2024/08/08 - Amazon Elastic Compute Cloud - 15 updated api methods
Changes Launch of private IPv6 addressing for VPCs and Subnets. VPC IPAM supports the planning and monitoring of private IPv6 usage.
{'Ipv6CidrBlockAssociation': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | private'}}
Associates a CIDR block with your subnet. You can only associate a single IPv6 CIDR block with your subnet.
See also: AWS API Documentation
Request Syntax
client.associate_subnet_cidr_block( Ipv6CidrBlock='string', SubnetId='string', Ipv6IpamPoolId='string', Ipv6NetmaskLength=123 )
string
The IPv6 CIDR block for your subnet.
string
[REQUIRED]
The ID of your subnet.
string
An IPv6 IPAM pool ID.
integer
An IPv6 netmask length.
dict
Response Syntax
{ 'Ipv6CidrBlockAssociation': { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, 'SubnetId': 'string' }
Response Structure
(dict) --
Ipv6CidrBlockAssociation (dict) --
Information about the IPv6 association.
AssociationId (string) --
The ID of the association.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
The state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
SubnetId (string) --
The ID of the subnet.
{'Ipv6CidrBlockAssociation': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | private'}}
Associates a CIDR block with your VPC. You can associate a secondary IPv4 CIDR block, an Amazon-provided IPv6 CIDR block, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses ( BYOIP ).
You must specify one of the following in the request: an IPv4 CIDR block, an IPv6 pool, or an Amazon-provided IPv6 CIDR block.
For more information about associating CIDR blocks with your VPC and applicable restrictions, see IP addressing for your VPCs and subnets in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.associate_vpc_cidr_block( AmazonProvidedIpv6CidrBlock=True|False, CidrBlock='string', VpcId='string', Ipv6CidrBlockNetworkBorderGroup='string', Ipv6Pool='string', Ipv6CidrBlock='string', Ipv4IpamPoolId='string', Ipv4NetmaskLength=123, Ipv6IpamPoolId='string', Ipv6NetmaskLength=123 )
boolean
Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.
string
An IPv4 CIDR block to associate with the VPC.
string
[REQUIRED]
The ID of the VPC.
string
The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the CIDR block to this location.
You must set AmazonProvidedIpv6CidrBlock to true to use this parameter.
You can have one IPv6 CIDR block association per network border group.
string
The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.
string
An IPv6 CIDR block from the IPv6 address pool. You must also specify Ipv6Pool in the request.
To let Amazon choose the IPv6 CIDR block for you, omit this parameter.
string
Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see What is IPAM? in the Amazon VPC IPAM User Guide .
integer
The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide .
string
Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see What is IPAM? in the Amazon VPC IPAM User Guide .
integer
The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide .
dict
Response Syntax
{ 'Ipv6CidrBlockAssociation': { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'NetworkBorderGroup': 'string', 'Ipv6Pool': 'string', 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, 'CidrBlockAssociation': { 'AssociationId': 'string', 'CidrBlock': 'string', 'CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' } }, 'VpcId': 'string' }
Response Structure
(dict) --
Ipv6CidrBlockAssociation (dict) --
Information about the IPv6 CIDR block association.
AssociationId (string) --
The association ID for the IPv6 CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
NetworkBorderGroup (string) --
The name of the unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses, for example, us-east-1-wl1-bos-wlz-1 .
Ipv6Pool (string) --
The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
CidrBlockAssociation (dict) --
Information about the IPv4 CIDR block association.
AssociationId (string) --
The association ID for the IPv4 CIDR block.
CidrBlock (string) --
The IPv4 CIDR block.
CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
VpcId (string) --
The ID of the VPC.
{'Subnet': {'Ipv6CidrBlockAssociationSet': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | ' 'private'}}}
Creates a default subnet with a size /20 IPv4 CIDR block in the specified Availability Zone in your default VPC. You can have only one default subnet per Availability Zone. For more information, see Create a default subnet in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.create_default_subnet( AvailabilityZone='string', DryRun=True|False, Ipv6Native=True|False )
string
[REQUIRED]
The Availability Zone in which to create the default subnet.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
boolean
Indicates whether to create an IPv6 only subnet. If you already have a default subnet for this Availability Zone, you must delete it before you can create an IPv6 only subnet.
dict
Response Syntax
{ 'Subnet': { 'AvailabilityZone': 'string', 'AvailabilityZoneId': 'string', 'AvailableIpAddressCount': 123, 'CidrBlock': 'string', 'DefaultForAz': True|False, 'EnableLniAtDeviceIndex': 123, 'MapPublicIpOnLaunch': True|False, 'MapCustomerOwnedIpOnLaunch': True|False, 'CustomerOwnedIpv4Pool': 'string', 'State': 'pending'|'available'|'unavailable', 'SubnetId': 'string', 'VpcId': 'string', 'OwnerId': 'string', 'AssignIpv6AddressOnCreation': True|False, 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, ], 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'SubnetArn': 'string', 'OutpostArn': 'string', 'EnableDns64': True|False, 'Ipv6Native': True|False, 'PrivateDnsNameOptionsOnLaunch': { 'HostnameType': 'ip-name'|'resource-name', 'EnableResourceNameDnsARecord': True|False, 'EnableResourceNameDnsAAAARecord': True|False } } }
Response Structure
(dict) --
Subnet (dict) --
Information about the subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
EnableLniAtDeviceIndex (integer) --
Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page.
MapCustomerOwnedIpOnLaunch (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives a customer-owned IPv4 address.
CustomerOwnedIpv4Pool (string) --
The customer-owned IPv4 address pool associated with the subnet.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an association between a subnet and an IPv6 CIDR block.
