2018/11/28 - Amazon Elastic Compute Cloud - 14 updated api methods
Changes With VPC sharing, you can now allow multiple accounts in the same AWS Organization to launch their application resources, like EC2 instances, RDS databases, and Redshift clusters into shared, centrally managed VPCs.
{'Subnet': {'AvailabilityZoneId': 'string',
'OwnerId': 'string',
'SubnetArn': 'string'}}
Creates a default subnet with a size /20 IPv4 CIDR block in the specified Availability Zone in your default VPC. You can have only one default subnet per Availability Zone. For more information, see Creating a Default Subnet in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.create_default_subnet(
AvailabilityZone='string',
DryRun=True|False
)
string
[REQUIRED]
The Availability Zone in which to create the default subnet.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'Subnet': {
'AvailabilityZone': 'string',
'AvailabilityZoneId': 'string',
'AvailableIpAddressCount': 123,
'CidrBlock': 'string',
'DefaultForAz': True|False,
'MapPublicIpOnLaunch': True|False,
'State': 'pending'|'available',
'SubnetId': 'string',
'VpcId': 'string',
'OwnerId': 'string',
'AssignIpv6AddressOnCreation': True|False,
'Ipv6CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'Ipv6CidrBlock': 'string',
'Ipv6CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'SubnetArn': 'string'
}
}
Response Structure
(dict) --
Subnet (dict) --
Information about the subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the AWS account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an IPv6 CIDR block associated with a subnet.
AssociationId (string) --
The association ID for the CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
{'Vpc': {'OwnerId': 'string'}}
Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet in each Availability Zone. For more information about the components of a default VPC, see Default VPC and Default Subnets in the Amazon Virtual Private Cloud User Guide . You cannot specify the components of the default VPC yourself.
If you deleted your previous default VPC, you can create a default VPC. You cannot have more than one default VPC per Region.
If your account supports EC2-Classic, you cannot use this action to create a default VPC in a Region that supports EC2-Classic. If you want a default VPC in a Region that supports EC2-Classic, see "I really want a default VPC for my existing EC2 account. Is that possible?" in the Default VPCs FAQ.
See also: AWS API Documentation
Request Syntax
client.create_default_vpc(
DryRun=True|False
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'Vpc': {
'CidrBlock': 'string',
'DhcpOptionsId': 'string',
'State': 'pending'|'available',
'VpcId': 'string',
'OwnerId': 'string',
'InstanceTenancy': 'default'|'dedicated'|'host',
'Ipv6CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'Ipv6CidrBlock': 'string',
'Ipv6CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'CidrBlock': 'string',
'CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'IsDefault': True|False,
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) --
Vpc (dict) --
Information about the VPC.
CidrBlock (string) --
The primary IPv4 CIDR block for the VPC.
DhcpOptionsId (string) --
The ID of the set of DHCP options you've associated with the VPC (or default if the default options are associated with the VPC).
State (string) --
The current state of the VPC.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the AWS account that owns the VPC.
InstanceTenancy (string) --
The allowed tenancy of instances launched into the VPC.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv6 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv6 CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
CidrBlockAssociationSet (list) --
Information about the IPv4 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv4 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv4 CIDR block.
CidrBlock (string) --
The IPv4 CIDR block.
CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
IsDefault (boolean) --
Indicates whether the VPC is the default VPC.
Tags (list) --
Any tags assigned to the VPC.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'DhcpOptions': {'OwnerId': 'string'}}
Creates a set of DHCP options for your VPC. After creating the set, you must associate it with the VPC, causing all existing and new instances that you launch in the VPC to use this set of DHCP options. The following are the individual DHCP options you can specify. For more information about the options, see RFC 2132.
domain-name-servers - The IP addresses of up to four domain name servers, or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. If specifying more than one domain name server, specify the IP addresses in a single parameter, separated by commas. ITo have your instance to receive a custom DNS hostname as specified in domain-name , you must set domain-name-servers to a custom DNS server.
domain-name - If you're using AmazonProvidedDNS in us-east-1 , specify ec2.internal . If you're using AmazonProvidedDNS in another region, specify region.compute.internal (for example, ap-northeast-1.compute.internal ). Otherwise, specify a domain name (for example, MyCompany.com ). This value is used to complete unqualified DNS hostnames. Important : Some Linux operating systems accept multiple domain names separated by spaces. However, Windows and other Linux operating systems treat the value as a single domain, which results in unexpected behavior. If your DHCP options set is associated with a VPC that has instances with multiple operating systems, specify only one domain name.
ntp-servers - The IP addresses of up to four Network Time Protocol (NTP) servers.
netbios-name-servers - The IP addresses of up to four NetBIOS name servers.
netbios-node-type - The NetBIOS node type (1, 2, 4, or 8). We recommend that you specify 2 (broadcast and multicast are not currently supported). For more information about these node types, see RFC 2132.
