2023/03/30 - Amazon VPC Lattice - 52 new api methods
Changes General Availability (GA) release of Amazon VPC Lattice
Retrieves information about the specified target group.
See also: AWS API Documentation
Request Syntax
client.get_target_group(
targetGroupIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
dict
Response Syntax
{
'arn': 'string',
'config': {
'healthCheck': {
'enabled': True|False,
'healthCheckIntervalSeconds': 123,
'healthCheckTimeoutSeconds': 123,
'healthyThresholdCount': 123,
'matcher': {
'httpCode': 'string'
},
'path': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2',
'unhealthyThresholdCount': 123
},
'ipAddressType': 'IPV4'|'IPV6',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2'|'GRPC',
'vpcIdentifier': 'string'
},
'createdAt': datetime(2015, 1, 1),
'failureCode': 'string',
'failureMessage': 'string',
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'serviceArns': [
'string',
],
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED',
'type': 'IP'|'LAMBDA'|'INSTANCE'|'ALB'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the target group.
config (dict) --
The target group configuration.
healthCheck (dict) --
The health check configuration.
enabled (boolean) --
Indicates whether health checking is enabled.
healthCheckIntervalSeconds (integer) --
The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds.
healthCheckTimeoutSeconds (integer) --
The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1–120 seconds. The default is 5 seconds.
healthyThresholdCount (integer) --
The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2–10. The default is 5.
matcher (dict) --
The codes to use when checking for a successful response from a target. These are called Success codes in the console.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: httpCode. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
httpCode (string) --
The HTTP code to use when checking for a successful response from a target.
path (string) --
The destination for health checks on the targets. If the protocol version is HTTP/1.1 or HTTP/2 , specify a valid URI (for example, /path?query ). The default path is / . Health checks are not supported if the protocol version is gRPC , however, you can choose HTTP/1.1 or HTTP/2 and specify a valid URI.
port (integer) --
The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.
protocol (string) --
The protocol used when performing health checks on targets. The possible protocols are HTTP and HTTPS . The default is HTTP .
protocolVersion (string) --
The protocol version used when performing health checks on targets. The possible protocol versions are HTTP1 and HTTP2 .
unhealthyThresholdCount (integer) --
The number of consecutive failed health checks required before considering a target unhealthy. The range is 2–10. The default is 2.
ipAddressType (string) --
The type of IP address used for the target group. The possible values are ipv4 and ipv6 . This is an optional parameter. If not specified, the IP address type defaults to ipv4 .
port (integer) --
The port on which the targets are listening. For HTTP, the default is 80 . For HTTPS, the default is 443
protocol (string) --
The protocol to use for routing traffic to the targets. Default is the protocol of a target group.
protocolVersion (string) --
The protocol version. Default value is HTTP1 .
vpcIdentifier (string) --
The ID of the VPC.
createdAt (datetime) --
The date and time that the target group was created, specified in ISO-8601 format.
failureCode (string) --
The failure code.
failureMessage (string) --
The failure message.
id (string) --
The ID of the target group.
lastUpdatedAt (datetime) --
The date and time that the target group was last updated, specified in ISO-8601 format.
name (string) --
The name of the target group.
serviceArns (list) --
The Amazon Resource Names (ARNs) of the service.
(string) --
status (string) --
The status.
type (string) --
The target group type.
Deletes a listener rule. Each listener has a default rule for checking connection requests, but you can define additional rules. Each rule consists of a priority, one or more actions, and one or more conditions. You can delete additional listener rules, but you cannot delete the default rule.
For more information, see Listener rules in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.delete_rule(
listenerIdentifier='string',
ruleIdentifier='string',
serviceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the rule.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{}
Response Structure
(dict) --
Creates a target group. A target group is a collection of targets, or compute resources, that run your application or service. A target group can only be used by a single service.
For more information, see Target groups in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.create_target_group(
clientToken='string',
config={
'healthCheck': {
'enabled': True|False,
'healthCheckIntervalSeconds': 123,
'healthCheckTimeoutSeconds': 123,
'healthyThresholdCount': 123,
'matcher': {
'httpCode': 'string'
},
'path': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2',
'unhealthyThresholdCount': 123
},
'ipAddressType': 'IPV4'|'IPV6',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2'|'GRPC',
'vpcIdentifier': 'string'
},
name='string',
tags={
'string': 'string'
},
type='IP'|'LAMBDA'|'INSTANCE'|'ALB'
)
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
dict
The target group configuration. If type is set to LAMBDA , this parameter doesn't apply.
healthCheck (dict) --
The health check configuration.
enabled (boolean) --
Indicates whether health checking is enabled.
healthCheckIntervalSeconds (integer) --
The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds.
healthCheckTimeoutSeconds (integer) --
The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1–120 seconds. The default is 5 seconds.
healthyThresholdCount (integer) --
The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2–10. The default is 5.
matcher (dict) --
The codes to use when checking for a successful response from a target. These are called Success codes in the console.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: httpCode.
httpCode (string) --
The HTTP code to use when checking for a successful response from a target.
path (string) --
The destination for health checks on the targets. If the protocol version is HTTP/1.1 or HTTP/2 , specify a valid URI (for example, /path?query ). The default path is / . Health checks are not supported if the protocol version is gRPC , however, you can choose HTTP/1.1 or HTTP/2 and specify a valid URI.
port (integer) --
The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.
protocol (string) --
The protocol used when performing health checks on targets. The possible protocols are HTTP and HTTPS . The default is HTTP .
protocolVersion (string) --
The protocol version used when performing health checks on targets. The possible protocol versions are HTTP1 and HTTP2 .
unhealthyThresholdCount (integer) --
The number of consecutive failed health checks required before considering a target unhealthy. The range is 2–10. The default is 2.
ipAddressType (string) --
The type of IP address used for the target group. The possible values are ipv4 and ipv6 . This is an optional parameter. If not specified, the IP address type defaults to ipv4 .
port (integer) -- [REQUIRED]
The port on which the targets are listening. For HTTP, the default is 80 . For HTTPS, the default is 443
protocol (string) -- [REQUIRED]
The protocol to use for routing traffic to the targets. Default is the protocol of a target group.
protocolVersion (string) --
The protocol version. Default value is HTTP1 .
vpcIdentifier (string) -- [REQUIRED]
The ID of the VPC.
string
[REQUIRED]
The name of the target group. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.
dict
The tags for the target group.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
string
[REQUIRED]
The type of target group.
dict
Response Syntax
{
'arn': 'string',
'config': {
'healthCheck': {
'enabled': True|False,
'healthCheckIntervalSeconds': 123,
'healthCheckTimeoutSeconds': 123,
'healthyThresholdCount': 123,
'matcher': {
'httpCode': 'string'
},
'path': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2',
'unhealthyThresholdCount': 123
},
'ipAddressType': 'IPV4'|'IPV6',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2'|'GRPC',
'vpcIdentifier': 'string'
},
'id': 'string',
'name': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED',
'type': 'IP'|'LAMBDA'|'INSTANCE'|'ALB'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the target group.
config (dict) --
The target group configuration. If type is set to LAMBDA , this parameter doesn't apply.
healthCheck (dict) --
The health check configuration.
enabled (boolean) --
Indicates whether health checking is enabled.
healthCheckIntervalSeconds (integer) --
The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds.
healthCheckTimeoutSeconds (integer) --
The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1–120 seconds. The default is 5 seconds.
healthyThresholdCount (integer) --
The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2–10. The default is 5.
matcher (dict) --
The codes to use when checking for a successful response from a target. These are called Success codes in the console.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: httpCode. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
httpCode (string) --
The HTTP code to use when checking for a successful response from a target.
path (string) --
The destination for health checks on the targets. If the protocol version is HTTP/1.1 or HTTP/2 , specify a valid URI (for example, /path?query ). The default path is / . Health checks are not supported if the protocol version is gRPC , however, you can choose HTTP/1.1 or HTTP/2 and specify a valid URI.
port (integer) --
The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.
protocol (string) --
The protocol used when performing health checks on targets. The possible protocols are HTTP and HTTPS . The default is HTTP .
protocolVersion (string) --
The protocol version used when performing health checks on targets. The possible protocol versions are HTTP1 and HTTP2 .
unhealthyThresholdCount (integer) --
The number of consecutive failed health checks required before considering a target unhealthy. The range is 2–10. The default is 2.
ipAddressType (string) --
The type of IP address used for the target group. The possible values are ipv4 and ipv6 . This is an optional parameter. If not specified, the IP address type defaults to ipv4 .
port (integer) --
The port on which the targets are listening. For HTTP, the default is 80 . For HTTPS, the default is 443
protocol (string) --
The protocol to use for routing traffic to the targets. Default is the protocol of a target group.
protocolVersion (string) --
The protocol version. Default value is HTTP1 .
vpcIdentifier (string) --
The ID of the VPC.
id (string) --
The ID of the target group.
name (string) --
The name of the target group.
status (string) --
The operation's status. You can retry the operation if the status is CREATE_FAILED . However, if you retry it while the status is CREATE_IN_PROGRESS , there is no change in the status.
type (string) --
The type of target group.
