Amazon Elastic Compute Cloud

2019/05/22 - Amazon Elastic Compute Cloud - 3 updated api methods

Changes  Update ec2 client to latest version

AssociateClientVpnTargetNetwork (updated) Link ¶
Changes (request)
{'ClientToken': 'string'}

Associates a target network with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. You can associate only one subnet in each Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy.

See also: AWS API Documentation

Request Syntax

client.associate_client_vpn_target_network(
    ClientVpnEndpointId='string',
    SubnetId='string',
    ClientToken='string',
    DryRun=True|False
)
type ClientVpnEndpointId:

string

param ClientVpnEndpointId:

[REQUIRED]

The ID of the Client VPN endpoint.

type SubnetId:

string

param SubnetId:

[REQUIRED]

The ID of the subnet to associate with the Client VPN endpoint.

type ClientToken:

string

param ClientToken:

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.

This field is autopopulated if not provided.

type DryRun:

boolean

param DryRun:

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

rtype:

dict

returns:

Response Syntax

{
    'AssociationId': 'string',
    'Status': {
        'Code': 'associating'|'associated'|'association-failed'|'disassociating'|'disassociated',
        'Message': 'string'
    }
}

Response Structure

  • (dict) --

    • AssociationId (string) --

      The unique ID of the target network association.

    • Status (dict) --

      The current state of the target network association.

      • Code (string) --

        The state of the target network association.

      • Message (string) --

        A message about the status of the target network association, if applicable.

AuthorizeClientVpnIngress (updated) Link ¶
Changes (request)
{'ClientToken': 'string'}

Adds an ingress authorization rule to a Client VPN endpoint. Ingress authorization rules act as firewall rules that grant access to networks. You must configure ingress authorization rules to enable clients to access resources in AWS or on-premises networks.

See also: AWS API Documentation

Request Syntax

client.authorize_client_vpn_ingress(
    ClientVpnEndpointId='string',
    TargetNetworkCidr='string',
    AccessGroupId='string',
    AuthorizeAllGroups=True|False,
    Description='string',
    ClientToken='string',
    DryRun=True|False
)
type ClientVpnEndpointId:

string

param ClientVpnEndpointId:

[REQUIRED]

The ID of the Client VPN endpoint.

type TargetNetworkCidr:

string

param TargetNetworkCidr:

[REQUIRED]

The IPv4 address range, in CIDR notation, of the network for which access is being authorized.

type AccessGroupId:

string

param AccessGroupId:

The ID of the Active Directory group to grant access.

type AuthorizeAllGroups:

boolean

param AuthorizeAllGroups:

Indicates whether to grant access to all clients. Use true to grant all clients who successfully establish a VPN connection access to the network.

type Description:

string

param Description:

A brief description of the authorization rule.

type ClientToken:

string

param ClientToken:

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.

This field is autopopulated if not provided.

type DryRun:

boolean

param DryRun:

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

rtype:

dict

returns:

Response Syntax

{
    'Status': {
        'Code': 'authorizing'|'active'|'failed'|'revoking',
        'Message': 'string'
    }
}

Response Structure

  • (dict) --

    • Status (dict) --

      The current state of the authorization rule.

      • Code (string) --

        The state of the authorization rule.

      • Message (string) --

        A message about the status of the authorization rule, if applicable.

CreateClientVpnRoute (updated) Link ¶
Changes (request)
{'ClientToken': 'string'}

Adds a route to a network to a Client VPN endpoint. Each Client VPN endpoint has a route table that describes the available destination network routes. Each route in the route table specifies the path for traffic to specific resources or networks.

See also: AWS API Documentation

Request Syntax

client.create_client_vpn_route(
    ClientVpnEndpointId='string',
    DestinationCidrBlock='string',
    TargetVpcSubnetId='string',
    Description='string',
    ClientToken='string',
    DryRun=True|False
)
type ClientVpnEndpointId:

string

param ClientVpnEndpointId:

[REQUIRED]

The ID of the Client VPN endpoint to which to add the route.

type DestinationCidrBlock:

string

param DestinationCidrBlock:

[REQUIRED]

The IPv4 address range, in CIDR notation, of the route destination. For example:

  • To add a route for Internet access, enter 0.0.0.0/0

  • To add a route for a peered VPC, enter the peered VPC's IPv4 CIDR range

  • To add a route for an on-premises network, enter the AWS Site-to-Site VPN connection's IPv4 CIDR range

Route address ranges cannot overlap with the CIDR range specified for client allocation.

type TargetVpcSubnetId:

string

param TargetVpcSubnetId:

[REQUIRED]

The ID of the subnet through which you want to route traffic. The specified subnet must be an existing target network of the Client VPN endpoint.

type Description:

string

param Description:

A brief description of the route.

type ClientToken:

string

param ClientToken:

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see How to Ensure Idempotency.

This field is autopopulated if not provided.

type DryRun:

boolean

param DryRun:

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

rtype:

dict

returns:

Response Syntax

{
    'Status': {
        'Code': 'creating'|'active'|'failed'|'deleting',
        'Message': 'string'
    }
}

Response Structure

  • (dict) --

    • Status (dict) --

      The current state of the route.

      • Code (string) --

        The state of the Client VPN endpoint route.

      • Message (string) --

        A message about the status of the Client VPN endpoint route, if applicable.