Your VPC automatically starts out with a set of DHCP options that includes only a DNS server that we provide (AmazonProvidedDNS). If you create a set of options, and if your VPC has an internet gateway, make sure to set the domain-name-servers option either to AmazonProvidedDNS or to a domain name server of your choice. For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.create_dhcp_options(
DhcpConfigurations=[
{
'Key': 'string',
'Values': [
'string',
]
},
],
DryRun=True|False
)
list
[REQUIRED]
A DHCP configuration option.
(dict) --
Key (string) --
Values (list) --
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'DhcpOptions': {
'DhcpConfigurations': [
{
'Key': 'string',
'Values': [
{
'Value': 'string'
},
]
},
],
'DhcpOptionsId': 'string',
'OwnerId': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) --
DhcpOptions (dict) --
A set of DHCP options.
DhcpConfigurations (list) --
One or more DHCP options in the set.
(dict) --
Describes a DHCP configuration option.
Key (string) --
The name of a DHCP option.
Values (list) --
One or more values for the DHCP option.
(dict) --
Describes a value for a resource attribute that is a String.
Value (string) --
The attribute value. The value is case-sensitive.
DhcpOptionsId (string) --
The ID of the set of DHCP options.
OwnerId (string) --
The ID of the AWS account that owns the DHCP options set.
Tags (list) --
Any tags assigned to the DHCP options set.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'InternetGateway': {'OwnerId': 'string'}}
Creates an internet gateway for use with a VPC. After creating the internet gateway, you attach it to a VPC using AttachInternetGateway.
For more information about your VPC and internet gateway, see the Amazon Virtual Private Cloud User Guide.
See also: AWS API Documentation
Request Syntax
client.create_internet_gateway(
DryRun=True|False
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'InternetGateway': {
'Attachments': [
{
'State': 'attaching'|'attached'|'detaching'|'detached',
'VpcId': 'string'
},
],
'InternetGatewayId': 'string',
'OwnerId': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) --
InternetGateway (dict) --
Information about the internet gateway.
Attachments (list) --
Any VPCs attached to the internet gateway.
(dict) --
Describes the attachment of a VPC to an internet gateway or an egress-only internet gateway.
State (string) --
The current state of the attachment. For an internet gateway, the state is available when attached to a VPC; otherwise, this value is not returned.
VpcId (string) --
The ID of the VPC.
InternetGatewayId (string) --
The ID of the internet gateway.
OwnerId (string) --
The ID of the AWS account that owns the internet gateway.
Tags (list) --
Any tags assigned to the internet gateway.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'NetworkAcl': {'OwnerId': 'string'}}
Creates a network ACL in a VPC. Network ACLs provide an optional layer of security (in addition to security groups) for the instances in your VPC.
For more information, see Network ACLs in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.create_network_acl(
DryRun=True|False,
VpcId='string'
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the VPC.
dict
Response Syntax
{
'NetworkAcl': {
'Associations': [
{
'NetworkAclAssociationId': 'string',
'NetworkAclId': 'string',
'SubnetId': 'string'
},
],
'Entries': [
{
'CidrBlock': 'string',
'Egress': True|False,
'IcmpTypeCode': {
'Code': 123,
'Type': 123
},
'Ipv6CidrBlock': 'string',
'PortRange': {
'From': 123,
'To': 123
},
'Protocol': 'string',
'RuleAction': 'allow'|'deny',
'RuleNumber': 123
},
],
'IsDefault': True|False,
'NetworkAclId': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'VpcId': 'string',
'OwnerId': 'string'
}
}
Response Structure
(dict) --
NetworkAcl (dict) --
Information about the network ACL.
Associations (list) --
Any associations between the network ACL and one or more subnets
(dict) --
Describes an association between a network ACL and a subnet.
NetworkAclAssociationId (string) --
The ID of the association between a network ACL and a subnet.
NetworkAclId (string) --
The ID of the network ACL.
SubnetId (string) --
The ID of the subnet.
Entries (list) --
One or more entries (rules) in the network ACL.
(dict) --
Describes an entry in a network ACL.
CidrBlock (string) --
The IPv4 network range to allow or deny, in CIDR notation.
Egress (boolean) --
Indicates whether the rule is an egress rule (applied to traffic leaving the subnet).
IcmpTypeCode (dict) --
ICMP protocol: The ICMP type and code.
Code (integer) --
The ICMP code. A value of -1 means all codes for the specified ICMP type.
Type (integer) --
The ICMP type. A value of -1 means all types.
Ipv6CidrBlock (string) --
The IPv6 network range to allow or deny, in CIDR notation.