Lists the service network and VPC associations. You can filter the list either by VPC or service network. You must provide either the service network identifier or the VPC identifier.
See also: AWS API Documentation
Request Syntax
client.list_service_network_vpc_associations(
maxResults=123,
nextToken='string',
serviceNetworkIdentifier='string',
vpcIdentifier='string'
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
string
The ID or Amazon Resource Name (ARN) of the service network.
string
The ID or Amazon Resource Name (ARN) of the VPC.
dict
Response Syntax
{
'items': [
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'createdBy': 'string',
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'serviceNetworkArn': 'string',
'serviceNetworkId': 'string',
'serviceNetworkName': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'|'UPDATE_FAILED',
'vpcId': 'string'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the associations.
(dict) --
Summary information about an association between a service network and a VPC.
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdAt (datetime) --
The date and time that the association was created, specified in ISO-8601 format.
createdBy (string) --
The account that created the association.
id (string) --
The ID of the association.
lastUpdatedAt (datetime) --
The date and time that the association was last updated, specified in ISO-8601 format.
serviceNetworkArn (string) --
The Amazon Resource Name (ARN) of the service network.
serviceNetworkId (string) --
The ID of the service network.
serviceNetworkName (string) --
The name of the service network.
status (string) --
The status.
vpcId (string) --
The ID of the VPC.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
Lists the targets for the target group. By default, all targets are included. You can use this API to check the health status of targets. You can also filter the results by target.
See also: AWS API Documentation
Request Syntax
client.list_targets(
maxResults=123,
nextToken='string',
targetGroupIdentifier='string',
targets=[
{
'id': 'string',
'port': 123
},
]
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
list
The targets to list.
(dict) --
Describes a target.
id (string) -- [REQUIRED]
The ID of the target. If the target type of the target group is INSTANCE , this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA , this is the ARN of the Lambda function. If the target type is ALB , this is the ARN of the Application Load Balancer.
port (integer) --
The port on which the target is listening. For HTTP, the default is 80 . For HTTPS, the default is 443 .
dict
Response Syntax
{
'items': [
{
'id': 'string',
'port': 123,
'reasonCode': 'string',
'status': 'DRAINING'|'UNAVAILABLE'|'HEALTHY'|'UNHEALTHY'|'INITIAL'|'UNUSED'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the targets.
(dict) --
Summary information about a target.
id (string) --
The ID of the target. If the target type of the target group is INSTANCE , this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA , this is the ARN of the Lambda function. If the target type is ALB , this is the ARN of the Application Load Balancer.
port (integer) --
The port on which the target is listening.
reasonCode (string) --
The code for why the target status is what it is.
status (string) --
The status of the target.
Draining : The target is being deregistered. No new connections will be sent to this target while current connections are being drained. Default draining time is 5 minutes.
Unavailable : Health checks are unavailable for the target group.
Healthy : The target is healthy.
Unhealthy : The target is unhealthy.
Initial : Initial health checks on the target are being performed.
Unused : Target group is not used in a service.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
Updates the specified listener for the specified service.
See also: AWS API Documentation
Request Syntax
client.update_listener(
defaultAction={
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
listenerIdentifier='string',
serviceIdentifier='string'
)
dict
[REQUIRED]
The action for the default rule.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: fixedResponse, forward.
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) -- [REQUIRED]
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) -- [REQUIRED]
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) -- [REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'arn': 'string',
'defaultAction': {
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
'id': 'string',
'name': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'serviceArn': 'string',
'serviceId': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the listener.
defaultAction (dict) --
The action for the default rule.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: fixedResponse, forward. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) --
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) --
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) --
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
id (string) --
The ID of the listener.
name (string) --
The name of the listener.
port (integer) --
The listener port.
protocol (string) --
The protocol of the listener.
serviceArn (string) --
The Amazon Resource Name (ARN) of the service.
serviceId (string) --
The ID of the service.
Deletes the specified access log subscription.
See also: AWS API Documentation
Request Syntax
client.delete_access_log_subscription(
accessLogSubscriptionIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the access log subscription.
dict
Response Syntax
{}
Response Structure
(dict) --
Associates a VPC with a service network. When you associate a VPC with the service network, it enables all the resources within that VPC to be clients and communicate with other services in the service network. For more information, see Manage VPC associations in the Amazon VPC Lattice User Guide .
You can't use this operation if there is a disassociation in progress. If the association fails, retry by deleting the association and recreating it.
As a result of this operation, the association gets created in the service network account and the VPC owner account.
Once a security group is added to the VPC association it cannot be removed. You can add or update the security groups being used for the VPC association once a security group is attached. To remove all security groups you must reassociate the VPC.
See also: AWS API Documentation
Request Syntax
client.create_service_network_vpc_association(
clientToken='string',
securityGroupIds=[
'string',
],
serviceNetworkIdentifier='string',
tags={
'string': 'string'
},
vpcIdentifier='string'
)
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
list
The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see Control traffic to resources using security groups in the Amazon VPC User Guide .
(string) --
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network. You must use the ARN when the resources specified in the operation are in different accounts.
dict
The tags for the association.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
string
[REQUIRED]
The ID of the VPC.
dict
Response Syntax
{
'arn': 'string',
'createdBy': 'string',
'id': 'string',
'securityGroupIds': [
'string',
],
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'|'UPDATE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdBy (string) --
The account that created the association.
id (string) --
The ID of the association.
securityGroupIds (list) --
The IDs of the security groups.
(string) --
status (string) --
The operation's status.
Updates the service network and VPC association. Once you add a security group, it cannot be removed.
See also: AWS API Documentation
Request Syntax
client.update_service_network_vpc_association(
securityGroupIds=[
'string',
],
serviceNetworkVpcAssociationIdentifier='string'
)
list
[REQUIRED]
The IDs of the security groups. Once you add a security group, it cannot be removed.
(string) --
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the association.
dict
Response Syntax
{
'arn': 'string',
'createdBy': 'string',
'id': 'string',
'securityGroupIds': [
'string',
],
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'|'UPDATE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdBy (string) --
The account that created the association.
id (string) --
The ID of the association.
securityGroupIds (list) --
The IDs of the security groups.
(string) --
status (string) --
The status. You can retry the operation if the status is DELETE_FAILED . However, if you retry it while the status is DELETE_IN_PROGRESS , there is no change in the status.
Removes the specified tags from the specified resource.
See also: AWS API Documentation
Request Syntax
client.untag_resource(
resourceArn='string',
tagKeys=[
'string',
]
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource.
list
[REQUIRED]
The tag keys of the tags to remove.
(string) --
dict
Response Syntax
{}
Response Structure
(dict) --
Updates the specified service.
See also: AWS API Documentation
Request Syntax
client.update_service(
authType='NONE'|'AWS_IAM',
certificateArn='string',
serviceIdentifier='string'
)
string
The type of IAM policy.
NONE : The resource does not use an IAM policy. This is the default.
AWS_IAM : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.
string
The Amazon Resource Name (ARN) of the certificate.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'arn': 'string',
'authType': 'NONE'|'AWS_IAM',
'certificateArn': 'string',
'customDomainName': 'string',
'id': 'string',
'name': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the service.
authType (string) --
The type of IAM policy.
certificateArn (string) --
The Amazon Resource Name (ARN) of the certificate.
customDomainName (string) --
The custom domain name of the service.
id (string) --
The ID of the service.
name (string) --
The name of the service.
