2021/05/26 - Amazon Elastic Compute Cloud - 2 new 16 updated api methods
Changes This release adds resource ids and tagging support for VPC security group rules.
Describes one or more of your security group rules.
See also: AWS API Documentation
Request Syntax
client.describe_security_group_rules(
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
SecurityGroupRuleIds=[
'string',
],
DryRun=True|False,
NextToken='string',
MaxResults=123
)
list
One or more filters.
group-id - The ID of the security group.
security-group-rule-id - The ID of the security group rule.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive.
(string) --
list
The IDs of the security group rules.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The token for the next page of results.
integer
The maximum number of results to return in a single call. To retrieve the remaining results, make another request with the returned NextToken value. This value can be between 5 and 1000. If this parameter is not specified, then all results are returned.
dict
Response Syntax
{
'SecurityGroupRules': [
{
'SecurityGroupRuleId': 'string',
'GroupId': 'string',
'GroupOwnerId': 'string',
'IsEgress': True|False,
'IpProtocol': 'string',
'FromPort': 123,
'ToPort': 123,
'CidrIpv4': 'string',
'CidrIpv6': 'string',
'PrefixListId': 'string',
'ReferencedGroupInfo': {
'GroupId': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string'
},
'Description': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
SecurityGroupRules (list) --
Information about security group rules.
(dict) --
Describes a security group rule.
SecurityGroupRuleId (string) --
The ID of the security group rule.
GroupId (string) --
The ID of the security group.
GroupOwnerId (string) --
The ID of the AWS account that owns the security group.
IsEgress (boolean) --
Indicates whether the security group rule is an outbound rule.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
Use -1 to specify all protocols.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
CidrIpv4 (string) --
The IPv4 CIDR range.
CidrIpv6 (string) --
The IPv6 CIDR range.
PrefixListId (string) --
The ID of the prefix list.
ReferencedGroupInfo (dict) --
Describes the security group that is referenced in the rule.
GroupId (string) --
The ID of the security group.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The AWS account ID.
VpcId (string) --
The ID of the VPC.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection.
Description (string) --
The security group rule description.
Tags (list) --
The tags applied to the security group rule.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
NextToken (string) --
The token to use to retrieve the next page of results. This value is null when there are no more results to return.
Modifies the rules of a security group.
See also: AWS API Documentation
Request Syntax
client.modify_security_group_rules(
GroupId='string',
SecurityGroupRules=[
{
'SecurityGroupRuleId': 'string',
'SecurityGroupRule': {
'IpProtocol': 'string',
'FromPort': 123,
'ToPort': 123,
'CidrIpv4': 'string',
'CidrIpv6': 'string',
'PrefixListId': 'string',
'ReferencedGroupId': 'string',
'Description': 'string'
}
},
],
DryRun=True|False
)
string
[REQUIRED]
The ID of the security group.
list
[REQUIRED]
Information about the security group properties to update.
(dict) --
Describes an update to a security group rule.
SecurityGroupRuleId (string) --
The ID of the security group rule.
SecurityGroupRule (dict) --
Information about the security group rule.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
Use -1 to specify all protocols.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
CidrIpv4 (string) --
The IPv4 CIDR range. To specify a single IPv4 address, use the /32 prefix length.
CidrIpv6 (string) --
The IPv6 CIDR range. To specify a single IPv6 address, use the /128 prefix length.
PrefixListId (string) --
The ID of the prefix list.
ReferencedGroupId (string) --
The ID of the security group that is referenced in the security group rule.
Description (string) --
The description of the security group rule.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{
'Return': True|False
}
Response Structure
(dict) --
Return (boolean) --
Returns true if the request succeeds; otherwise, returns an error.
{'IpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}}}
[VPC only] Adds the specified outbound (egress) rules to a security group for use with a VPC.
An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR address ranges, or to the instances that are associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP). For the TCP and UDP protocols, you must also specify the destination port or port range. For the ICMP protocol, you must also specify the ICMP type and code. You can use -1 for the type or code to mean all types or all codes.
You can optionally add a tag to the security group rule.
Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.
For information about VPC security group quotas, see Amazon VPC Limits.