PortRange (dict) --
TCP or UDP protocols: The range of ports the rule applies to.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
Protocol (string) --
The protocol number. A value of "-1" means all protocols.
RuleAction (string) --
Indicates whether to allow or deny the traffic that matches the rule.
RuleNumber (integer) --
The rule number for the entry. ACL entries are processed in ascending order by rule number.
IsDefault (boolean) --
Indicates whether this is the default network ACL for the VPC.
NetworkAclId (string) --
The ID of the network ACL.
Tags (list) --
Any tags assigned to the network ACL.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
VpcId (string) --
The ID of the VPC for the network ACL.
OwnerId (string) --
The ID of the AWS account that owns the network ACL.
{'RouteTable': {'OwnerId': 'string'}}
Creates a route table for the specified VPC. After you create a route table, you can add routes and associate the table with a subnet.
For more information, see Route Tables in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.create_route_table(
DryRun=True|False,
VpcId='string'
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the VPC.
dict
Response Syntax
{
'RouteTable': {
'Associations': [
{
'Main': True|False,
'RouteTableAssociationId': 'string',
'RouteTableId': 'string',
'SubnetId': 'string'
},
],
'PropagatingVgws': [
{
'GatewayId': 'string'
},
],
'RouteTableId': 'string',
'Routes': [
{
'DestinationCidrBlock': 'string',
'DestinationIpv6CidrBlock': 'string',
'DestinationPrefixListId': 'string',
'EgressOnlyInternetGatewayId': 'string',
'GatewayId': 'string',
'InstanceId': 'string',
'InstanceOwnerId': 'string',
'NatGatewayId': 'string',
'TransitGatewayId': 'string',
'NetworkInterfaceId': 'string',
'Origin': 'CreateRouteTable'|'CreateRoute'|'EnableVgwRoutePropagation',
'State': 'active'|'blackhole',
'VpcPeeringConnectionId': 'string'
},
],
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'VpcId': 'string',
'OwnerId': 'string'
}
}
Response Structure
(dict) --
RouteTable (dict) --
Information about the route table.
Associations (list) --
The associations between the route table and one or more subnets.
(dict) --
Describes an association between a route table and a subnet.
Main (boolean) --
Indicates whether this is the main route table.
RouteTableAssociationId (string) --
The ID of the association between a route table and a subnet.
RouteTableId (string) --
The ID of the route table.
SubnetId (string) --
The ID of the subnet. A subnet ID is not returned for an implicit association.
PropagatingVgws (list) --
Any virtual private gateway (VGW) propagating routes.
(dict) --
Describes a virtual private gateway propagating route.
GatewayId (string) --
The ID of the virtual private gateway.
RouteTableId (string) --
The ID of the route table.
Routes (list) --
The routes in the route table.
(dict) --
Describes a route in a route table.
DestinationCidrBlock (string) --
The IPv4 CIDR block used for the destination match.
DestinationIpv6CidrBlock (string) --
The IPv6 CIDR block used for the destination match.
DestinationPrefixListId (string) --
The prefix of the AWS service.
EgressOnlyInternetGatewayId (string) --
The ID of the egress-only internet gateway.
GatewayId (string) --
The ID of a gateway attached to your VPC.
InstanceId (string) --
The ID of a NAT instance in your VPC.
InstanceOwnerId (string) --
The AWS account ID of the owner of the instance.
NatGatewayId (string) --
The ID of a NAT gateway.
TransitGatewayId (string) --
The ID of a transit gateway.
NetworkInterfaceId (string) --
The ID of the network interface.
Origin (string) --
Describes how the route was created.
CreateRouteTable - The route was automatically created when the route table was created.
CreateRoute - The route was manually added to the route table.
EnableVgwRoutePropagation - The route was propagated by route propagation.
State (string) --
The state of the route. The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, or the specified NAT instance has been terminated).
VpcPeeringConnectionId (string) --
The ID of a VPC peering connection.
Tags (list) --
Any tags assigned to the route table.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the AWS account that owns the route table.
{'AvailabilityZoneId': 'string'}
Response {'Subnet': {'AvailabilityZoneId': 'string',
'OwnerId': 'string',
'SubnetArn': 'string'}}
Creates a subnet in an existing VPC.
When you create each subnet, you provide the VPC ID and IPv4 CIDR block for the subnet. After you create a subnet, you can't change its CIDR block. The size of the subnet's IPv4 CIDR block can be the same as a VPC's IPv4 CIDR block, or a subset of a VPC's IPv4 CIDR block. If you create more than one subnet in a VPC, the subnets' CIDR blocks must not overlap. The smallest IPv4 subnet (and VPC) you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses).