AssociationId (string) --
The ID of the association.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
The state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
OutpostArn (string) --
The Amazon Resource Name (ARN) of the Outpost.
EnableDns64 (boolean) --
Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
Ipv6Native (boolean) --
Indicates whether this is an IPv6 only subnet.
PrivateDnsNameOptionsOnLaunch (dict) --
The type of hostnames to assign to instances in the subnet at launch. An instance hostname is based on the IPv4 address or ID of the instance.
HostnameType (string) --
The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.
EnableResourceNameDnsARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
EnableResourceNameDnsAAAARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.
{'Vpc': {'Ipv6CidrBlockAssociationSet': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | ' 'private'}}}
Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet in each Availability Zone. For more information about the components of a default VPC, see Default VPCs in the Amazon VPC User Guide . You cannot specify the components of the default VPC yourself.
If you deleted your previous default VPC, you can create a default VPC. You cannot have more than one default VPC per Region.
See also: AWS API Documentation
Request Syntax
client.create_default_vpc( DryRun=True|False )
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{ 'Vpc': { 'CidrBlock': 'string', 'DhcpOptionsId': 'string', 'State': 'pending'|'available', 'VpcId': 'string', 'OwnerId': 'string', 'InstanceTenancy': 'default'|'dedicated'|'host', 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'NetworkBorderGroup': 'string', 'Ipv6Pool': 'string', 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, ], 'CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'CidrBlock': 'string', 'CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' } }, ], 'IsDefault': True|False, 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] } }
Response Structure
(dict) --
Vpc (dict) --
Information about the VPC.
CidrBlock (string) --
The primary IPv4 CIDR block for the VPC.
DhcpOptionsId (string) --
The ID of the set of DHCP options you've associated with the VPC.
State (string) --
The current state of the VPC.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the VPC.
InstanceTenancy (string) --
The allowed tenancy of instances launched into the VPC.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv6 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv6 CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
NetworkBorderGroup (string) --
The name of the unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses, for example, us-east-1-wl1-bos-wlz-1 .
Ipv6Pool (string) --
The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
CidrBlockAssociationSet (list) --
Information about the IPv4 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv4 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv4 CIDR block.
CidrBlock (string) --
The IPv4 CIDR block.
CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
IsDefault (boolean) --
Indicates whether the VPC is the default VPC.
Tags (list) --
Any tags assigned to the VPC.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
{'EnablePrivateGua': 'boolean'}Response
{'Ipam': {'EnablePrivateGua': 'boolean'}}
Create an IPAM. Amazon VPC IP Address Manager (IPAM) is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts throughout your Amazon Web Services Organization.
For more information, see Create an IPAM in the Amazon VPC IPAM User Guide .
See also: AWS API Documentation
Request Syntax
client.create_ipam( DryRun=True|False, Description='string', OperatingRegions=[ { 'RegionName': 'string' }, ], TagSpecifications=[ { 'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint'|'ipam-external-resource-verification-token', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, ], ClientToken='string', Tier='free'|'advanced', EnablePrivateGua=True|False )
boolean
A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
A description for the IPAM.
list
The operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
(dict) --
Add an operating Region to an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
RegionName (string) --
The name of the operating Region.
list
The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
(dict) --
The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.
Note
The Valid Values lists all the resource types that can be tagged. However, the action you're using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you're using, you'll get an error.
ResourceType (string) --
The type of resource to tag on creation.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring idempotency.
This field is autopopulated if not provided.
string
IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see Amazon VPC pricing > IPAM tab.
boolean
Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.
dict
Response Syntax
{ 'Ipam': { 'OwnerId': 'string', 'IpamId': 'string', 'IpamArn': 'string', 'IpamRegion': 'string', 'PublicDefaultScopeId': 'string', 'PrivateDefaultScopeId': 'string', 'ScopeCount': 123, 'Description': 'string', 'OperatingRegions': [ { 'RegionName': 'string' }, ], 'State': 'create-in-progress'|'create-complete'|'create-failed'|'modify-in-progress'|'modify-complete'|'modify-failed'|'delete-in-progress'|'delete-complete'|'delete-failed'|'isolate-in-progress'|'isolate-complete'|'restore-in-progress', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'DefaultResourceDiscoveryId': 'string', 'DefaultResourceDiscoveryAssociationId': 'string', 'ResourceDiscoveryAssociationCount': 123, 'StateMessage': 'string', 'Tier': 'free'|'advanced', 'EnablePrivateGua': True|False } }
Response Structure
(dict) --
Ipam (dict) --
Information about the IPAM created.
OwnerId (string) --
The Amazon Web Services account ID of the owner of the IPAM.
IpamId (string) --
The ID of the IPAM.
IpamArn (string) --
The Amazon Resource Name (ARN) of the IPAM.
IpamRegion (string) --
The Amazon Web Services Region of the IPAM.
PublicDefaultScopeId (string) --
The ID of the IPAM's default public scope.
PrivateDefaultScopeId (string) --
The ID of the IPAM's default private scope.
ScopeCount (integer) --
The number of scopes in the IPAM. The scope quota is 5. For more information on quotas, see Quotas in IPAM in the Amazon VPC IPAM User Guide .
Description (string) --
The description for the IPAM.
OperatingRegions (list) --
The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
(dict) --
The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
RegionName (string) --
The name of the operating Region.
State (string) --
The state of the IPAM.
Tags (list) --
The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
DefaultResourceDiscoveryId (string) --
The IPAM's default resource discovery ID.
DefaultResourceDiscoveryAssociationId (string) --
The IPAM's default resource discovery association ID.
ResourceDiscoveryAssociationCount (integer) --
The IPAM's resource discovery association count.
StateMessage (string) --
The state message.
Tier (string) --
IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see Amazon VPC pricing > IPAM tab.