Associates a service with a service network.
You can't use this operation if the service and service network are already associated or if there is a disassociation or deletion in progress. If the association fails, you can retry the operation by deleting the association and recreating it.
You cannot associate a service and service network that are shared with a caller. The caller must own either the service or the service network.
As a result of this operation, the association is created in the service network account and the association owner account.
See also: AWS API Documentation
Request Syntax
client.create_service_network_service_association(
clientToken='string',
serviceIdentifier='string',
serviceNetworkIdentifier='string',
tags={
'string': 'string'
}
)
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network. You must use the ARN if the resources specified in the operation are in different accounts.
dict
The tags for the association.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'arn': 'string',
'createdBy': 'string',
'customDomainName': 'string',
'dnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'id': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdBy (string) --
The account that created the association.
customDomainName (string) --
The custom domain name of the service.
dnsEntry (dict) --
The DNS name of the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
id (string) --
The ID of the association.
status (string) --
The operation's status.
Deletes a target group. You can't delete a target group if it is used in a listener rule or if the target group creation is in progress.
See also: AWS API Documentation
Request Syntax
client.delete_target_group(
targetGroupIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
dict
Response Syntax
{
'arn': 'string',
'id': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the target group.
id (string) --
The ID of the target group.
status (string) --
The status. You can retry the operation if the status is DELETE_FAILED . However, if you retry it while the status is DELETE_IN_PROGRESS , the status doesn't change.
Retrieves information about the auth policy for the specified service or service network.
See also: AWS API Documentation
Request Syntax
client.get_auth_policy(
resourceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network or service.
dict
Response Syntax
{
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'policy': 'string',
'state': 'Active'|'Inactive'
}
Response Structure
(dict) --
createdAt (datetime) --
The date and time that the auth policy was created, specified in ISO-8601 format.
lastUpdatedAt (datetime) --
The date and time that the auth policy was last updated, specified in ISO-8601 format.
policy (string) --
The auth policy.
state (string) --
The state of the auth policy. The auth policy is only active when the auth type is set to Amazon Web Services_IAM . If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the auth type is NONE , then any auth policy you provide will remain inactive. For more information, see Create a service network in the Amazon VPC Lattice User Guide .
Retrieves information about the specified service.
See also: AWS API Documentation
Request Syntax
client.get_service(
serviceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'arn': 'string',
'authType': 'NONE'|'AWS_IAM',
'certificateArn': 'string',
'createdAt': datetime(2015, 1, 1),
'customDomainName': 'string',
'dnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'failureCode': 'string',
'failureMessage': 'string',
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'status': 'ACTIVE'|'CREATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the service.
authType (string) --
The type of IAM policy.
certificateArn (string) --
The Amazon Resource Name (ARN) of the certificate.
createdAt (datetime) --
The date and time that the service was created, specified in ISO-8601 format.
customDomainName (string) --
The custom domain name of the service.
dnsEntry (dict) --
The DNS name of the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
failureCode (string) --
The failure code.
failureMessage (string) --
The failure message.
id (string) --
The ID of the service.
lastUpdatedAt (datetime) --
The date and time that the service was last updated, specified in ISO-8601 format.
name (string) --
The name of the service.
status (string) --
The status of the service.
Deletes a service. A service can't be deleted if it's associated with a service network. If you delete a service, all resources related to the service, such as the resource policy, auth policy, listeners, listener rules, and access log subscriptions, are also deleted. For more information, see Delete a service in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.delete_service(
serviceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'arn': 'string',
'id': 'string',
'name': 'string',
'status': 'ACTIVE'|'CREATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the service.
id (string) --
The ID of the service.
name (string) --
The name of the service.
status (string) --
The status. You can retry the operation if the status is DELETE_FAILED . However, if you retry it while the status is DELETE_IN_PROGRESS , the status doesn't change.
Retrieves information about the specified service network.
See also: AWS API Documentation
Request Syntax
client.get_service_network(
serviceNetworkIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network.
dict
Response Syntax
{
'arn': 'string',
'authType': 'NONE'|'AWS_IAM',
'createdAt': datetime(2015, 1, 1),
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'numberOfAssociatedServices': 123,
'numberOfAssociatedVPCs': 123
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the service network.
authType (string) --
The type of IAM policy.
createdAt (datetime) --
The date and time that the service network was created, specified in ISO-8601 format.
id (string) --
The ID of the service network.
lastUpdatedAt (datetime) --
The date and time of the last update, specified in ISO-8601 format.
name (string) --
The name of the service network.
numberOfAssociatedServices (integer) --
The number of services associated with the service network.
numberOfAssociatedVPCs (integer) --
The number of VPCs associated with the service network.
Deletes a service network. You can only delete the service network if there is no service or VPC associated with it. If you delete a service network, all resources related to the service network, such as the resource policy, auth policy, and access log subscriptions, are also deleted. For more information, see Delete a service network in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.delete_service_network(
serviceNetworkIdentifier='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) or ID of the service network.
dict
Response Syntax
{}
Response Structure
(dict) --
Creates a service network. A service network is a logical boundary for a collection of services. You can associate services and VPCs with a service network.
For more information, see Service networks in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.create_service_network(
authType='NONE'|'AWS_IAM',
clientToken='string',
name='string',
tags={
'string': 'string'
}
)
string
The type of IAM policy.
NONE : The resource does not use an IAM policy. This is the default.
AWS_IAM : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
string
[REQUIRED]
The name of the service network. The name must be unique to the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.
dict
The tags for the service network.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'arn': 'string',
'authType': 'NONE'|'AWS_IAM',
'id': 'string',
'name': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the service network.
authType (string) --
The type of IAM policy.
id (string) --
The ID of the service network.
name (string) --
The name of the service network.
Retrieves information about the specified listener for the specified service.
See also: AWS API Documentation
Request Syntax
client.get_listener(
listenerIdentifier='string',
serviceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'defaultAction': {
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'serviceArn': 'string',
'serviceId': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the listener.
createdAt (datetime) --
The date and time that the listener was created, specified in ISO-8601 format.
defaultAction (dict) --
The actions for the default listener rule.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: fixedResponse, forward. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) --
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) --
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) --
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
id (string) --
The ID of the listener.
lastUpdatedAt (datetime) --
The date and time that the listener was last updated, specified in ISO-8601 format.
name (string) --
The name of the listener.
port (integer) --
The listener port.
protocol (string) --
The listener protocol.
serviceArn (string) --
The Amazon Resource Name (ARN) of the service.
serviceId (string) --
The ID of the service.
Lists all access log subscriptions for the specified service network or service.
See also: AWS API Documentation
Request Syntax
client.list_access_log_subscriptions(
maxResults=123,
nextToken='string',
resourceIdentifier='string'
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network or service.
dict
Response Syntax
{
'items': [
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'destinationArn': 'string',
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'resourceArn': 'string',
'resourceId': 'string'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
The access log subscriptions.
(dict) --
Summary information about an access log subscription.
arn (string) --
The Amazon Resource Name (ARN) of the access log subscription
createdAt (datetime) --
The date and time that the access log subscription was created, specified in ISO-8601 format.
destinationArn (string) --
The Amazon Resource Name (ARN) of the destination.
id (string) --
The ID of the access log subscription.
lastUpdatedAt (datetime) --
The date and time that the access log subscription was last updated, specified in ISO-8601 format.
resourceArn (string) --
The Amazon Resource Name (ARN) of the service or service network.
resourceId (string) --
The ID of the service or service network.
nextToken (string) --
A pagination token for the next page of results.
Lists the listeners for the specified service.
See also: AWS API Documentation
Request Syntax
client.list_listeners(
maxResults=123,
nextToken='string',
serviceIdentifier='string'
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'items': [
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the listeners.
(dict) --
Summary information about a listener.
arn (string) --
The Amazon Resource Name (ARN) of the listener.
createdAt (datetime) --
The date and time that the listener was created, specified in ISO-8601 format.
id (string) --
The ID of the listener.
lastUpdatedAt (datetime) --
The date and time that the listener was last updated, specified in ISO-8601 format.
name (string) --
The name of the listener.
port (integer) --
The listener port.
protocol (string) --
The listener protocol.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
Lists your target groups. You can narrow your search by using the filters below in your request.
