2024/03/25 - AWS Global Accelerator - 5 updated api methods
Changes AWS Global Accelerator now supports cross-account sharing for bring your own IP addresses.
{'Resources': {'Cidr': 'string'}}Response
{'CrossAccountAttachment': {'Resources': {'Cidr': 'string'}}}
Create a cross-account attachment in Global Accelerator. You create a cross-account attachment to specify the principals who have permission to work with resources in accelerators in their own account. You specify, in the same attachment, the resources that are shared.
A principal can be an Amazon Web Services account number or the Amazon Resource Name (ARN) for an accelerator. For account numbers that are listed as principals, to work with a resource listed in the attachment, you must sign in to an account specified as a principal. Then, you can work with resources that are listed, with any of your accelerators. If an accelerator ARN is listed in the cross-account attachment as a principal, anyone with permission to make updates to the accelerator can work with resources that are listed in the attachment.
Specify each principal and resource separately. To specify two CIDR address pools, list them individually under Resources, and so on. For a command line operation, for example, you might use a statement like the following:
"Resources": [{"Cidr": "169.254.60.0/24"},{"Cidr": "169.254.59.0/24"}]
For more information, see Working with cross-account attachments and resources in Global Accelerator in the Global Accelerator Developer Guide.
See also: AWS API Documentation
Request Syntax
client.create_cross_account_attachment( Name='string', Principals=[ 'string', ], Resources=[ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ], IdempotencyToken='string', Tags=[ { 'Key': 'string', 'Value': 'string' }, ] )
string
[REQUIRED]
The name of the cross-account attachment.
list
The principals to include in the cross-account attachment. A principal can be an Amazon Web Services account number or the Amazon Resource Name (ARN) for an accelerator.
(string) --
list
The Amazon Resource Names (ARNs) for the resources to include in the cross-account attachment. A resource can be any supported Amazon Web Services resource type for Global Accelerator or a CIDR range for a bring your own IP address (BYOIP) address pool.
(dict) --
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) --
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) --
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) --
The Amazon Web Services Region where a shared endpoint resource is located.
string
[REQUIRED]
A unique, case-sensitive identifier that you provide to ensure the idempotency—that is, the uniqueness—of the request.
This field is autopopulated if not provided.
list
Add tags for a cross-account attachment.
For more information, see Tagging in Global Accelerator in the Global Accelerator Developer Guide.
(dict) --
A complex type that contains a Tag key and Tag value.
Key (string) -- [REQUIRED]
A string that contains a Tag key.
Value (string) -- [REQUIRED]
A string that contains a Tag value.
dict
Response Syntax
{ 'CrossAccountAttachment': { 'AttachmentArn': 'string', 'Name': 'string', 'Principals': [ 'string', ], 'Resources': [ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ], 'LastModifiedTime': datetime(2015, 1, 1), 'CreatedTime': datetime(2015, 1, 1) } }
Response Structure
(dict) --
CrossAccountAttachment (dict) --
Information about the cross-account attachment.
AttachmentArn (string) --
The Amazon Resource Name (ARN) of the cross-account attachment.
Name (string) --
The name of the cross-account attachment.
Principals (list) --
The principals included in the cross-account attachment.
(string) --
Resources (list) --
The resources included in the cross-account attachment.
(dict) --
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) --
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) --
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) --
The Amazon Web Services Region where a shared endpoint resource is located.
LastModifiedTime (datetime) --
The date and time that the cross-account attachment was last modified.
CreatedTime (datetime) --
The date and time that the cross-account attachment was created.
{'CrossAccountAttachment': {'Resources': {'Cidr': 'string'}}}
Gets configuration information about a cross-account attachment.
See also: AWS API Documentation
Request Syntax
client.describe_cross_account_attachment( AttachmentArn='string' )
string
[REQUIRED]
The Amazon Resource Name (ARN) for the cross-account attachment to describe.
dict
Response Syntax
{ 'CrossAccountAttachment': { 'AttachmentArn': 'string', 'Name': 'string', 'Principals': [ 'string', ], 'Resources': [ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ], 'LastModifiedTime': datetime(2015, 1, 1), 'CreatedTime': datetime(2015, 1, 1) } }
Response Structure
(dict) --
CrossAccountAttachment (dict) --
Information about the cross-account attachment.
AttachmentArn (string) --
The Amazon Resource Name (ARN) of the cross-account attachment.
Name (string) --
The name of the cross-account attachment.
Principals (list) --
The principals included in the cross-account attachment.
(string) --
Resources (list) --
The resources included in the cross-account attachment.
(dict) --
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) --
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) --
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) --
The Amazon Web Services Region where a shared endpoint resource is located.
LastModifiedTime (datetime) --
The date and time that the cross-account attachment was last modified.
CreatedTime (datetime) --
The date and time that the cross-account attachment was created.
{'CrossAccountAttachments': {'Resources': {'Cidr': 'string'}}}
List the cross-account attachments that have been created in Global Accelerator.
See also: AWS API Documentation
Request Syntax
client.list_cross_account_attachments( MaxResults=123, NextToken='string' )
integer
The number of cross-account attachment objects that you want to return with this call. The default value is 10.
string
The token for the next set of results. You receive this token from a previous call.
dict
Response Syntax
{ 'CrossAccountAttachments': [ { 'AttachmentArn': 'string', 'Name': 'string', 'Principals': [ 'string', ], 'Resources': [ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ], 'LastModifiedTime': datetime(2015, 1, 1), 'CreatedTime': datetime(2015, 1, 1) }, ], 'NextToken': 'string' }
Response Structure
(dict) --
CrossAccountAttachments (list) --
Information about the cross-account attachments.