EnablePrivateGua (boolean) --
Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.
{'Subnet': {'Ipv6CidrBlockAssociationSet': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | ' 'private'}}}
Creates a subnet in the specified VPC. For an IPv4 only subnet, specify an IPv4 CIDR block. If the VPC has an IPv6 CIDR block, you can create an IPv6 only subnet or a dual stack subnet instead. For an IPv6 only subnet, specify an IPv6 CIDR block. For a dual stack subnet, specify both an IPv4 CIDR block and an IPv6 CIDR block.
A subnet CIDR block must not overlap the CIDR block of an existing subnet in the VPC. After you create a subnet, you can't change its CIDR block.
The allowed size for an IPv4 subnet is between a /28 netmask (16 IP addresses) and a /16 netmask (65,536 IP addresses). Amazon Web Services reserves both the first four and the last IPv4 address in each subnet's CIDR block. They're not available for your use.
If you've associated an IPv6 CIDR block with your VPC, you can associate an IPv6 CIDR block with a subnet when you create it.
If you add more than one subnet to a VPC, they're set up in a star topology with a logical router in the middle.
When you stop an instance in a subnet, it retains its private IPv4 address. It's therefore possible to have a subnet with no running instances (they're all stopped), but no remaining IP addresses available.
For more information, see Subnets in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.create_subnet( TagSpecifications=[ { 'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint'|'ipam-external-resource-verification-token', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, ], AvailabilityZone='string', AvailabilityZoneId='string', CidrBlock='string', Ipv6CidrBlock='string', OutpostArn='string', VpcId='string', DryRun=True|False, Ipv6Native=True|False, Ipv4IpamPoolId='string', Ipv4NetmaskLength=123, Ipv6IpamPoolId='string', Ipv6NetmaskLength=123 )
list
The tags to assign to the subnet.
(dict) --
The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.
Note
The Valid Values lists all the resource types that can be tagged. However, the action you're using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you're using, you'll get an error.
ResourceType (string) --
The type of resource to tag on creation.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
string
The Availability Zone or Local Zone for the subnet.
Default: Amazon Web Services selects one for you. If you create more than one subnet in your VPC, we do not necessarily select a different zone for each subnet.
To create a subnet in a Local Zone, set this value to the Local Zone ID, for example us-west-2-lax-1a . For information about the Regions that support Local Zones, see Available Local Zones.
To create a subnet in an Outpost, set this value to the Availability Zone for the Outpost and specify the Outpost ARN.
string
The AZ ID or the Local Zone ID of the subnet.
string
The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24 . We modify the specified CIDR block to its canonical form; for example, if you specify 100.68.0.18/18 , we modify it to 100.68.0.0/18 .
This parameter is not supported for an IPv6 only subnet.
string
The IPv6 network range for the subnet, in CIDR notation. This parameter is required for an IPv6 only subnet.
string
The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost ARN, you must also specify the Availability Zone of the Outpost subnet.
string
[REQUIRED]
The ID of the VPC.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
boolean
Indicates whether to create an IPv6 only subnet.
string
An IPv4 IPAM pool ID for the subnet.
integer
An IPv4 netmask length for the subnet.
string
An IPv6 IPAM pool ID for the subnet.
integer
An IPv6 netmask length for the subnet.
dict
Response Syntax
{ 'Subnet': { 'AvailabilityZone': 'string', 'AvailabilityZoneId': 'string', 'AvailableIpAddressCount': 123, 'CidrBlock': 'string', 'DefaultForAz': True|False, 'EnableLniAtDeviceIndex': 123, 'MapPublicIpOnLaunch': True|False, 'MapCustomerOwnedIpOnLaunch': True|False, 'CustomerOwnedIpv4Pool': 'string', 'State': 'pending'|'available'|'unavailable', 'SubnetId': 'string', 'VpcId': 'string', 'OwnerId': 'string', 'AssignIpv6AddressOnCreation': True|False, 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, ], 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'SubnetArn': 'string', 'OutpostArn': 'string', 'EnableDns64': True|False, 'Ipv6Native': True|False, 'PrivateDnsNameOptionsOnLaunch': { 'HostnameType': 'ip-name'|'resource-name', 'EnableResourceNameDnsARecord': True|False, 'EnableResourceNameDnsAAAARecord': True|False } } }
Response Structure
(dict) --
Subnet (dict) --
Information about the subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
EnableLniAtDeviceIndex (integer) --
Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page.
MapCustomerOwnedIpOnLaunch (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives a customer-owned IPv4 address.
CustomerOwnedIpv4Pool (string) --
The customer-owned IPv4 address pool associated with the subnet.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an association between a subnet and an IPv6 CIDR block.
AssociationId (string) --
The ID of the association.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
The state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
OutpostArn (string) --
The Amazon Resource Name (ARN) of the Outpost.
EnableDns64 (boolean) --
Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
Ipv6Native (boolean) --
Indicates whether this is an IPv6 only subnet.
PrivateDnsNameOptionsOnLaunch (dict) --
The type of hostnames to assign to instances in the subnet at launch. An instance hostname is based on the IPv4 address or ID of the instance.
HostnameType (string) --
The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.
EnableResourceNameDnsARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
EnableResourceNameDnsAAAARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.
{'Vpc': {'Ipv6CidrBlockAssociationSet': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | ' 'private'}}}
Creates a VPC with the specified CIDR blocks. For more information, see IP addressing for your VPCs and subnets in the Amazon VPC User Guide .
You can optionally request an IPv6 CIDR block for the VPC. You can request an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses ( BYOIP ).
By default, each instance that you launch in the VPC has the default DHCP options, which include only a default DNS server that we provide (AmazonProvidedDNS). For more information, see DHCP option sets in the Amazon VPC User Guide .