See also: AWS API Documentation
Request Syntax
client.list_target_groups(
maxResults=123,
nextToken='string',
targetGroupType='IP'|'LAMBDA'|'INSTANCE'|'ALB',
vpcIdentifier='string'
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
string
The target group type.
string
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'items': [
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'id': 'string',
'ipAddressType': 'IPV4'|'IPV6',
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'serviceArns': [
'string',
],
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED',
'type': 'IP'|'LAMBDA'|'INSTANCE'|'ALB',
'vpcIdentifier': 'string'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the target groups.
(dict) --
Summary information about a target group.
arn (string) --
The ARN (Amazon Resource Name) of the target group.
createdAt (datetime) --
The date and time that the target group was created, specified in ISO-8601 format.
id (string) --
The ID of the target group.
ipAddressType (string) --
The type of IP address used for the target group. The possible values are ipv4 and ipv6 . This is an optional parameter. If not specified, the IP address type defaults to ipv4 .
lastUpdatedAt (datetime) --
The date and time that the target group was last updated, specified in ISO-8601 format.
name (string) --
The name of the target group.
port (integer) --
The port of the target group.
protocol (string) --
The protocol of the target group.
serviceArns (list) --
The list of Amazon Resource Names (ARNs) of the service.
(string) --
status (string) --
The status.
type (string) --
The target group type.
vpcIdentifier (string) --
The ID of the VPC of the target group.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
Registers the targets with the target group. If it's a Lambda target, you can only have one target in a target group.
See also: AWS API Documentation
Request Syntax
client.register_targets(
targetGroupIdentifier='string',
targets=[
{
'id': 'string',
'port': 123
},
]
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
list
[REQUIRED]
The targets.
(dict) --
Describes a target.
id (string) -- [REQUIRED]
The ID of the target. If the target type of the target group is INSTANCE , this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA , this is the ARN of the Lambda function. If the target type is ALB , this is the ARN of the Application Load Balancer.
port (integer) --
The port on which the target is listening. For HTTP, the default is 80 . For HTTPS, the default is 443 .
dict
Response Syntax
{
'successful': [
{
'id': 'string',
'port': 123
},
],
'unsuccessful': [
{
'failureCode': 'string',
'failureMessage': 'string',
'id': 'string',
'port': 123
},
]
}
Response Structure
(dict) --
successful (list) --
The targets that were successfully registered.
(dict) --
Describes a target.
id (string) --
The ID of the target. If the target type of the target group is INSTANCE , this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA , this is the ARN of the Lambda function. If the target type is ALB , this is the ARN of the Application Load Balancer.
port (integer) --
The port on which the target is listening. For HTTP, the default is 80 . For HTTPS, the default is 443 .
unsuccessful (list) --
The targets that were not registered.
(dict) --
Describes a target failure.
failureCode (string) --
The failure code.
failureMessage (string) --
The failure message.
id (string) --
The ID of the target. If the target type of the target group is INSTANCE , this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA , this is the ARN of the Lambda function. If the target type is ALB , this is the ARN of the Application Load Balancer.
port (integer) --
The port on which the target is listening. This parameter doesn't apply if the target is a Lambda function.
Retrieves information about the specified association between a service network and a service.
See also: AWS API Documentation
Request Syntax
client.get_service_network_service_association(
serviceNetworkServiceAssociationIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the association.
dict
Response Syntax
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'createdBy': 'string',
'customDomainName': 'string',
'dnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'failureCode': 'string',
'failureMessage': 'string',
'id': 'string',
'serviceArn': 'string',
'serviceId': 'string',
'serviceName': 'string',
'serviceNetworkArn': 'string',
'serviceNetworkId': 'string',
'serviceNetworkName': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdAt (datetime) --
The date and time that the association was created, specified in ISO-8601 format.
createdBy (string) --
The account that created the association.
customDomainName (string) --
The custom domain name of the service.
dnsEntry (dict) --
The DNS name of the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
failureCode (string) --
The failure code.
failureMessage (string) --
The failure message.
id (string) --
The ID of the service network and service association.
serviceArn (string) --
The Amazon Resource Name (ARN) of the service.
serviceId (string) --
The ID of the service.
serviceName (string) --
The name of the service.
serviceNetworkArn (string) --
The Amazon Resource Name (ARN) of the service network.
serviceNetworkId (string) --
The ID of the service network.
serviceNetworkName (string) --
The name of the service network.
status (string) --
The status of the association.
Creates a listener for a service. Before you start using your Amazon VPC Lattice service, you must add one or more listeners. A listener is a process that checks for connection requests to your services. For more information, see Listeners in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.create_listener(
clientToken='string',
defaultAction={
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
name='string',
port=123,
protocol='HTTP'|'HTTPS',
serviceIdentifier='string',
tags={
'string': 'string'
}
)
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
dict
[REQUIRED]
The action for the default rule. Each listener has a default rule. Each rule consists of a priority, one or more actions, and one or more conditions. The default rule is the rule that's used if no other rules match. Each rule must include exactly one of the following types of actions: forward or fixed-response , and it must be the last action to be performed.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: fixedResponse, forward.
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) -- [REQUIRED]
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) -- [REQUIRED]
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) -- [REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
string
[REQUIRED]
The name of the listener. A listener name must be unique within a service. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.
integer
The listener port. You can specify a value from 1 to 65535 . For HTTP, the default is 80 . For HTTPS, the default is 443 .
string
[REQUIRED]
The listener protocol HTTP or HTTPS.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
The tags for the listener.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'arn': 'string',
'defaultAction': {
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
'id': 'string',
'name': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'serviceArn': 'string',
'serviceId': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the listener.
defaultAction (dict) --
The action for the default rule.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: fixedResponse, forward. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) --
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) --
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) --
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
id (string) --
The ID of the listener.
name (string) --
The name of the listener.
port (integer) --
The port number of the listener.
protocol (string) --
The protocol of the listener.
serviceArn (string) --
The Amazon Resource Name (ARN) of the service.
serviceId (string) --
The ID of the service.
Updates the specified access log subscription.
See also: AWS API Documentation
Request Syntax
client.update_access_log_subscription(
accessLogSubscriptionIdentifier='string',
destinationArn='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the access log subscription.
string
[REQUIRED]
The Amazon Resource Name (ARN) of the access log destination.
dict
Response Syntax
{
'arn': 'string',
'destinationArn': 'string',
'id': 'string',
'resourceArn': 'string',
'resourceId': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the access log subscription.
destinationArn (string) --
The Amazon Resource Name (ARN) of the access log destination.
id (string) --
The ID of the access log subscription.
resourceArn (string) --
The Amazon Resource Name (ARN) of the access log subscription.
resourceId (string) --
The ID of the resource.
Updates the specified target group.
See also: AWS API Documentation
Request Syntax
client.update_target_group(
healthCheck={
'enabled': True|False,
'healthCheckIntervalSeconds': 123,
'healthCheckTimeoutSeconds': 123,
'healthyThresholdCount': 123,
'matcher': {
'httpCode': 'string'
},
'path': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2',
'unhealthyThresholdCount': 123
},
targetGroupIdentifier='string'
)
dict
[REQUIRED]
The health check configuration.
enabled (boolean) --
Indicates whether health checking is enabled.
healthCheckIntervalSeconds (integer) --
The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds.
healthCheckTimeoutSeconds (integer) --
The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1–120 seconds. The default is 5 seconds.
healthyThresholdCount (integer) --
The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2–10. The default is 5.
matcher (dict) --
The codes to use when checking for a successful response from a target. These are called Success codes in the console.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: httpCode.
httpCode (string) --
The HTTP code to use when checking for a successful response from a target.
path (string) --
The destination for health checks on the targets. If the protocol version is HTTP/1.1 or HTTP/2 , specify a valid URI (for example, /path?query ). The default path is / . Health checks are not supported if the protocol version is gRPC , however, you can choose HTTP/1.1 or HTTP/2 and specify a valid URI.
port (integer) --
The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.
protocol (string) --
The protocol used when performing health checks on targets. The possible protocols are HTTP and HTTPS . The default is HTTP .
protocolVersion (string) --
The protocol version used when performing health checks on targets. The possible protocol versions are HTTP1 and HTTP2 .