See also: AWS API Documentation
Request Syntax
client.authorize_security_group_egress(
DryRun=True|False,
GroupId='string',
IpPermissions=[
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
TagSpecifications=[
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
CidrIp='string',
FromPort=123,
IpProtocol='string',
ToPort=123,
SourceSecurityGroupName='string',
SourceSecurityGroupOwnerId='string'
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the security group.
list
The sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
list
The tags applied to the security group rule.
(dict) --
The tags to apply to a resource when the resource is being created.
ResourceType (string) --
The type of resource to tag. Currently, the resource types that support tagging on creation are: capacity-reservation | carrier-gateway | client-vpn-endpoint | customer-gateway | dedicated-host | dhcp-options | egress-only-internet-gateway | elastic-ip | elastic-gpu | export-image-task | export-instance-task | fleet | fpga-image | host-reservation | image | import-image-task | import-snapshot-task | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 | key-pair | launch-template | local-gateway-route-table-vpc-association | placement-group | prefix-list | natgateway | network-acl | network-interface | reserved-instances | route-table | security-group | snapshot | spot-fleet-request | spot-instances-request | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target | transit-gateway | transit-gateway-attachment | transit-gateway-multicast-domain | transit-gateway-route-table | volume | vpc | vpc-peering-connection | vpc-endpoint (for interface and gateway endpoints) | vpc-endpoint-service (for AWS PrivateLink) | vpc-flow-log | vpn-connection | vpn-gateway .
To tag a resource after it has been created, see CreateTags.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
string
Not supported. Use a set of IP permissions to specify the CIDR.
integer
Not supported. Use a set of IP permissions to specify the port.
string
Not supported. Use a set of IP permissions to specify the protocol name or number.
integer
Not supported. Use a set of IP permissions to specify the port.
string
Not supported. Use a set of IP permissions to specify a destination security group.
string
Not supported. Use a set of IP permissions to specify a destination security group.
dict
Response Syntax
{
'Return': True|False,
'SecurityGroupRules': [
{
'SecurityGroupRuleId': 'string',
'GroupId': 'string',
'GroupOwnerId': 'string',
'IsEgress': True|False,
'IpProtocol': 'string',
'FromPort': 123,
'ToPort': 123,
'CidrIpv4': 'string',
'CidrIpv6': 'string',
'PrefixListId': 'string',
'ReferencedGroupInfo': {
'GroupId': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string'
},
'Description': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
}
Response Structure
(dict) --
Return (boolean) --
Returns true if the request succeeds; otherwise, returns an error.
SecurityGroupRules (list) --
Information about the outbound (egress) security group rules that were added.
(dict) --
Describes a security group rule.
SecurityGroupRuleId (string) --
The ID of the security group rule.
GroupId (string) --
The ID of the security group.
GroupOwnerId (string) --
The ID of the AWS account that owns the security group.
IsEgress (boolean) --
Indicates whether the security group rule is an outbound rule.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
Use -1 to specify all protocols.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
CidrIpv4 (string) --
The IPv4 CIDR range.
CidrIpv6 (string) --
The IPv6 CIDR range.
PrefixListId (string) --
The ID of the prefix list.
ReferencedGroupInfo (dict) --
Describes the security group that is referenced in the rule.
GroupId (string) --
The ID of the security group.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The AWS account ID.
VpcId (string) --
The ID of the VPC.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection.
Description (string) --
The security group rule description.
Tags (list) --
The tags applied to the security group rule.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'IpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}}}
Adds the specified inbound (ingress) rules to a security group.
An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address ranges, or from the instances that are associated with the specified destination security groups.
You specify a protocol for each rule (for example, TCP). For TCP and UDP, you must also specify the destination port or port range. For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all types or all codes.
[VPC Only] You can optionally add a tag to the security group rule.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
For information about VPC security group quotas, see Amazon VPC Limits.
See also: AWS API Documentation
Request Syntax
client.authorize_security_group_ingress(
CidrIp='string',
FromPort=123,
GroupId='string',
GroupName='string',
IpPermissions=[
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
IpProtocol='string',
SourceSecurityGroupName='string',
SourceSecurityGroupOwnerId='string',
ToPort=123,
DryRun=True|False,
TagSpecifications=[
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
)
string
The IPv4 address range, in CIDR format. You can't specify this parameter when specifying a source security group. To specify an IPv6 address range, use a set of IP permissions.
Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.
integer
The start of port range for the TCP and UDP protocols, or an ICMP type number. For the ICMP type number, use -1 to specify all types. If you specify all ICMP types, you must specify all codes.
Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.
string
The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
string
[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.
list
The sets of IP permissions.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
string
The IP protocol name ( tcp , udp , icmp ) or number (see Protocol Numbers ). To specify icmpv6 , use a set of IP permissions.
[VPC only] Use -1 to specify all protocols. If you specify -1 or a protocol other than tcp , udp , or icmp , traffic on all ports is allowed, regardless of any ports that you specify.
Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.
string
[EC2-Classic, default VPC] The name of the source security group. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. For EC2-VPC, the source security group must be in the same VPC.
string
[nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead.
integer
The end of port range for the TCP and UDP protocols, or an ICMP code number. For the ICMP code number, use -1 to specify all codes. If you specify all ICMP types, you must specify all codes.
Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
list
[VPC Only] The tags applied to the security group rule.
(dict) --
The tags to apply to a resource when the resource is being created.
ResourceType (string) --
The type of resource to tag. Currently, the resource types that support tagging on creation are: capacity-reservation | carrier-gateway | client-vpn-endpoint | customer-gateway | dedicated-host | dhcp-options | egress-only-internet-gateway | elastic-ip | elastic-gpu | export-image-task | export-instance-task | fleet | fpga-image | host-reservation | image | import-image-task | import-snapshot-task | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 | key-pair | launch-template | local-gateway-route-table-vpc-association | placement-group | prefix-list | natgateway | network-acl | network-interface | reserved-instances | route-table | security-group | snapshot | spot-fleet-request | spot-instances-request | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target | transit-gateway | transit-gateway-attachment | transit-gateway-multicast-domain | transit-gateway-route-table | volume | vpc | vpc-peering-connection | vpc-endpoint (for interface and gateway endpoints) | vpc-endpoint-service (for AWS PrivateLink) | vpc-flow-log | vpn-connection | vpn-gateway .
To tag a resource after it has been created, see CreateTags.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
dict
Response Syntax
{
'Return': True|False,
'SecurityGroupRules': [
{
'SecurityGroupRuleId': 'string',
'GroupId': 'string',
'GroupOwnerId': 'string',
'IsEgress': True|False,
'IpProtocol': 'string',
'FromPort': 123,
'ToPort': 123,
'CidrIpv4': 'string',
'CidrIpv6': 'string',
'PrefixListId': 'string',
'ReferencedGroupInfo': {
'GroupId': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string'
},
'Description': 'string',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
}
Response Structure
(dict) --
Return (boolean) --
Returns true if the request succeeds; otherwise, returns an error.
SecurityGroupRules (list) --
Information about the inbound (ingress) security group rules that were added.
(dict) --
Describes a security group rule.
SecurityGroupRuleId (string) --
The ID of the security group rule.
GroupId (string) --
The ID of the security group.
GroupOwnerId (string) --
The ID of the AWS account that owns the security group.
IsEgress (boolean) --
Indicates whether the security group rule is an outbound rule.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
Use -1 to specify all protocols.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
CidrIpv4 (string) --
The IPv4 CIDR range.
CidrIpv6 (string) --
The IPv6 CIDR range.
PrefixListId (string) --
The ID of the prefix list.
ReferencedGroupInfo (dict) --
Describes the security group that is referenced in the rule.
GroupId (string) --
The ID of the security group.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The AWS account ID.
VpcId (string) --
The ID of the VPC.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection.
Description (string) --
The security group rule description.