You can specify the instance tenancy value for the VPC when you create it. You can't change this value for the VPC after you create it. For more information, see Dedicated Instances in the Amazon EC2 User Guide .
See also: AWS API Documentation
Request Syntax
client.create_vpc( CidrBlock='string', AmazonProvidedIpv6CidrBlock=True|False, Ipv6Pool='string', Ipv6CidrBlock='string', Ipv4IpamPoolId='string', Ipv4NetmaskLength=123, Ipv6IpamPoolId='string', Ipv6NetmaskLength=123, DryRun=True|False, InstanceTenancy='default'|'dedicated'|'host', Ipv6CidrBlockNetworkBorderGroup='string', TagSpecifications=[ { 'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint'|'ipam-external-resource-verification-token', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, ] )
string
The IPv4 network range for the VPC, in CIDR notation. For example, 10.0.0.0/16 . We modify the specified CIDR block to its canonical form; for example, if you specify 100.68.0.18/18 , we modify it to 100.68.0.0/18 .
boolean
Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block.
string
The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.
string
The IPv6 CIDR block from the IPv6 address pool. You must also specify Ipv6Pool in the request.
To let Amazon choose the IPv6 CIDR block for you, omit this parameter.
string
The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide .
integer
The netmask length of the IPv4 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide .
string
The ID of an IPv6 IPAM pool which will be used to allocate this VPC an IPv6 CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts throughout your Amazon Web Services Organization. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide .
integer
The netmask length of the IPv6 CIDR you want to allocate to this VPC from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see What is IPAM? in the Amazon VPC IPAM User Guide .
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The tenancy options for instances launched into the VPC. For default , instances are launched with shared tenancy by default. You can launch instances with any tenancy into a shared tenancy VPC. For dedicated , instances are launched as dedicated tenancy instances by default. You can only launch instances with a tenancy of dedicated or host into a dedicated tenancy VPC.
Important: The host value cannot be used with this parameter. Use the default or dedicated values only.
Default: default
string
The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the address to this location.
You must set AmazonProvidedIpv6CidrBlock to true to use this parameter.
list
The tags to assign to the VPC.
(dict) --
The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.
Note
The Valid Values lists all the resource types that can be tagged. However, the action you're using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you're using, you'll get an error.
ResourceType (string) --
The type of resource to tag on creation.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
dict
Response Syntax
{ 'Vpc': { 'CidrBlock': 'string', 'DhcpOptionsId': 'string', 'State': 'pending'|'available', 'VpcId': 'string', 'OwnerId': 'string', 'InstanceTenancy': 'default'|'dedicated'|'host', 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'NetworkBorderGroup': 'string', 'Ipv6Pool': 'string', 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, ], 'CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'CidrBlock': 'string', 'CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' } }, ], 'IsDefault': True|False, 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] } }
Response Structure
(dict) --
Vpc (dict) --
Information about the VPC.
CidrBlock (string) --
The primary IPv4 CIDR block for the VPC.
DhcpOptionsId (string) --
The ID of the set of DHCP options you've associated with the VPC.
State (string) --
The current state of the VPC.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the VPC.
InstanceTenancy (string) --
The allowed tenancy of instances launched into the VPC.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv6 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv6 CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
NetworkBorderGroup (string) --
The name of the unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses, for example, us-east-1-wl1-bos-wlz-1 .
Ipv6Pool (string) --
The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
CidrBlockAssociationSet (list) --
Information about the IPv4 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv4 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv4 CIDR block.
CidrBlock (string) --
The IPv4 CIDR block.
CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
IsDefault (boolean) --
Indicates whether the VPC is the default VPC.
Tags (list) --
Any tags assigned to the VPC.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
{'Ipam': {'EnablePrivateGua': 'boolean'}}
Delete an IPAM. Deleting an IPAM removes all monitored data associated with the IPAM including the historical data for CIDRs.
For more information, see Delete an IPAM in the Amazon VPC IPAM User Guide .
See also: AWS API Documentation
Request Syntax
client.delete_ipam( DryRun=True|False, IpamId='string', Cascade=True|False )
boolean
A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the IPAM to delete.
boolean
Enables you to quickly delete an IPAM, private scopes, pools in private scopes, and any allocations in the pools in private scopes. You cannot delete the IPAM with this option if there is a pool in your public scope. If you use this option, IPAM does the following:
Deallocates any CIDRs allocated to VPC resources (such as VPCs) in pools in private scopes.
Note
No VPC resources are deleted as a result of enabling this option. The CIDR associated with the resource will no longer be allocated from an IPAM pool, but the CIDR itself will remain unchanged.
Deprovisions all IPv4 CIDRs provisioned to IPAM pools in private scopes.
Deletes all IPAM pools in private scopes.
Deletes all non-default private scopes in the IPAM.
Deletes the default public and private scopes and the IPAM.
dict
Response Syntax
{ 'Ipam': { 'OwnerId': 'string', 'IpamId': 'string', 'IpamArn': 'string', 'IpamRegion': 'string', 'PublicDefaultScopeId': 'string', 'PrivateDefaultScopeId': 'string', 'ScopeCount': 123, 'Description': 'string', 'OperatingRegions': [ { 'RegionName': 'string' }, ], 'State': 'create-in-progress'|'create-complete'|'create-failed'|'modify-in-progress'|'modify-complete'|'modify-failed'|'delete-in-progress'|'delete-complete'|'delete-failed'|'isolate-in-progress'|'isolate-complete'|'restore-in-progress', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'DefaultResourceDiscoveryId': 'string', 'DefaultResourceDiscoveryAssociationId': 'string', 'ResourceDiscoveryAssociationCount': 123, 'StateMessage': 'string', 'Tier': 'free'|'advanced', 'EnablePrivateGua': True|False } }
Response Structure
(dict) --
Ipam (dict) --
Information about the results of the deletion.