unhealthyThresholdCount (integer) --
The number of consecutive failed health checks required before considering a target unhealthy. The range is 2–10. The default is 2.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
dict
Response Syntax
{
'arn': 'string',
'config': {
'healthCheck': {
'enabled': True|False,
'healthCheckIntervalSeconds': 123,
'healthCheckTimeoutSeconds': 123,
'healthyThresholdCount': 123,
'matcher': {
'httpCode': 'string'
},
'path': 'string',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2',
'unhealthyThresholdCount': 123
},
'ipAddressType': 'IPV4'|'IPV6',
'port': 123,
'protocol': 'HTTP'|'HTTPS',
'protocolVersion': 'HTTP1'|'HTTP2'|'GRPC',
'vpcIdentifier': 'string'
},
'id': 'string',
'name': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED',
'type': 'IP'|'LAMBDA'|'INSTANCE'|'ALB'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the target group.
config (dict) --
The target group configuration.
healthCheck (dict) --
The health check configuration.
enabled (boolean) --
Indicates whether health checking is enabled.
healthCheckIntervalSeconds (integer) --
The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds.
healthCheckTimeoutSeconds (integer) --
The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1–120 seconds. The default is 5 seconds.
healthyThresholdCount (integer) --
The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2–10. The default is 5.
matcher (dict) --
The codes to use when checking for a successful response from a target. These are called Success codes in the console.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: httpCode. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
httpCode (string) --
The HTTP code to use when checking for a successful response from a target.
path (string) --
The destination for health checks on the targets. If the protocol version is HTTP/1.1 or HTTP/2 , specify a valid URI (for example, /path?query ). The default path is / . Health checks are not supported if the protocol version is gRPC , however, you can choose HTTP/1.1 or HTTP/2 and specify a valid URI.
port (integer) --
The port used when performing health checks on targets. The default setting is the port that a target receives traffic on.
protocol (string) --
The protocol used when performing health checks on targets. The possible protocols are HTTP and HTTPS . The default is HTTP .
protocolVersion (string) --
The protocol version used when performing health checks on targets. The possible protocol versions are HTTP1 and HTTP2 .
unhealthyThresholdCount (integer) --
The number of consecutive failed health checks required before considering a target unhealthy. The range is 2–10. The default is 2.
ipAddressType (string) --
The type of IP address used for the target group. The possible values are ipv4 and ipv6 . This is an optional parameter. If not specified, the IP address type defaults to ipv4 .
port (integer) --
The port on which the targets are listening. For HTTP, the default is 80 . For HTTPS, the default is 443
protocol (string) --
The protocol to use for routing traffic to the targets. Default is the protocol of a target group.
protocolVersion (string) --
The protocol version. Default value is HTTP1 .
vpcIdentifier (string) --
The ID of the VPC.
id (string) --
The ID of the target group.
name (string) --
The name of the target group.
status (string) --
The status.
type (string) --
The target group type.
Lists the service networks owned by the caller account or shared with the caller account. Also includes the account ID in the ARN to show which account owns the service network.
See also: AWS API Documentation
Request Syntax
client.list_service_networks(
maxResults=123,
nextToken='string'
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
dict
Response Syntax
{
'items': [
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'numberOfAssociatedServices': 123,
'numberOfAssociatedVPCs': 123
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the service networks.
(dict) --
Summary information about a service network.
arn (string) --
The Amazon Resource Name (ARN) of the service network.
createdAt (datetime) --
The date and time that the service network was created, specified in ISO-8601 format.
id (string) --
The ID of the service network.
lastUpdatedAt (datetime) --
The date and time that the service network was last updated, specified in ISO-8601 format.
name (string) --
The name of the service network.
numberOfAssociatedServices (integer) --
The number of services associated with the service network.
numberOfAssociatedVPCs (integer) --
The number of VPCs associated with the service network.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
Creates or updates the auth policy.
See also: AWS API Documentation
Request Syntax
client.put_auth_policy(
policy='string',
resourceIdentifier='string'
)
string
[REQUIRED]
The auth policy.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.
dict
Response Syntax
{
'policy': 'string',
'state': 'Active'|'Inactive'
}
Response Structure
(dict) --
policy (string) --
The auth policy.
state (string) --
The state of the auth policy. The auth policy is only active when the auth type is set to Amazon Web Services_IAM . If you provide a policy, then authentication and authorization decisions are made based on this policy and the client's IAM policy. If the Auth type is NONE , then, any auth policy you provide will remain inactive. For more information, see Create a service network in the Amazon VPC Lattice User Guide .
Attaches a resource-based permission policy to a service or service network. The policy must contain the same actions and condition statements as the Amazon Web Services Resource Access Manager permission for sharing services and service networks.
See also: AWS API Documentation
Request Syntax
client.put_resource_policy(
policy='string',
resourceArn='string'
)
string
[REQUIRED]
An IAM policy.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network or service for which the policy is created.
dict
Response Syntax
{}
Response Structure
(dict) --
Lists the services owned by the caller account or shared with the caller account.
See also: AWS API Documentation
Request Syntax
client.list_services(
maxResults=123,
nextToken='string'
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
dict
Response Syntax
{
'items': [
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'customDomainName': 'string',
'dnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'status': 'ACTIVE'|'CREATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
The services.
(dict) --
Summary information about a service.
arn (string) --
The Amazon Resource Name (ARN) of the service.
createdAt (datetime) --
The date and time that the service was created, specified in ISO-8601 format.
customDomainName (string) --
The custom domain name of the service.
dnsEntry (dict) --
DNS information about the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
id (string) --
The ID of the service.
lastUpdatedAt (datetime) --
The date and time that the service was last updated. The format is ISO-8601.
name (string) --
The name of the service.
status (string) --
The status.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
Deletes the specified resource policy.
See also: AWS API Documentation
Request Syntax
client.delete_resource_policy(
resourceArn='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource.
dict
Response Syntax
{}
Response Structure
(dict) --
Lists the rules for the listener.
See also: AWS API Documentation
Request Syntax
client.list_rules(
listenerIdentifier='string',
maxResults=123,
nextToken='string',
serviceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'items': [
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'id': 'string',
'isDefault': True|False,
'lastUpdatedAt': datetime(2015, 1, 1),
'name': 'string',
'priority': 123
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the rules.
(dict) --
Summary information about the listener rule.
arn (string) --
The Amazon Resource Name (ARN) of the rule.
createdAt (datetime) --
The date and time that the listener rule was created, specified in ISO-8601 format.
id (string) --
The ID of the rule.
isDefault (boolean) --
Indicates whether this is the default rule. Listener rules are created when you create a listener. Each listener has a default rule for checking connection requests.
lastUpdatedAt (datetime) --
The date and time that the listener rule was last updated, specified in ISO-8601 format.
name (string) --
The name of the rule.
priority (integer) --
The priority of the rule.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
Creates a service. A service is any software application that can run on instances containers, or serverless functions within an account or virtual private cloud (VPC).
For more information, see Services in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.create_service(
authType='NONE'|'AWS_IAM',
certificateArn='string',
clientToken='string',
customDomainName='string',
name='string',
tags={
'string': 'string'
}
)
string
The type of IAM policy.
NONE : The resource does not use an IAM policy. This is the default.
AWS_IAM : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.
string
The Amazon Resource Name (ARN) of the certificate.
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
string
The custom domain name of the service.
string
[REQUIRED]
The name of the service. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.
dict
The tags for the service.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'arn': 'string',
'authType': 'NONE'|'AWS_IAM',
'certificateArn': 'string',
'customDomainName': 'string',
'dnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'id': 'string',
'name': 'string',
'status': 'ACTIVE'|'CREATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the service.
authType (string) --
The type of IAM policy.
certificateArn (string) --
The Amazon Resource Name (ARN) of the certificate.
customDomainName (string) --
The custom domain name of the service.
dnsEntry (dict) --
The public DNS name of the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
id (string) --
The ID of the service.
name (string) --
The name of the service.
status (string) --
The status. If the status is CREATE_FAILED , you will have to delete and recreate the service.
Updates a rule for the listener. You can't modify a default listener rule. To modify a default listener rule, use UpdateListener .