If you've associated an IPv6 CIDR block with your VPC, you can create a subnet with an IPv6 CIDR block that uses a /64 prefix length.
Warning
AWS reserves both the first four and the last IPv4 address in each subnet's CIDR block. They're not available for use.
If you add more than one subnet to a VPC, they're set up in a star topology with a logical router in the middle.
If you launch an instance in a VPC using an Amazon EBS-backed AMI, the IP address doesn't change if you stop and restart the instance (unlike a similar instance launched outside a VPC, which gets a new IP address when restarted). It's therefore possible to have a subnet with no running instances (they're all stopped), but no remaining IP addresses available.
For more information about subnets, see Your VPC and Subnets in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.create_subnet(
AvailabilityZone='string',
AvailabilityZoneId='string',
CidrBlock='string',
Ipv6CidrBlock='string',
VpcId='string',
DryRun=True|False
)
string
The Availability Zone for the subnet.
Default: AWS selects one for you. If you create more than one subnet in your VPC, we may not necessarily select a different zone for each subnet.
string
The AZ ID of the subnet.
string
[REQUIRED]
The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24 .
string
The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.
string
[REQUIRED]
The ID of the VPC.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'Subnet': {
'AvailabilityZone': 'string',
'AvailabilityZoneId': 'string',
'AvailableIpAddressCount': 123,
'CidrBlock': 'string',
'DefaultForAz': True|False,
'MapPublicIpOnLaunch': True|False,
'State': 'pending'|'available',
'SubnetId': 'string',
'VpcId': 'string',
'OwnerId': 'string',
'AssignIpv6AddressOnCreation': True|False,
'Ipv6CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'Ipv6CidrBlock': 'string',
'Ipv6CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'SubnetArn': 'string'
}
}
Response Structure
(dict) --
Subnet (dict) --
Information about the subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the AWS account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an IPv6 CIDR block associated with a subnet.
AssociationId (string) --
The association ID for the CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
{'Vpc': {'OwnerId': 'string'}}
Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 netmask (65,536 IPv4 addresses). For more information about how large to make your VPC, see Your VPC and Subnets in the Amazon Virtual Private Cloud User Guide .
You can optionally request an Amazon-provided IPv6 CIDR block for the VPC. The IPv6 CIDR block uses a /56 prefix length, and is allocated from Amazon's pool of IPv6 addresses. You cannot choose the IPv6 range for your VPC.
By default, each instance you launch in the VPC has the default DHCP options, which include only a default DNS server that we provide (AmazonProvidedDNS). For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide .
You can specify the instance tenancy value for the VPC when you create it. You can't change this value for the VPC after you create it. For more information, see Dedicated Instances in the Amazon Elastic Compute Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.create_vpc(
CidrBlock='string',
AmazonProvidedIpv6CidrBlock=True|False,
DryRun=True|False,
InstanceTenancy='default'|'dedicated'|'host'
)
string
[REQUIRED]
The IPv4 network range for the VPC, in CIDR notation. For example, 10.0.0.0/16 .
boolean
Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The tenancy options for instances launched into the VPC. For default , instances are launched with shared tenancy by default. You can launch instances with any tenancy into a shared tenancy VPC. For dedicated , instances are launched as dedicated tenancy instances by default. You can only launch instances with a tenancy of dedicated or host into a dedicated tenancy VPC.
Important: The host value cannot be used with this parameter. Use the default or dedicated values only.
Default: default
dict
Response Syntax
{
'Vpc': {
'CidrBlock': 'string',
'DhcpOptionsId': 'string',
'State': 'pending'|'available',
'VpcId': 'string',
'OwnerId': 'string',
'InstanceTenancy': 'default'|'dedicated'|'host',
'Ipv6CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'Ipv6CidrBlock': 'string',
'Ipv6CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'CidrBlock': 'string',
'CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'IsDefault': True|False,
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
}
}
Response Structure
(dict) --
Vpc (dict) --
Information about the VPC.
CidrBlock (string) --
The primary IPv4 CIDR block for the VPC.
DhcpOptionsId (string) --
The ID of the set of DHCP options you've associated with the VPC (or default if the default options are associated with the VPC).
State (string) --
The current state of the VPC.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the AWS account that owns the VPC.
InstanceTenancy (string) --
The allowed tenancy of instances launched into the VPC.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv6 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv6 CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
CidrBlockAssociationSet (list) --
Information about the IPv4 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv4 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv4 CIDR block.
CidrBlock (string) --
The IPv4 CIDR block.
CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
IsDefault (boolean) --
Indicates whether the VPC is the default VPC.
Tags (list) --
Any tags assigned to the VPC.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'DhcpOptions': {'OwnerId': 'string'}}
Describes one or more of your DHCP options sets.