OwnerId (string) --
The Amazon Web Services account ID of the owner of the IPAM.
IpamId (string) --
The ID of the IPAM.
IpamArn (string) --
The Amazon Resource Name (ARN) of the IPAM.
IpamRegion (string) --
The Amazon Web Services Region of the IPAM.
PublicDefaultScopeId (string) --
The ID of the IPAM's default public scope.
PrivateDefaultScopeId (string) --
The ID of the IPAM's default private scope.
ScopeCount (integer) --
The number of scopes in the IPAM. The scope quota is 5. For more information on quotas, see Quotas in IPAM in the Amazon VPC IPAM User Guide .
Description (string) --
The description for the IPAM.
OperatingRegions (list) --
The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
(dict) --
The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
RegionName (string) --
The name of the operating Region.
State (string) --
The state of the IPAM.
Tags (list) --
The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
DefaultResourceDiscoveryId (string) --
The IPAM's default resource discovery ID.
DefaultResourceDiscoveryAssociationId (string) --
The IPAM's default resource discovery association ID.
ResourceDiscoveryAssociationCount (integer) --
The IPAM's resource discovery association count.
StateMessage (string) --
The state message.
Tier (string) --
IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see Amazon VPC pricing > IPAM tab.
EnablePrivateGua (boolean) --
Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.
{'Ipams': {'EnablePrivateGua': 'boolean'}}
Get information about your IPAM pools.
For more information, see What is IPAM? in the Amazon VPC IPAM User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_ipams( DryRun=True|False, Filters=[ { 'Name': 'string', 'Values': [ 'string', ] }, ], MaxResults=123, NextToken='string', IpamIds=[ 'string', ] )
boolean
A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
list
One or more filters for the request. For more information about filtering, see Filtering CLI output.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.
(string) --
integer
The maximum number of results to return in the request.
string
The token for the next page of results.
list
The IDs of the IPAMs you want information on.
(string) --
dict
Response Syntax
{ 'NextToken': 'string', 'Ipams': [ { 'OwnerId': 'string', 'IpamId': 'string', 'IpamArn': 'string', 'IpamRegion': 'string', 'PublicDefaultScopeId': 'string', 'PrivateDefaultScopeId': 'string', 'ScopeCount': 123, 'Description': 'string', 'OperatingRegions': [ { 'RegionName': 'string' }, ], 'State': 'create-in-progress'|'create-complete'|'create-failed'|'modify-in-progress'|'modify-complete'|'modify-failed'|'delete-in-progress'|'delete-complete'|'delete-failed'|'isolate-in-progress'|'isolate-complete'|'restore-in-progress', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'DefaultResourceDiscoveryId': 'string', 'DefaultResourceDiscoveryAssociationId': 'string', 'ResourceDiscoveryAssociationCount': 123, 'StateMessage': 'string', 'Tier': 'free'|'advanced', 'EnablePrivateGua': True|False }, ] }
Response Structure
(dict) --
NextToken (string) --
The token to use to retrieve the next page of results. This value is null when there are no more results to return.
Ipams (list) --
Information about the IPAMs.
(dict) --
IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across Amazon Web Services Regions and accounts throughout your Amazon Web Services Organization. For more information, see What is IPAM? in the Amazon VPC IPAM User Guide .
OwnerId (string) --
The Amazon Web Services account ID of the owner of the IPAM.
IpamId (string) --
The ID of the IPAM.
IpamArn (string) --
The Amazon Resource Name (ARN) of the IPAM.
IpamRegion (string) --
The Amazon Web Services Region of the IPAM.
PublicDefaultScopeId (string) --
The ID of the IPAM's default public scope.
PrivateDefaultScopeId (string) --
The ID of the IPAM's default private scope.
ScopeCount (integer) --
The number of scopes in the IPAM. The scope quota is 5. For more information on quotas, see Quotas in IPAM in the Amazon VPC IPAM User Guide .
Description (string) --
The description for the IPAM.
OperatingRegions (list) --
The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
(dict) --
The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
RegionName (string) --
The name of the operating Region.
State (string) --
The state of the IPAM.
Tags (list) --
The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
DefaultResourceDiscoveryId (string) --
The IPAM's default resource discovery ID.
DefaultResourceDiscoveryAssociationId (string) --
The IPAM's default resource discovery association ID.
ResourceDiscoveryAssociationCount (integer) --
The IPAM's resource discovery association count.
StateMessage (string) --
The state message.
Tier (string) --
IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see Amazon VPC pricing > IPAM tab.
EnablePrivateGua (boolean) --
Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.
{'Subnets': {'Ipv6CidrBlockAssociationSet': {'IpSource': 'amazon | byoip | ' 'none', 'Ipv6AddressAttribute': 'public | ' 'private'}}}
Describes your subnets. The default is to describe all your subnets. Alternatively, you can specify specific subnet IDs or filter the results to include only the subnets that match specific criteria.
For more information, see Subnets in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_subnets( Filters=[ { 'Name': 'string', 'Values': [ 'string', ] }, ], SubnetIds=[ 'string', ], DryRun=True|False, NextToken='string', MaxResults=123 )
list
The filters.
availability-zone - The Availability Zone for the subnet. You can also use availabilityZone as the filter name.
availability-zone-id - The ID of the Availability Zone for the subnet. You can also use availabilityZoneId as the filter name.
available-ip-address-count - The number of IPv4 addresses in the subnet that are available.
cidr-block - The IPv4 CIDR block of the subnet. The CIDR block you specify must exactly match the subnet's CIDR block for information to be returned for the subnet. You can also use cidr or cidrBlock as the filter names.
customer-owned-ipv4-pool - The customer-owned IPv4 address pool associated with the subnet.
default-for-az - Indicates whether this is the default subnet for the Availability Zone ( true | false ). You can also use defaultForAz as the filter name.
enable-dns64 - Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
enable-lni-at-device-index - Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).
ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.association-id - An association ID for an IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.state - The state of an IPv6 CIDR block associated with the subnet.
ipv6-native - Indicates whether this is an IPv6 only subnet ( true | false ).
map-customer-owned-ip-on-launch - Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives a customer-owned IPv4 address.
map-public-ip-on-launch - Indicates whether instances launched in this subnet receive a public IPv4 address.
outpost-arn - The Amazon Resource Name (ARN) of the Outpost.
owner-id - The ID of the Amazon Web Services account that owns the subnet.
private-dns-name-options-on-launch.hostname-type - The type of hostname to assign to instances in the subnet at launch. For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name).
private-dns-name-options-on-launch.enable-resource-name-dns-a-record - Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
private-dns-name-options-on-launch.enable-resource-name-dns-aaaa-record - Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.
state - The state of the subnet ( pending | available ).
subnet-arn - The Amazon Resource Name (ARN) of the subnet.
subnet-id - The ID of the subnet.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC for the subnet.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.
(string) --
list
The IDs of the subnets.
Default: Describes all your subnets.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
integer
The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, see Pagination.
dict
Response Syntax
{ 'Subnets': [ { 'AvailabilityZone': 'string', 'AvailabilityZoneId': 'string', 'AvailableIpAddressCount': 123, 'CidrBlock': 'string', 'DefaultForAz': True|False, 'EnableLniAtDeviceIndex': 123, 'MapPublicIpOnLaunch': True|False, 'MapCustomerOwnedIpOnLaunch': True|False, 'CustomerOwnedIpv4Pool': 'string', 'State': 'pending'|'available'|'unavailable', 'SubnetId': 'string', 'VpcId': 'string', 'OwnerId': 'string', 'AssignIpv6AddressOnCreation': True|False, 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, ], 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'SubnetArn': 'string', 'OutpostArn': 'string', 'EnableDns64': True|False, 'Ipv6Native': True|False, 'PrivateDnsNameOptionsOnLaunch': { 'HostnameType': 'ip-name'|'resource-name', 'EnableResourceNameDnsARecord': True|False, 'EnableResourceNameDnsAAAARecord': True|False } }, ], 'NextToken': 'string' }
Response Structure
(dict) --
Subnets (list) --
Information about the subnets.
(dict) --
Describes a subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
EnableLniAtDeviceIndex (integer) --
Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
Amazon Web Services charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page.
MapCustomerOwnedIpOnLaunch (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives a customer-owned IPv4 address.
CustomerOwnedIpv4Pool (string) --
The customer-owned IPv4 address pool associated with the subnet.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an association between a subnet and an IPv6 CIDR block.
AssociationId (string) --
The ID of the association.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
The state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
OutpostArn (string) --
The Amazon Resource Name (ARN) of the Outpost.
EnableDns64 (boolean) --
Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
Ipv6Native (boolean) --
Indicates whether this is an IPv6 only subnet.
PrivateDnsNameOptionsOnLaunch (dict) --
The type of hostnames to assign to instances in the subnet at launch. An instance hostname is based on the IPv4 address or ID of the instance.
HostnameType (string) --
The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.
EnableResourceNameDnsARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
EnableResourceNameDnsAAAARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.
NextToken (string) --
The token to include in another request to get the next page of items. This value is null when there are no more items to return.
{'Vpcs': {'Ipv6CidrBlockAssociationSet': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | ' 'private'}}}
Describes your VPCs. The default is to describe all your VPCs. Alternatively, you can specify specific VPC IDs or filter the results to include only the VPCs that match specific criteria.
See also: AWS API Documentation
Request Syntax
client.describe_vpcs( Filters=[ { 'Name': 'string', 'Values': [ 'string', ] }, ], VpcIds=[ 'string', ], DryRun=True|False, NextToken='string', MaxResults=123 )
list
The filters.
cidr - The primary IPv4 CIDR block of the VPC. The CIDR block you specify must exactly match the VPC's CIDR block for information to be returned for the VPC. Must contain the slash followed by one or two digits (for example, /28 ).
cidr-block-association.cidr-block - An IPv4 CIDR block associated with the VPC.
cidr-block-association.association-id - The association ID for an IPv4 CIDR block associated with the VPC.
cidr-block-association.state - The state of an IPv4 CIDR block associated with the VPC.
dhcp-options-id - The ID of a set of DHCP options.
ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.ipv6-pool - The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
ipv6-cidr-block-association.association-id - The association ID for an IPv6 CIDR block associated with the VPC.
ipv6-cidr-block-association.state - The state of an IPv6 CIDR block associated with the VPC.
is-default - Indicates whether the VPC is the default VPC.
owner-id - The ID of the Amazon Web Services account that owns the VPC.
state - The state of the VPC ( pending | available ).
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.
(string) --
list
The IDs of the VPCs.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
integer
The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, see Pagination.
dict
Response Syntax
{ 'Vpcs': [ { 'CidrBlock': 'string', 'DhcpOptionsId': 'string', 'State': 'pending'|'available', 'VpcId': 'string', 'OwnerId': 'string', 'InstanceTenancy': 'default'|'dedicated'|'host', 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'NetworkBorderGroup': 'string', 'Ipv6Pool': 'string', 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, ], 'CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'CidrBlock': 'string', 'CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' } }, ], 'IsDefault': True|False, 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, ], 'NextToken': 'string' }
Response Structure
(dict) --
Vpcs (list) --
Information about the VPCs.