See also: AWS API Documentation
Request Syntax
client.update_rule(
action={
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
listenerIdentifier='string',
match={
'httpMatch': {
'headerMatches': [
{
'caseSensitive': True|False,
'match': {
'contains': 'string',
'exact': 'string',
'prefix': 'string'
},
'name': 'string'
},
],
'method': 'string',
'pathMatch': {
'caseSensitive': True|False,
'match': {
'exact': 'string',
'prefix': 'string'
}
}
}
},
priority=123,
ruleIdentifier='string',
serviceIdentifier='string'
)
dict
Information about the action for the specified listener rule.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: fixedResponse, forward.
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) -- [REQUIRED]
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) -- [REQUIRED]
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) -- [REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
dict
The rule match.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: httpMatch.
httpMatch (dict) --
The HTTP criteria that a rule must match.
headerMatches (list) --
The header matches. Matches incoming requests with rule based on request header value before applying rule action.
(dict) --
Describes the constraints for a header match. Matches incoming requests with rule based on request header value before applying rule action.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) -- [REQUIRED]
The header match type.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: contains, exact, prefix.
contains (string) --
Specifies a contains type match.
exact (string) --
Specifies an exact type match.
prefix (string) --
Specifies a prefix type match. Matches the value with the prefix.
name (string) -- [REQUIRED]
The name of the header.
method (string) --
The HTTP method type.
pathMatch (dict) --
The path match.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) -- [REQUIRED]
The type of path match.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: exact, prefix.
exact (string) --
An exact match of the path.
prefix (string) --
A prefix match of the path.
integer
The rule priority. A listener can't have multiple rules with the same priority.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the rule.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'action': {
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
'arn': 'string',
'id': 'string',
'isDefault': True|False,
'match': {
'httpMatch': {
'headerMatches': [
{
'caseSensitive': True|False,
'match': {
'contains': 'string',
'exact': 'string',
'prefix': 'string'
},
'name': 'string'
},
],
'method': 'string',
'pathMatch': {
'caseSensitive': True|False,
'match': {
'exact': 'string',
'prefix': 'string'
}
}
}
},
'name': 'string',
'priority': 123
}
Response Structure
(dict) --
action (dict) --
Information about the action for the specified listener rule.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: fixedResponse, forward. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) --
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) --
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) --
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
arn (string) --
The Amazon Resource Name (ARN) of the listener.
id (string) --
The ID of the listener.
isDefault (boolean) --
Indicates whether this is the default rule.
match (dict) --
The rule match.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: httpMatch. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
httpMatch (dict) --
The HTTP criteria that a rule must match.
headerMatches (list) --
The header matches. Matches incoming requests with rule based on request header value before applying rule action.
(dict) --
Describes the constraints for a header match. Matches incoming requests with rule based on request header value before applying rule action.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) --
The header match type.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: contains, exact, prefix. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
contains (string) --
Specifies a contains type match.
exact (string) --
Specifies an exact type match.
prefix (string) --
Specifies a prefix type match. Matches the value with the prefix.
name (string) --
The name of the header.
method (string) --
The HTTP method type.
pathMatch (dict) --
The path match.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) --
The type of path match.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: exact, prefix. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
exact (string) --
An exact match of the path.
prefix (string) --
A prefix match of the path.
name (string) --
The name of the listener.
priority (integer) --
The rule priority.
Disassociates the VPC from the service network. You can't disassociate the VPC if there is a create or update association in progress.
See also: AWS API Documentation
Request Syntax
client.delete_service_network_vpc_association(
serviceNetworkVpcAssociationIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the association.
dict
Response Syntax
{
'arn': 'string',
'id': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'|'UPDATE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the association.
id (string) --
The ID of the association.
status (string) --
The status. You can retry the operation if the status is DELETE_FAILED . However, if you retry it when the status is DELETE_IN_PROGRESS , there is no change in the status.
Updates the listener rules in a batch. You can use this operation to change the priority of listener rules. This can be useful when bulk updating or swapping rule priority.
See also: AWS API Documentation
Request Syntax
client.batch_update_rule(
listenerIdentifier='string',
rules=[
{
'action': {
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
'match': {
'httpMatch': {
'headerMatches': [
{
'caseSensitive': True|False,
'match': {
'contains': 'string',
'exact': 'string',
'prefix': 'string'
},
'name': 'string'
},
],
'method': 'string',
'pathMatch': {
'caseSensitive': True|False,
'match': {
'exact': 'string',
'prefix': 'string'
}
}
}
},
'priority': 123,
'ruleIdentifier': 'string'
},
],
serviceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
list
[REQUIRED]
The rules for the specified listener.
(dict) --
Represents an object when updating a rule.
action (dict) --
The rule action.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: fixedResponse, forward.
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) -- [REQUIRED]
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) -- [REQUIRED]
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) -- [REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
match (dict) --
The rule match.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: httpMatch.
httpMatch (dict) --
The HTTP criteria that a rule must match.
headerMatches (list) --
The header matches. Matches incoming requests with rule based on request header value before applying rule action.
(dict) --
Describes the constraints for a header match. Matches incoming requests with rule based on request header value before applying rule action.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) -- [REQUIRED]
The header match type.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: contains, exact, prefix.
contains (string) --
Specifies a contains type match.
exact (string) --
Specifies an exact type match.
prefix (string) --
Specifies a prefix type match. Matches the value with the prefix.
name (string) -- [REQUIRED]
The name of the header.
method (string) --
The HTTP method type.
pathMatch (dict) --
The path match.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) -- [REQUIRED]
The type of path match.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: exact, prefix.
exact (string) --
An exact match of the path.
prefix (string) --
A prefix match of the path.
priority (integer) --
The rule priority. A listener can't have multiple rules with the same priority.
ruleIdentifier (string) -- [REQUIRED]
The ID or Amazon Resource Name (ARN) of the rule.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'successful': [
{
'action': {
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
'arn': 'string',
'id': 'string',
'isDefault': True|False,
'match': {
'httpMatch': {
'headerMatches': [
{
'caseSensitive': True|False,
'match': {
'contains': 'string',
'exact': 'string',
'prefix': 'string'
},
'name': 'string'
},
],
'method': 'string',
'pathMatch': {
'caseSensitive': True|False,
'match': {
'exact': 'string',
'prefix': 'string'
}
}
}
},
'name': 'string',
'priority': 123
},
],
'unsuccessful': [
{
'failureCode': 'string',
'failureMessage': 'string',
'ruleIdentifier': 'string'
},
]
}
Response Structure
(dict) --
successful (list) --
The rules that were successfully updated.
(dict) --
Describes a successful rule update.
action (dict) --
The action for the default rule.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: fixedResponse, forward. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) --
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) --
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) --
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
arn (string) --
The Amazon Resource Name (ARN) of the listener.
id (string) --
The ID of the listener.
isDefault (boolean) --
Indicates whether this is the default rule.
match (dict) --
The rule match.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: httpMatch. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
httpMatch (dict) --
The HTTP criteria that a rule must match.
headerMatches (list) --
The header matches. Matches incoming requests with rule based on request header value before applying rule action.
(dict) --
Describes the constraints for a header match. Matches incoming requests with rule based on request header value before applying rule action.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) --
The header match type.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: contains, exact, prefix. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
contains (string) --
Specifies a contains type match.
exact (string) --
Specifies an exact type match.
prefix (string) --
Specifies a prefix type match. Matches the value with the prefix.
name (string) --
The name of the header.
method (string) --
The HTTP method type.
pathMatch (dict) --
The path match.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) --
The type of path match.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: exact, prefix. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
exact (string) --
An exact match of the path.
prefix (string) --
A prefix match of the path.
name (string) --
The name of the listener.
priority (integer) --
The rule priority.
unsuccessful (list) --
The rules that the operation couldn't update.
(dict) --
Describes a rule update that failed.
failureCode (string) --
The failure code.
failureMessage (string) --
The failure message.
ruleIdentifier (string) --
The ID or Amazon Resource Name (ARN) of the rule.
Deregisters the specified targets from the specified target group.
See also: AWS API Documentation
Request Syntax
client.deregister_targets(
targetGroupIdentifier='string',
targets=[
{
'id': 'string',
'port': 123
},
]
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
list
[REQUIRED]
The targets to deregister.