For more information, see DHCP Options Sets in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_dhcp_options(
DhcpOptionsIds=[
'string',
],
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
DryRun=True|False
)
list
The IDs of one or more DHCP options sets.
Default: Describes all your DHCP options sets.
(string) --
list
One or more filters.
dhcp-options-id - The ID of a DHCP options set.
key - The key for one of the options (for example, domain-name ).
value - The value for one of the options.
owner-id - The ID of the AWS account that owns the DHCP options set.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs. The filters supported by a describe operation are documented with the describe operation. For example:
DescribeAvailabilityZones
DescribeImages
DescribeInstances
DescribeKeyPairs
DescribeSecurityGroups
DescribeSnapshots
DescribeSubnets
DescribeTags
DescribeVolumes
DescribeVpcs
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
One or more filter values. Filter values are case-sensitive.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'DhcpOptions': [
{
'DhcpConfigurations': [
{
'Key': 'string',
'Values': [
{
'Value': 'string'
},
]
},
],
'DhcpOptionsId': 'string',
'OwnerId': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
}
Response Structure
(dict) --
DhcpOptions (list) --
Information about one or more DHCP options sets.
(dict) --
Describes a set of DHCP options.
DhcpConfigurations (list) --
One or more DHCP options in the set.
(dict) --
Describes a DHCP configuration option.
Key (string) --
The name of a DHCP option.
Values (list) --
One or more values for the DHCP option.
(dict) --
Describes a value for a resource attribute that is a String.
Value (string) --
The attribute value. The value is case-sensitive.
DhcpOptionsId (string) --
The ID of the set of DHCP options.
OwnerId (string) --
The ID of the AWS account that owns the DHCP options set.
Tags (list) --
Any tags assigned to the DHCP options set.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'InternetGateways': {'OwnerId': 'string'}}
Describes one or more of your internet gateways.
See also: AWS API Documentation
Request Syntax
client.describe_internet_gateways(
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
DryRun=True|False,
InternetGatewayIds=[
'string',
]
)
list
One or more filters.
attachment.state - The current state of the attachment between the gateway and the VPC ( available ). Present only if a VPC is attached.
attachment.vpc-id - The ID of an attached VPC.
internet-gateway-id - The ID of the Internet gateway.
owner-id - The ID of the AWS account that owns the internet gateway.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs. The filters supported by a describe operation are documented with the describe operation. For example:
DescribeAvailabilityZones
DescribeImages
DescribeInstances
DescribeKeyPairs
DescribeSecurityGroups
DescribeSnapshots
DescribeSubnets
DescribeTags
DescribeVolumes
DescribeVpcs
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
One or more filter values. Filter values are case-sensitive.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
list
One or more internet gateway IDs.
Default: Describes all your internet gateways.
(string) --
dict
Response Syntax
{
'InternetGateways': [
{
'Attachments': [
{
'State': 'attaching'|'attached'|'detaching'|'detached',
'VpcId': 'string'
},
],
'InternetGatewayId': 'string',
'OwnerId': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
}
Response Structure
(dict) --
InternetGateways (list) --
Information about one or more internet gateways.
(dict) --
Describes an internet gateway.
Attachments (list) --
Any VPCs attached to the internet gateway.
(dict) --
Describes the attachment of a VPC to an internet gateway or an egress-only internet gateway.
State (string) --
The current state of the attachment. For an internet gateway, the state is available when attached to a VPC; otherwise, this value is not returned.
VpcId (string) --
The ID of the VPC.
InternetGatewayId (string) --
The ID of the internet gateway.
OwnerId (string) --
The ID of the AWS account that owns the internet gateway.
Tags (list) --
Any tags assigned to the internet gateway.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'NetworkAcls': {'OwnerId': 'string'}}
Describes one or more of your network ACLs.
For more information, see Network ACLs in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_network_acls(
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
DryRun=True|False,
NetworkAclIds=[
'string',
]
)
list
One or more filters.
association.association-id - The ID of an association ID for the ACL.
association.network-acl-id - The ID of the network ACL involved in the association.
association.subnet-id - The ID of the subnet involved in the association.
default - Indicates whether the ACL is the default network ACL for the VPC.
entry.cidr - The IPv4 CIDR range specified in the entry.
entry.icmp.code - The ICMP code specified in the entry, if any.
entry.icmp.type - The ICMP type specified in the entry, if any.
entry.ipv6-cidr - The IPv6 CIDR range specified in the entry.
entry.port-range.from - The start of the port range specified in the entry.
entry.port-range.to - The end of the port range specified in the entry.
entry.protocol - The protocol specified in the entry ( tcp | udp | icmp or a protocol number).
entry.rule-action - Allows or denies the matching traffic ( allow | deny ).
entry.rule-number - The number of an entry (in other words, rule) in the set of ACL entries.
network-acl-id - The ID of the network ACL.
owner-id - The ID of the AWS account that owns the network ACL.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC for the network ACL.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs. The filters supported by a describe operation are documented with the describe operation. For example:
DescribeAvailabilityZones
DescribeImages
DescribeInstances
DescribeKeyPairs
DescribeSecurityGroups
DescribeSnapshots
DescribeSubnets
DescribeTags
DescribeVolumes
DescribeVpcs
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
One or more filter values. Filter values are case-sensitive.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
list
One or more network ACL IDs.