(dict) --
Describes a VPC.
CidrBlock (string) --
The primary IPv4 CIDR block for the VPC.
DhcpOptionsId (string) --
The ID of the set of DHCP options you've associated with the VPC.
State (string) --
The current state of the VPC.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the VPC.
InstanceTenancy (string) --
The allowed tenancy of instances launched into the VPC.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv6 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv6 CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
NetworkBorderGroup (string) --
The name of the unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses, for example, us-east-1-wl1-bos-wlz-1 .
Ipv6Pool (string) --
The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
CidrBlockAssociationSet (list) --
Information about the IPv4 CIDR blocks associated with the VPC.
(dict) --
Describes an IPv4 CIDR block associated with a VPC.
AssociationId (string) --
The association ID for the IPv4 CIDR block.
CidrBlock (string) --
The IPv4 CIDR block.
CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
IsDefault (boolean) --
Indicates whether the VPC is the default VPC.
Tags (list) --
Any tags assigned to the VPC.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
NextToken (string) --
The token to include in another request to get the next page of items. This value is null when there are no more items to return.
{'Ipv6CidrBlockAssociation': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | private'}}
Disassociates a CIDR block from a subnet. Currently, you can disassociate an IPv6 CIDR block only. You must detach or delete all gateways and resources that are associated with the CIDR block before you can disassociate it.
See also: AWS API Documentation
Request Syntax
client.disassociate_subnet_cidr_block( AssociationId='string' )
string
[REQUIRED]
The association ID for the CIDR block.
dict
Response Syntax
{ 'Ipv6CidrBlockAssociation': { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, 'SubnetId': 'string' }
Response Structure
(dict) --
Ipv6CidrBlockAssociation (dict) --
Information about the IPv6 CIDR block association.
AssociationId (string) --
The ID of the association.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
The state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
SubnetId (string) --
The ID of the subnet.
{'Ipv6CidrBlockAssociation': {'IpSource': 'amazon | byoip | none', 'Ipv6AddressAttribute': 'public | private'}}
Disassociates a CIDR block from a VPC. To disassociate the CIDR block, you must specify its association ID. You can get the association ID by using DescribeVpcs. You must detach or delete all gateways and resources that are associated with the CIDR block before you can disassociate it.
You cannot disassociate the CIDR block with which you originally created the VPC (the primary CIDR block).
See also: AWS API Documentation
Request Syntax
client.disassociate_vpc_cidr_block( AssociationId='string' )
string
[REQUIRED]
The association ID for the CIDR block.
dict
Response Syntax
{ 'Ipv6CidrBlockAssociation': { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' }, 'NetworkBorderGroup': 'string', 'Ipv6Pool': 'string', 'Ipv6AddressAttribute': 'public'|'private', 'IpSource': 'amazon'|'byoip'|'none' }, 'CidrBlockAssociation': { 'AssociationId': 'string', 'CidrBlock': 'string', 'CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' } }, 'VpcId': 'string' }
Response Structure
(dict) --
Ipv6CidrBlockAssociation (dict) --
Information about the IPv6 CIDR block association.
AssociationId (string) --
The association ID for the IPv6 CIDR block.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
NetworkBorderGroup (string) --
The name of the unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses, for example, us-east-1-wl1-bos-wlz-1 .
Ipv6Pool (string) --
The ID of the IPv6 address pool from which the IPv6 CIDR block is allocated.
Ipv6AddressAttribute (string) --
Public IPv6 addresses are those advertised on the internet from Amazon Web Services. Private IP addresses are not and cannot be advertised on the internet from Amazon Web Services.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
CidrBlockAssociation (dict) --
Information about the IPv4 CIDR block association.
AssociationId (string) --
The association ID for the IPv4 CIDR block.
CidrBlock (string) --
The IPv4 CIDR block.
CidrBlockState (dict) --
Information about the state of the CIDR block.
State (string) --
The state of the CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
VpcId (string) --
The ID of the VPC.
{'IpamDiscoveredResourceCidrs': {'IpSource': 'amazon | byoip | none'}}
Returns the resource CIDRs that are monitored as part of a resource discovery. A discovered resource is a resource CIDR monitored under a resource discovery. The following resources can be discovered: VPCs, Public IPv4 pools, VPC subnets, and Elastic IP addresses.
See also: AWS API Documentation
Request Syntax
client.get_ipam_discovered_resource_cidrs( DryRun=True|False, IpamResourceDiscoveryId='string', ResourceRegion='string', Filters=[ { 'Name': 'string', 'Values': [ 'string', ] }, ], NextToken='string', MaxResults=123 )
boolean
A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
A resource discovery ID.
string
[REQUIRED]
A resource Region.
list
Filters.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.
(string) --
string
Specify the pagination token from a previous request to retrieve the next page of results.
integer
The maximum number of discovered resource CIDRs to return in one page of results.
dict
Response Syntax
{ 'IpamDiscoveredResourceCidrs': [ { 'IpamResourceDiscoveryId': 'string', 'ResourceRegion': 'string', 'ResourceId': 'string', 'ResourceOwnerId': 'string', 'ResourceCidr': 'string', 'IpSource': 'amazon'|'byoip'|'none', 'ResourceType': 'vpc'|'subnet'|'eip'|'public-ipv4-pool'|'ipv6-pool'|'eni', 'ResourceTags': [ { 'Key': 'string', 'Value': 'string' }, ], 'IpUsage': 123.0, 'VpcId': 'string', 'NetworkInterfaceAttachmentStatus': 'available'|'in-use', 'SampleTime': datetime(2015, 1, 1), 'AvailabilityZoneId': 'string' }, ], 'NextToken': 'string' }
Response Structure
(dict) --
IpamDiscoveredResourceCidrs (list) --
Discovered resource CIDRs.
