associated with the ACL. We process the entries in the ACL according to the rule numbers, in ascending order.
ruleNumber (integer) --
The rule number for the entry. For example 100. All the network ACL entries are processed in ascending order by rule number.
protocol (string) --
The protocol number. A value of -1 means all the protocols.
ruleAction (string) --
Indicates whether to allow or deny the traffic that matches the rule.
portRange (dict) --
The range of ports the rule applies to.
from (integer) --
The first port in the range.
to (integer) --
The last port in the range.
icmpTypeCode (dict) --
Defines the ICMP protocol that consists of the ICMP type and code.
type (integer) --
The ICMP type. A value of -1 means all types.
code (integer) --
The ICMP code. A value of -1 means all codes for the specified ICMP type.
cidrBlock (string) --
The IPv4 network range to allow or deny, in CIDR notation. For example, 172.16.0.0/24. We modify the specified CIDR block to its canonical form. For example, if you specify 100.68.0.18/18, we modify it to 100.68.0.0/18.
customDNSConfiguration (list) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
(dict) --
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
customDNSServerName (string) --
The name of the DNS server.
customDNSServerIP (string) --
The IP address of the DNS server.
creationTimestamp (datetime) --
The timestamp at which the kdb environment was created in FinSpace.
updateTimestamp (datetime) --
The timestamp at which the kdb environment was updated.
availabilityZoneIds (list) --
The identifier of the availability zones where subnets for the environment are created.
(string) --