Default: Describes all your network ACLs.
(string) --
dict
Response Syntax
{
'NetworkAcls': [
{
'Associations': [
{
'NetworkAclAssociationId': 'string',
'NetworkAclId': 'string',
'SubnetId': 'string'
},
],
'Entries': [
{
'CidrBlock': 'string',
'Egress': True|False,
'IcmpTypeCode': {
'Code': 123,
'Type': 123
},
'Ipv6CidrBlock': 'string',
'PortRange': {
'From': 123,
'To': 123
},
'Protocol': 'string',
'RuleAction': 'allow'|'deny',
'RuleNumber': 123
},
],
'IsDefault': True|False,
'NetworkAclId': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'VpcId': 'string',
'OwnerId': 'string'
},
]
}
Response Structure
(dict) --
NetworkAcls (list) --
Information about one or more network ACLs.
(dict) --
Describes a network ACL.
Associations (list) --
Any associations between the network ACL and one or more subnets
(dict) --
Describes an association between a network ACL and a subnet.
NetworkAclAssociationId (string) --
The ID of the association between a network ACL and a subnet.
NetworkAclId (string) --
The ID of the network ACL.
SubnetId (string) --
The ID of the subnet.
Entries (list) --
One or more entries (rules) in the network ACL.
(dict) --
Describes an entry in a network ACL.
CidrBlock (string) --
The IPv4 network range to allow or deny, in CIDR notation.
Egress (boolean) --
Indicates whether the rule is an egress rule (applied to traffic leaving the subnet).
IcmpTypeCode (dict) --
ICMP protocol: The ICMP type and code.
Code (integer) --
The ICMP code. A value of -1 means all codes for the specified ICMP type.
Type (integer) --
The ICMP type. A value of -1 means all types.
Ipv6CidrBlock (string) --
The IPv6 network range to allow or deny, in CIDR notation.
PortRange (dict) --
TCP or UDP protocols: The range of ports the rule applies to.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
Protocol (string) --
The protocol number. A value of "-1" means all protocols.
RuleAction (string) --
Indicates whether to allow or deny the traffic that matches the rule.
RuleNumber (integer) --
The rule number for the entry. ACL entries are processed in ascending order by rule number.
IsDefault (boolean) --
Indicates whether this is the default network ACL for the VPC.
NetworkAclId (string) --
The ID of the network ACL.
Tags (list) --
Any tags assigned to the network ACL.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
VpcId (string) --
The ID of the VPC for the network ACL.
OwnerId (string) --
The ID of the AWS account that owns the network ACL.
{'RouteTables': {'OwnerId': 'string'}}
Describes one or more of your route tables.
Each subnet in your VPC must be associated with a route table. If a subnet is not explicitly associated with any route table, it is implicitly associated with the main route table. This command does not return the subnet ID for implicit associations.
For more information, see Route Tables in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_route_tables(
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
DryRun=True|False,
RouteTableIds=[
'string',
],
NextToken='string',
MaxResults=123
)
list
One or more filters.
association.route-table-association-id - The ID of an association ID for the route table.
association.route-table-id - The ID of the route table involved in the association.
association.subnet-id - The ID of the subnet involved in the association.
association.main - Indicates whether the route table is the main route table for the VPC ( true | false ). Route tables that do not have an association ID are not returned in the response.
owner-id - The ID of the AWS account that owns the route table.
route-table-id - The ID of the route table.
route.destination-cidr-block - The IPv4 CIDR range specified in a route in the table.
route.destination-ipv6-cidr-block - The IPv6 CIDR range specified in a route in the route table.
route.destination-prefix-list-id - The ID (prefix) of the AWS service specified in a route in the table.
route.egress-only-internet-gateway-id - The ID of an egress-only Internet gateway specified in a route in the route table.
route.gateway-id - The ID of a gateway specified in a route in the table.
route.instance-id - The ID of an instance specified in a route in the table.
route.nat-gateway-id - The ID of a NAT gateway.
route.transit-gateway-id - The ID of a transit gateway.