(dict) --
A cross-account attachment in Global Accelerator. A cross-account attachment specifies the principals who have permission to work with resources in your account, which you also list in the attachment.
AttachmentArn (string) --
The Amazon Resource Name (ARN) of the cross-account attachment.
Name (string) --
The name of the cross-account attachment.
Principals (list) --
The principals included in the cross-account attachment.
(string) --
Resources (list) --
The resources included in the cross-account attachment.
(dict) --
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) --
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) --
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) --
The Amazon Web Services Region where a shared endpoint resource is located.
LastModifiedTime (datetime) --
The date and time that the cross-account attachment was last modified.
CreatedTime (datetime) --
The date and time that the cross-account attachment was created.
NextToken (string) --
The token for the next set of results. You receive this token from a previous call.
{'CrossAccountResources': {'Cidr': 'string'}}
List the cross-account resources available to work with.
See also: AWS API Documentation
Request Syntax
client.list_cross_account_resources( AcceleratorArn='string', ResourceOwnerAwsAccountId='string', MaxResults=123, NextToken='string' )
string
The Amazon Resource Name (ARN) of an accelerator in a cross-account attachment.
string
[REQUIRED]
The account ID of a resource owner in a cross-account attachment.
integer
The number of cross-account resource objects that you want to return with this call. The default value is 10.
string
The token for the next set of results. You receive this token from a previous call.
dict
Response Syntax
{ 'CrossAccountResources': [ { 'EndpointId': 'string', 'Cidr': 'string', 'AttachmentArn': 'string' }, ], 'NextToken': 'string' }
Response Structure
(dict) --
CrossAccountResources (list) --
The cross-account resources used with an accelerator.
(dict) --
An endpoint (Amazon Web Services resource) or an IP address range, in CIDR format, that is listed in a cross-account attachment. A cross-account resource can be added to an accelerator by specified principals, which are also listed in the attachment.
For more information, see Working with cross-account attachments and resources in Global Accelerator in the Global Accelerator Developer Guide.
EndpointId (string) --
The endpoint ID for the endpoint that is listed in a cross-account attachment and can be added to an accelerator by specified principals.
Cidr (string) --
An IP address range, in CIDR format, that is specified as an Amazon Web Services resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator.
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
AttachmentArn (string) --
The Amazon Resource Name (ARN) of the cross-account attachment that specifies the resources (endpoints or CIDR range) that can be added to accelerators and principals that have permission to add them.
NextToken (string) --
The token for the next set of results. You receive this token from a previous call.
{'AddResources': {'Cidr': 'string'}, 'RemoveResources': {'Cidr': 'string'}}Response
{'CrossAccountAttachment': {'Resources': {'Cidr': 'string'}}}
Update a cross-account attachment to add or remove principals or resources. When you update an attachment to remove a principal (account ID or accelerator) or a resource, Global Accelerator revokes the permission for specific resources.
For more information, see Working with cross-account attachments and resources in Global Accelerator in the Global Accelerator Developer Guide.
See also: AWS API Documentation
Request Syntax
client.update_cross_account_attachment( AttachmentArn='string', Name='string', AddPrincipals=[ 'string', ], RemovePrincipals=[ 'string', ], AddResources=[ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ], RemoveResources=[ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ] )
string
[REQUIRED]
The Amazon Resource Name (ARN) of the cross-account attachment to update.
string
The name of the cross-account attachment.
list
The principals to add to the cross-account attachment. A principal is an account or the Amazon Resource Name (ARN) of an accelerator that the attachment gives permission to work with resources from another account. The resources are also listed in the attachment.
To add more than one principal, separate the account numbers or accelerator ARNs, or both, with commas.
(string) --
list
The principals to remove from the cross-account attachment. A principal is an account or the Amazon Resource Name (ARN) of an accelerator that the attachment gives permission to work with resources from another account. The resources are also listed in the attachment.
To remove more than one principal, separate the account numbers or accelerator ARNs, or both, with commas.
(string) --
list
The resources to add to the cross-account attachment. A resource listed in a cross-account attachment can be used with an accelerator by the principals that are listed in the attachment.
To add more than one resource, separate the resource ARNs with commas.
(dict) --
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) --
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) --
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) --
The Amazon Web Services Region where a shared endpoint resource is located.
list
The resources to remove from the cross-account attachment. A resource listed in a cross-account attachment can be used with an accelerator by the principals that are listed in the attachment.
To remove more than one resource, separate the resource ARNs with commas.
(dict) --
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) --
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) --
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) --
The Amazon Web Services Region where a shared endpoint resource is located.
dict
Response Syntax
{ 'CrossAccountAttachment': { 'AttachmentArn': 'string', 'Name': 'string', 'Principals': [ 'string', ], 'Resources': [ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ], 'LastModifiedTime': datetime(2015, 1, 1), 'CreatedTime': datetime(2015, 1, 1) } }
Response Structure
(dict) --
CrossAccountAttachment (dict) --
Information about the updated cross-account attachment.
AttachmentArn (string) --
The Amazon Resource Name (ARN) of the cross-account attachment.
Name (string) --
The name of the cross-account attachment.
Principals (list) --
The principals included in the cross-account attachment.
(string) --
Resources (list) --
The resources included in the cross-account attachment.
(dict) --
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) --
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) --
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) --
The Amazon Web Services Region where a shared endpoint resource is located.
LastModifiedTime (datetime) --
The date and time that the cross-account attachment was last modified.
CreatedTime (datetime) --
The date and time that the cross-account attachment was created.