(dict) --
An IPAM discovered resource CIDR. A discovered resource is a resource CIDR monitored under a resource discovery. The following resources can be discovered: VPCs, Public IPv4 pools, VPC subnets, and Elastic IP addresses. The discovered resource CIDR is the IP address range in CIDR notation that is associated with the resource.
IpamResourceDiscoveryId (string) --
The resource discovery ID.
ResourceRegion (string) --
The resource Region.
ResourceId (string) --
The resource ID.
ResourceOwnerId (string) --
The resource owner ID.
ResourceCidr (string) --
The resource CIDR.
IpSource (string) --
The source that allocated the IP address space. byoip or amazon indicates public IP address space allocated by Amazon or space that you have allocated with Bring your own IP (BYOIP). none indicates private space.
ResourceType (string) --
The resource type.
ResourceTags (list) --
The resource tags.
(dict) --
The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
Key (string) --
The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
Value (string) --
The value of the tag.
IpUsage (float) --
The percentage of IP address space in use. To convert the decimal to a percentage, multiply the decimal by 100. Note the following:
For resources that are VPCs, this is the percentage of IP address space in the VPC that's taken up by subnet CIDRs.
For resources that are subnets, if the subnet has an IPv4 CIDR provisioned to it, this is the percentage of IPv4 address space in the subnet that's in use. If the subnet has an IPv6 CIDR provisioned to it, the percentage of IPv6 address space in use is not represented. The percentage of IPv6 address space in use cannot currently be calculated.
For resources that are public IPv4 pools, this is the percentage of IP address space in the pool that's been allocated to Elastic IP addresses (EIPs).
VpcId (string) --
The VPC ID.
NetworkInterfaceAttachmentStatus (string) --
For elastic network interfaces, this is the status of whether or not the elastic network interface is attached.
SampleTime (datetime) --
The last successful resource discovery time.
AvailabilityZoneId (string) --
The Availability Zone ID.
NextToken (string) --
Specify the pagination token from a previous request to retrieve the next page of results.
{'EnablePrivateGua': 'boolean'}Response
{'Ipam': {'EnablePrivateGua': 'boolean'}}
Modify the configurations of an IPAM.
See also: AWS API Documentation
Request Syntax
client.modify_ipam( DryRun=True|False, IpamId='string', Description='string', AddOperatingRegions=[ { 'RegionName': 'string' }, ], RemoveOperatingRegions=[ { 'RegionName': 'string' }, ], Tier='free'|'advanced', EnablePrivateGua=True|False )
boolean
A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the IPAM you want to modify.
string
The description of the IPAM you want to modify.
list
Choose the operating Regions for the IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
(dict) --
Add an operating Region to an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
RegionName (string) --
The name of the operating Region.
list
The operating Regions to remove.
(dict) --
Remove an operating Region from an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide
RegionName (string) --
The name of the operating Region you want to remove.
string
IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see Amazon VPC pricing > IPAM tab.
boolean
Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.
dict
Response Syntax
{ 'Ipam': { 'OwnerId': 'string', 'IpamId': 'string', 'IpamArn': 'string', 'IpamRegion': 'string', 'PublicDefaultScopeId': 'string', 'PrivateDefaultScopeId': 'string', 'ScopeCount': 123, 'Description': 'string', 'OperatingRegions': [ { 'RegionName': 'string' }, ], 'State': 'create-in-progress'|'create-complete'|'create-failed'|'modify-in-progress'|'modify-complete'|'modify-failed'|'delete-in-progress'|'delete-complete'|'delete-failed'|'isolate-in-progress'|'isolate-complete'|'restore-in-progress', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'DefaultResourceDiscoveryId': 'string', 'DefaultResourceDiscoveryAssociationId': 'string', 'ResourceDiscoveryAssociationCount': 123, 'StateMessage': 'string', 'Tier': 'free'|'advanced', 'EnablePrivateGua': True|False } }
Response Structure
(dict) --
Ipam (dict) --
The results of the modification.
OwnerId (string) --
The Amazon Web Services account ID of the owner of the IPAM.
IpamId (string) --
The ID of the IPAM.
IpamArn (string) --
The Amazon Resource Name (ARN) of the IPAM.
IpamRegion (string) --
The Amazon Web Services Region of the IPAM.
PublicDefaultScopeId (string) --
The ID of the IPAM's default public scope.
PrivateDefaultScopeId (string) --
The ID of the IPAM's default private scope.
ScopeCount (integer) --
The number of scopes in the IPAM. The scope quota is 5. For more information on quotas, see Quotas in IPAM in the Amazon VPC IPAM User Guide .
Description (string) --
The description for the IPAM.
OperatingRegions (list) --
The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
(dict) --
The operating Regions for an IPAM. Operating Regions are Amazon Web Services Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services Regions you select as operating Regions.
For more information about operating Regions, see Create an IPAM in the Amazon VPC IPAM User Guide .
RegionName (string) --
The name of the operating Region.
State (string) --
The state of the IPAM.
Tags (list) --
The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
DefaultResourceDiscoveryId (string) --
The IPAM's default resource discovery ID.
DefaultResourceDiscoveryAssociationId (string) --
The IPAM's default resource discovery association ID.
ResourceDiscoveryAssociationCount (integer) --
The IPAM's resource discovery association count.
StateMessage (string) --
The state message.
Tier (string) --
IPAM is offered in a Free Tier and an Advanced Tier. For more information about the features available in each tier and the costs associated with the tiers, see Amazon VPC pricing > IPAM tab.
EnablePrivateGua (boolean) --
Enable this option to use your own GUA ranges as private IPv6 addresses. This option is disabled by default.