(dict) --
Describes a target.
id (string) -- [REQUIRED]
The ID of the target. If the target type of the target group is INSTANCE , this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA , this is the ARN of the Lambda function. If the target type is ALB , this is the ARN of the Application Load Balancer.
port (integer) --
The port on which the target is listening. For HTTP, the default is 80 . For HTTPS, the default is 443 .
dict
Response Syntax
{
'successful': [
{
'id': 'string',
'port': 123
},
],
'unsuccessful': [
{
'failureCode': 'string',
'failureMessage': 'string',
'id': 'string',
'port': 123
},
]
}
Response Structure
(dict) --
successful (list) --
The targets that were successfully deregistered.
(dict) --
Describes a target.
id (string) --
The ID of the target. If the target type of the target group is INSTANCE , this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA , this is the ARN of the Lambda function. If the target type is ALB , this is the ARN of the Application Load Balancer.
port (integer) --
The port on which the target is listening. For HTTP, the default is 80 . For HTTPS, the default is 443 .
unsuccessful (list) --
The targets that the operation couldn't deregister.
(dict) --
Describes a target failure.
failureCode (string) --
The failure code.
failureMessage (string) --
The failure message.
id (string) --
The ID of the target. If the target type of the target group is INSTANCE , this is an instance ID. If the target type is IP , this is an IP address. If the target type is LAMBDA , this is the ARN of the Lambda function. If the target type is ALB , this is the ARN of the Application Load Balancer.
port (integer) --
The port on which the target is listening. This parameter doesn't apply if the target is a Lambda function.
Deletes the specified auth policy. If an auth is set to Amazon Web Services_IAM and the auth policy is deleted, all requests will be denied by default. If you are trying to remove the auth policy completely, you must set the auth_type to NONE . If auth is enabled on the resource, but no auth policy is set, all requests will be denied.
See also: AWS API Documentation
Request Syntax
client.delete_auth_policy(
resourceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the resource.
dict
Response Syntax
{}
Response Structure
(dict) --
Deletes the association between a specified service and the specific service network. This request will fail if an association is still in progress.
See also: AWS API Documentation
Request Syntax
client.delete_service_network_service_association(
serviceNetworkServiceAssociationIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the association.
dict
Response Syntax
{
'arn': 'string',
'id': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the association.
id (string) --
The ID of the association.
status (string) --
The operation's status. You can retry the operation if the status is DELETE_FAILED . However, if you retry it when the status is DELETE_IN_PROGRESS , there is no change in the status.
Retrieves information about the specified access log subscription.
See also: AWS API Documentation
Request Syntax
client.get_access_log_subscription(
accessLogSubscriptionIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the access log subscription.
dict
Response Syntax
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'destinationArn': 'string',
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'resourceArn': 'string',
'resourceId': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the access log subscription.
createdAt (datetime) --
The date and time that the access log subscription was created, specified in ISO-8601 format.
destinationArn (string) --
The Amazon Resource Name (ARN) of the access log destination.
id (string) --
The ID of the access log subscription.
lastUpdatedAt (datetime) --
The date and time that the access log subscription was last updated, specified in ISO-8601 format.
resourceArn (string) --
The Amazon Resource Name (ARN) of the service network or service.
resourceId (string) --
The ID of the service network or service.
Updates the specified service network.
See also: AWS API Documentation
Request Syntax
client.update_service_network(
authType='NONE'|'AWS_IAM',
serviceNetworkIdentifier='string'
)
string
[REQUIRED]
The type of IAM policy.
NONE : The resource does not use an IAM policy. This is the default.
AWS_IAM : The resource uses an IAM policy. When this type is used, auth is enabled and an auth policy is required.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network.
dict
Response Syntax
{
'arn': 'string',
'authType': 'NONE'|'AWS_IAM',
'id': 'string',
'name': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the service network.
authType (string) --
The type of IAM policy.
id (string) --
The ID of the service network.
name (string) --
The name of the service network.
Retrieves information about the association between a service network and a VPC.
See also: AWS API Documentation
Request Syntax
client.get_service_network_vpc_association(
serviceNetworkVpcAssociationIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the association.
dict
Response Syntax
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'createdBy': 'string',
'failureCode': 'string',
'failureMessage': 'string',
'id': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'securityGroupIds': [
'string',
],
'serviceNetworkArn': 'string',
'serviceNetworkId': 'string',
'serviceNetworkName': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'|'UPDATE_FAILED',
'vpcId': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdAt (datetime) --
The date and time that the association was created, specified in ISO-8601 format.
createdBy (string) --
The account that created the association.
failureCode (string) --
The failure code.
failureMessage (string) --
The failure message.
id (string) --
The ID of the specified association between the service network and the VPC.
lastUpdatedAt (datetime) --
The date and time that the association was last updated, specified in ISO-8601 format.
securityGroupIds (list) --
The IDs of the security groups.
(string) --
serviceNetworkArn (string) --
The Amazon Resource Name (ARN) of the service network.
serviceNetworkId (string) --
The ID of the service network.
serviceNetworkName (string) --
The name of the service network.
status (string) --
The status of the association.
vpcId (string) --
The ID of the VPC.
Lists the associations between the service network and the service. You can filter the list either by service or service network. You must provide either the service network identifier or the service identifier.
Every association in Amazon VPC Lattice is given a unique Amazon Resource Name (ARN), such as when a service network is associated with a VPC or when a service is associated with a service network. If the association is for a resource that is shared with another account, the association will include the local account ID as the prefix in the ARN for each account the resource is shared with.
See also: AWS API Documentation
Request Syntax
client.list_service_network_service_associations(
maxResults=123,
nextToken='string',
serviceIdentifier='string',
serviceNetworkIdentifier='string'
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
string
The ID or Amazon Resource Name (ARN) of the service.
string
The ID or Amazon Resource Name (ARN) of the service network.
dict
Response Syntax
{
'items': [
{
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'createdBy': 'string',
'customDomainName': 'string',
'dnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'id': 'string',
'serviceArn': 'string',
'serviceId': 'string',
'serviceName': 'string',
'serviceNetworkArn': 'string',
'serviceNetworkId': 'string',
'serviceNetworkName': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the associations.
(dict) --
Summary information about the association between a service network and a service.
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdAt (datetime) --
The date and time that the association was created, specified in ISO-8601 format.
createdBy (string) --
The account that created the association.
customDomainName (string) --
The custom domain name of the service.
dnsEntry (dict) --
DNS information about the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
id (string) --
The ID of the association.
serviceArn (string) --
The Amazon Resource Name (ARN) of the service.
serviceId (string) --
The ID of the service.
serviceName (string) --
The name of the service.
serviceNetworkArn (string) --
The Amazon Resource Name (ARN) of the service network.
serviceNetworkId (string) --
The ID of the service network.
serviceNetworkName (string) --
The name of the service network.
status (string) --
The status. If the deletion fails, try to delete again.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
Adds the specified tags to the specified resource.
See also: AWS API Documentation
Request Syntax
client.tag_resource(
resourceArn='string',
tags={
'string': 'string'
}
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource.
dict
[REQUIRED]
The tags for the resource.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{}
Response Structure
(dict) --
Enables access logs to be sent to Amazon CloudWatch, Amazon S3, and Amazon Kinesis Data Firehose. The service network owner can use the access logs to audit the services in the network. The service network owner will only see access logs from clients and services that are associated with their service network. Access log entries represent traffic originated from VPCs associated with that network. For more information, see Access logs in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.create_access_log_subscription(
clientToken='string',
destinationArn='string',
resourceIdentifier='string',
tags={
'string': 'string'
}
)
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
string
[REQUIRED]
The Amazon Resource Name (ARN) of the destination. The supported destination types are CloudWatch Log groups, Kinesis Data Firehose delivery streams, and Amazon S3 buckets.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service network or service.
dict
The tags for the access log subscription.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'arn': 'string',
'destinationArn': 'string',
'id': 'string',
'resourceArn': 'string',
'resourceId': 'string'
}
Response Structure
(dict) --
arn (string) --
The Amazon Resource Name (ARN) of the access log subscription.
destinationArn (string) --
The Amazon Resource Name (ARN) of the log destination.
id (string) --
The ID of the access log subscription.
resourceArn (string) --
The Amazon Resource Name (ARN) of the service network or service.
resourceId (string) --
The ID of the service network or service.
Retrieves information about the resource policy. The resource policy is an IAM policy created by AWS RAM on behalf of the resource owner when they share a resource.