route.origin - Describes how the route was created. CreateRouteTable indicates that the route was automatically created when the route table was created; CreateRoute indicates that the route was manually added to the route table; EnableVgwRoutePropagation indicates that the route was propagated by route propagation.
route.state - The state of a route in the route table ( active | blackhole ). The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, the specified NAT instance has been terminated, and so on).
route.vpc-peering-connection-id - The ID of a VPC peering connection specified in a route in the table.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
transit-gateway-id - The ID of a transit gateway.
vpc-id - The ID of the VPC for the route table.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs. The filters supported by a describe operation are documented with the describe operation. For example:
DescribeAvailabilityZones
DescribeImages
DescribeInstances
DescribeKeyPairs
DescribeSecurityGroups
DescribeSnapshots
DescribeSubnets
DescribeTags
DescribeVolumes
DescribeVpcs
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
One or more filter values. Filter values are case-sensitive.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
list
One or more route table IDs.
Default: Describes all your route tables.
(string) --
string
The token to retrieve the next page of results.
integer
The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value. This value can be between 5 and 100.
dict
Response Syntax
{
'RouteTables': [
{
'Associations': [
{
'Main': True|False,
'RouteTableAssociationId': 'string',
'RouteTableId': 'string',
'SubnetId': 'string'
},
],
'PropagatingVgws': [
{
'GatewayId': 'string'
},
],
'RouteTableId': 'string',
'Routes': [
{
'DestinationCidrBlock': 'string',
'DestinationIpv6CidrBlock': 'string',
'DestinationPrefixListId': 'string',
'EgressOnlyInternetGatewayId': 'string',
'GatewayId': 'string',
'InstanceId': 'string',
'InstanceOwnerId': 'string',
'NatGatewayId': 'string',
'TransitGatewayId': 'string',
'NetworkInterfaceId': 'string',
'Origin': 'CreateRouteTable'|'CreateRoute'|'EnableVgwRoutePropagation',
'State': 'active'|'blackhole',
'VpcPeeringConnectionId': 'string'
},
],
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'VpcId': 'string',
'OwnerId': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
Contains the output of DescribeRouteTables.
RouteTables (list) --
Information about one or more route tables.
(dict) --
Describes a route table.
Associations (list) --
The associations between the route table and one or more subnets.
(dict) --
Describes an association between a route table and a subnet.
Main (boolean) --
Indicates whether this is the main route table.
RouteTableAssociationId (string) --
The ID of the association between a route table and a subnet.
RouteTableId (string) --
The ID of the route table.
SubnetId (string) --
The ID of the subnet. A subnet ID is not returned for an implicit association.
PropagatingVgws (list) --
Any virtual private gateway (VGW) propagating routes.
(dict) --
Describes a virtual private gateway propagating route.
GatewayId (string) --
The ID of the virtual private gateway.
RouteTableId (string) --
The ID of the route table.
Routes (list) --
The routes in the route table.
(dict) --
Describes a route in a route table.
DestinationCidrBlock (string) --
The IPv4 CIDR block used for the destination match.
DestinationIpv6CidrBlock (string) --
The IPv6 CIDR block used for the destination match.
DestinationPrefixListId (string) --
The prefix of the AWS service.
EgressOnlyInternetGatewayId (string) --
The ID of the egress-only internet gateway.
GatewayId (string) --
The ID of a gateway attached to your VPC.
InstanceId (string) --
The ID of a NAT instance in your VPC.
InstanceOwnerId (string) --
The AWS account ID of the owner of the instance.
NatGatewayId (string) --
The ID of a NAT gateway.
TransitGatewayId (string) --
The ID of a transit gateway.
NetworkInterfaceId (string) --
The ID of the network interface.
Origin (string) --
Describes how the route was created.
CreateRouteTable - The route was automatically created when the route table was created.
CreateRoute - The route was manually added to the route table.
EnableVgwRoutePropagation - The route was propagated by route propagation.
State (string) --
The state of the route. The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, or the specified NAT instance has been terminated).
VpcPeeringConnectionId (string) --
The ID of a VPC peering connection.
Tags (list) --
Any tags assigned to the route table.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the AWS account that owns the route table.
NextToken (string) --
The token to use to retrieve the next page of results. This value is null when there are no more results to return.
{'Subnets': {'AvailabilityZoneId': 'string',
'OwnerId': 'string',
'SubnetArn': 'string'}}
Describes one or more of your subnets.