See also: AWS API Documentation
Request Syntax
client.get_resource_policy(
resourceArn='string'
)
string
[REQUIRED]
An IAM policy.
dict
Response Syntax
{
'policy': 'string'
}
Response Structure
(dict) --
policy (string) --
The Amazon Resource Name (ARN) of the service network or service.
Retrieves information about listener rules. You can also retrieve information about the default listener rule. For more information, see Listener rules in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.get_rule(
listenerIdentifier='string',
ruleIdentifier='string',
serviceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener rule.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{
'action': {
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
'arn': 'string',
'createdAt': datetime(2015, 1, 1),
'id': 'string',
'isDefault': True|False,
'lastUpdatedAt': datetime(2015, 1, 1),
'match': {
'httpMatch': {
'headerMatches': [
{
'caseSensitive': True|False,
'match': {
'contains': 'string',
'exact': 'string',
'prefix': 'string'
},
'name': 'string'
},
],
'method': 'string',
'pathMatch': {
'caseSensitive': True|False,
'match': {
'exact': 'string',
'prefix': 'string'
}
}
}
},
'name': 'string',
'priority': 123
}
Response Structure
(dict) --
action (dict) --
The action for the default rule.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: fixedResponse, forward. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) --
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) --
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) --
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
arn (string) --
The Amazon Resource Name (ARN) of the listener.
createdAt (datetime) --
The date and time that the listener rule was created, specified in ISO-8601 format.
id (string) --
The ID of the listener.
isDefault (boolean) --
Indicates whether this is the default rule.
lastUpdatedAt (datetime) --
The date and time that the listener rule was last updated, specified in ISO-8601 format.
match (dict) --
The rule match.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: httpMatch. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
httpMatch (dict) --
The HTTP criteria that a rule must match.
headerMatches (list) --
The header matches. Matches incoming requests with rule based on request header value before applying rule action.
(dict) --
Describes the constraints for a header match. Matches incoming requests with rule based on request header value before applying rule action.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) --
The header match type.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: contains, exact, prefix. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
contains (string) --
Specifies a contains type match.
exact (string) --
Specifies an exact type match.
prefix (string) --
Specifies a prefix type match. Matches the value with the prefix.
name (string) --
The name of the header.
method (string) --
The HTTP method type.
pathMatch (dict) --
The path match.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) --
The type of path match.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: exact, prefix. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
exact (string) --
An exact match of the path.
prefix (string) --
A prefix match of the path.
name (string) --
The name of the listener.
priority (integer) --
The priority level for the specified rule.
Creates a listener rule. Each listener has a default rule for checking connection requests, but you can define additional rules. Each rule consists of a priority, one or more actions, and one or more conditions. For more information, see Listener rules in the Amazon VPC Lattice User Guide .
See also: AWS API Documentation
Request Syntax
client.create_rule(
action={
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
clientToken='string',
listenerIdentifier='string',
match={
'httpMatch': {
'headerMatches': [
{
'caseSensitive': True|False,
'match': {
'contains': 'string',
'exact': 'string',
'prefix': 'string'
},
'name': 'string'
},
],
'method': 'string',
'pathMatch': {
'caseSensitive': True|False,
'match': {
'exact': 'string',
'prefix': 'string'
}
}
}
},
name='string',
priority=123,
serviceIdentifier='string',
tags={
'string': 'string'
}
)
dict
[REQUIRED]
The action for the default rule.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: fixedResponse, forward.
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) -- [REQUIRED]
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) -- [REQUIRED]
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) -- [REQUIRED]
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
dict
[REQUIRED]
The rule match.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: httpMatch.
httpMatch (dict) --
The HTTP criteria that a rule must match.
headerMatches (list) --
The header matches. Matches incoming requests with rule based on request header value before applying rule action.
(dict) --
Describes the constraints for a header match. Matches incoming requests with rule based on request header value before applying rule action.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) -- [REQUIRED]
The header match type.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: contains, exact, prefix.
contains (string) --
Specifies a contains type match.
exact (string) --
Specifies an exact type match.
prefix (string) --
Specifies a prefix type match. Matches the value with the prefix.
name (string) -- [REQUIRED]
The name of the header.
method (string) --
The HTTP method type.
pathMatch (dict) --
The path match.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) -- [REQUIRED]
The type of path match.
Note
This is a Tagged Union structure. Only one of the following top level keys can be set: exact, prefix.
exact (string) --
An exact match of the path.
prefix (string) --
A prefix match of the path.
string
[REQUIRED]
The name of the rule. The name must be unique within the listener. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.
integer
[REQUIRED]
The priority assigned to the rule. Each rule for a specific listener must have a unique priority. The lower the priority number the higher the priority.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
The tags for the rule.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'action': {
'fixedResponse': {
'statusCode': 123
},
'forward': {
'targetGroups': [
{
'targetGroupIdentifier': 'string',
'weight': 123
},
]
}
},
'arn': 'string',
'id': 'string',
'match': {
'httpMatch': {
'headerMatches': [
{
'caseSensitive': True|False,
'match': {
'contains': 'string',
'exact': 'string',
'prefix': 'string'
},
'name': 'string'
},
],
'method': 'string',
'pathMatch': {
'caseSensitive': True|False,
'match': {
'exact': 'string',
'prefix': 'string'
}
}
}
},
'name': 'string',
'priority': 123
}
Response Structure
(dict) --
action (dict) --
The rule action. Each rule must include exactly one of the following types of actions: forward or fixed-response , and it must be the last action to be performed.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: fixedResponse, forward. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
fixedResponse (dict) --
Describes the rule action that returns a custom HTTP response.
statusCode (integer) --
The HTTP response code.
forward (dict) --
The forward action. Traffic that matches the rule is forwarded to the specified target groups.
targetGroups (list) --
The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic.
The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of traffic will go to that target group.
(dict) --
Describes the weight of a target group.
targetGroupIdentifier (string) --
The ID or Amazon Resource Name (ARN) of the target group.
weight (integer) --
Only required if you specify multiple target groups for a forward action. The "weight" determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100.
arn (string) --
The Amazon Resource Name (ARN) of the rule.
id (string) --
The ID of the rule.
match (dict) --
The rule match. The RuleMatch must be an HttpMatch . This means that the rule should be an exact match on HTTP constraints which are made up of the HTTP method, path, and header.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: httpMatch. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
httpMatch (dict) --
The HTTP criteria that a rule must match.
headerMatches (list) --
The header matches. Matches incoming requests with rule based on request header value before applying rule action.
(dict) --
Describes the constraints for a header match. Matches incoming requests with rule based on request header value before applying rule action.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) --
The header match type.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: contains, exact, prefix. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
contains (string) --
Specifies a contains type match.
exact (string) --
Specifies an exact type match.
prefix (string) --
Specifies a prefix type match. Matches the value with the prefix.
name (string) --
The name of the header.
method (string) --
The HTTP method type.
pathMatch (dict) --
The path match.
caseSensitive (boolean) --
Indicates whether the match is case sensitive. Defaults to false.
match (dict) --
The type of path match.
Note
This is a Tagged Union structure. Only one of the following top level keys will be set: exact, prefix. If a client receives an unknown member it will set SDK_UNKNOWN_MEMBER as the top level key, which maps to the name or tag of the unknown member. The structure of SDK_UNKNOWN_MEMBER is as follows:
'SDK_UNKNOWN_MEMBER': {'name': 'UnknownMemberName'}
exact (string) --
An exact match of the path.
prefix (string) --
A prefix match of the path.
name (string) --
The name of the rule.
priority (integer) --
The priority assigned to the rule. The lower the priority number the higher the priority.
Lists the tags for the specified resource.
See also: AWS API Documentation
Request Syntax
client.list_tags_for_resource(
resourceArn='string'
)
string
[REQUIRED]
The Amazon Resource Name (ARN) of the resource.
dict
Response Syntax
{
'tags': {
'string': 'string'
}
}
Response Structure
(dict) --
tags (dict) --
The tags.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws: .
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
Deletes the specified listener.
See also: AWS API Documentation
Request Syntax
client.delete_listener(
listenerIdentifier='string',
serviceIdentifier='string'
)
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the listener.
string
[REQUIRED]
The ID or Amazon Resource Name (ARN) of the service.
dict
Response Syntax
{}
Response Structure
(dict) --