For more information, see Your VPC and Subnets in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_subnets(
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
SubnetIds=[
'string',
],
DryRun=True|False
)
list
One or more filters.
availability-zone - The Availability Zone for the subnet. You can also use availabilityZone as the filter name.
availability-zone-id - The ID of the Availability Zone for the subnet. You can also use availabilityZoneId as the filter name.
available-ip-address-count - The number of IPv4 addresses in the subnet that are available.
cidr-block - The IPv4 CIDR block of the subnet. The CIDR block you specify must exactly match the subnet's CIDR block for information to be returned for the subnet. You can also use cidr or cidrBlock as the filter names.
default-for-az - Indicates whether this is the default subnet for the Availability Zone. You can also use defaultForAz as the filter name.
ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.association-id - An association ID for an IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.state - The state of an IPv6 CIDR block associated with the subnet.
owner-id - The ID of the AWS account that owns the subnet.
state - The state of the subnet ( pending | available ).
subnet-arn - The Amazon Resource Name (ARN) of the subnet.
subnet-id - The ID of the subnet.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC for the subnet.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs. The filters supported by a describe operation are documented with the describe operation. For example:
DescribeAvailabilityZones
DescribeImages
DescribeInstances
DescribeKeyPairs
DescribeSecurityGroups
DescribeSnapshots
DescribeSubnets
DescribeTags
DescribeVolumes
DescribeVpcs
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
One or more filter values. Filter values are case-sensitive.
(string) --
list
One or more subnet IDs.
Default: Describes all your subnets.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'Subnets': [
{
'AvailabilityZone': 'string',
'AvailabilityZoneId': 'string',
'AvailableIpAddressCount': 123,
'CidrBlock': 'string',
'DefaultForAz': True|False,
'MapPublicIpOnLaunch': True|False,
'State': 'pending'|'available',
'SubnetId': 'string',
'VpcId': 'string',
'OwnerId': 'string',
'AssignIpv6AddressOnCreation': True|False,
'Ipv6CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'Ipv6CidrBlock': 'string',
'Ipv6CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'SubnetArn': 'string'
},
]
}
Response Structure
(dict) --
Subnets (list) --
Information about one or more subnets.
(dict) --
Describes a subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the AWS account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an IPv6 CIDR block associated with a subnet.
AssociationId (string) --
The association ID for the CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
{'Vpcs': {'OwnerId': 'string'}}
Describes one or more of your VPCs.
See also: AWS API Documentation
Request Syntax
client.describe_vpcs(
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
VpcIds=[
'string',
],
DryRun=True|False
)
list
One or more filters.
cidr - The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, /28 ).
cidr-block-association.cidr-block - An IPv4 CIDR block associated with the VPC.
cidr-block-association.association-id - The association ID for an IPv4 CIDR block associated with the VPC.
cidr-block-association.state - The state of an IPv4 CIDR block associated with the VPC.
dhcp-options-id - The ID of a set of DHCP options.
ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.association-id - The association ID for an IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.state - The state of an IPv6 CIDR block associated with the VPC.
isDefault - Indicates whether the VPC is the default VPC.
owner-id - The ID of the AWS account that owns the VPC.
state - The state of the VPC ( pending | available ).
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs. The filters supported by a describe operation are documented with the describe operation. For example:
DescribeAvailabilityZones
DescribeImages
DescribeInstances
DescribeKeyPairs
DescribeSecurityGroups
DescribeSnapshots
DescribeSubnets
DescribeTags
DescribeVolumes
DescribeVpcs
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
One or more filter values. Filter values are case-sensitive.
(string) --
list
One or more VPC IDs.
Default: Describes all your VPCs.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'Vpcs': [
{
'CidrBlock': 'string',
'DhcpOptionsId': 'string',
'State': 'pending'|'available',
'VpcId': 'string',
'OwnerId': 'string',
'InstanceTenancy': 'default'|'dedicated'|'host',
'Ipv6CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'Ipv6CidrBlock': 'string',
'Ipv6CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'CidrBlockAssociationSet': [
{
'AssociationId': 'string',
'CidrBlock': 'string',
'CidrBlockState': {
'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed',
'StatusMessage': 'string'
}
},
],
'IsDefault': True|False,
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
}
Response Structure
(dict) --
Vpcs (list) --
Information about one or more VPCs.
(dict) --
Describes a VPC.
CidrBlock (string) --
The primary IPv4 CIDR block for the VPC.
DhcpOptionsId (string) --
The ID of the set of DHCP options you've associated with the VPC (or default if the default options are associated with the VPC).
State (string) --
The current state of the VPC.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the AWS account that owns the VPC.
InstanceTenancy (string) --
The allowed tenancy of instances launched into the VPC.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv6 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv6 CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
CidrBlockAssociationSet (list) --
Information about the IPv4 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv4 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv4 CIDR block.
CidrBlock (string) --
The IPv4 CIDR block.
CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
IsDefault (boolean) --
Indicates whether the VPC is the default VPC.
Tags (list) --
Any tags assigned to the VPC.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.