Tags (list) --
The tags applied to the security group rule.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'LaunchTemplateData': {'TagSpecifications': {'ResourceType': {'security-group-rule'}}}}
Creates a launch template. A launch template contains the parameters to launch an instance. When you launch an instance using RunInstances, you can specify a launch template instead of providing the launch parameters in the request. For more information, see Launching an instance from a launch template in the Amazon Elastic Compute Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.create_launch_template(
DryRun=True|False,
ClientToken='string',
LaunchTemplateName='string',
VersionDescription='string',
LaunchTemplateData={
'KernelId': 'string',
'EbsOptimized': True|False,
'IamInstanceProfile': {
'Arn': 'string',
'Name': 'string'
},
'BlockDeviceMappings': [
{
'DeviceName': 'string',
'VirtualName': 'string',
'Ebs': {
'Encrypted': True|False,
'DeleteOnTermination': True|False,
'Iops': 123,
'KmsKeyId': 'string',
'SnapshotId': 'string',
'VolumeSize': 123,
'VolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
'Throughput': 123
},
'NoDevice': 'string'
},
],
'NetworkInterfaces': [
{
'AssociateCarrierIpAddress': True|False,
'AssociatePublicIpAddress': True|False,
'DeleteOnTermination': True|False,
'Description': 'string',
'DeviceIndex': 123,
'Groups': [
'string',
],
'InterfaceType': 'string',
'Ipv6AddressCount': 123,
'Ipv6Addresses': [
{
'Ipv6Address': 'string'
},
],
'NetworkInterfaceId': 'string',
'PrivateIpAddress': 'string',
'PrivateIpAddresses': [
{
'Primary': True|False,
'PrivateIpAddress': 'string'
},
],
'SecondaryPrivateIpAddressCount': 123,
'SubnetId': 'string',
'NetworkCardIndex': 123
},
],
'ImageId': 'string',
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'KeyName': 'string',
'Monitoring': {
'Enabled': True|False
},
'Placement': {
'AvailabilityZone': 'string',
'Affinity': 'string',
'GroupName': 'string',
'HostId': 'string',
'Tenancy': 'default'|'dedicated'|'host',
'SpreadDomain': 'string',
'HostResourceGroupArn': 'string',
'PartitionNumber': 123
},
'RamDiskId': 'string',
'DisableApiTermination': True|False,
'InstanceInitiatedShutdownBehavior': 'stop'|'terminate',
'UserData': 'string',
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'ElasticGpuSpecifications': [
{
'Type': 'string'
},
],
'ElasticInferenceAccelerators': [
{
'Type': 'string',
'Count': 123
},
],
'SecurityGroupIds': [
'string',
],
'SecurityGroups': [
'string',
],
'InstanceMarketOptions': {
'MarketType': 'spot',
'SpotOptions': {
'MaxPrice': 'string',
'SpotInstanceType': 'one-time'|'persistent',
'BlockDurationMinutes': 123,
'ValidUntil': datetime(2015, 1, 1),
'InstanceInterruptionBehavior': 'hibernate'|'stop'|'terminate'
}
},
'CreditSpecification': {
'CpuCredits': 'string'
},
'CpuOptions': {
'CoreCount': 123,
'ThreadsPerCore': 123
},
'CapacityReservationSpecification': {
'CapacityReservationPreference': 'open'|'none',
'CapacityReservationTarget': {
'CapacityReservationId': 'string',
'CapacityReservationResourceGroupArn': 'string'
}
},
'LicenseSpecifications': [
{
'LicenseConfigurationArn': 'string'
},
],
'HibernationOptions': {
'Configured': True|False
},
'MetadataOptions': {
'HttpTokens': 'optional'|'required',
'HttpPutResponseHopLimit': 123,
'HttpEndpoint': 'disabled'|'enabled'
},
'EnclaveOptions': {
'Enabled': True|False
}
},
TagSpecifications=[
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.
Constraint: Maximum 128 ASCII characters.
string
[REQUIRED]
A name for the launch template.
string
A description for the first version of the launch template.
dict
[REQUIRED]
The information for the launch template.
KernelId (string) --
The ID of the kernel.
Warning
We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see User Provided Kernels in the Amazon Elastic Compute Cloud User Guide .
EbsOptimized (boolean) --
Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
IamInstanceProfile (dict) --
The name or Amazon Resource Name (ARN) of an IAM instance profile.
Arn (string) --
The Amazon Resource Name (ARN) of the instance profile.
Name (string) --
The name of the instance profile.
BlockDeviceMappings (list) --
The block device mapping.
(dict) --
Describes a block device mapping.
DeviceName (string) --
The device name (for example, /dev/sdh or xvdh).
VirtualName (string) --
The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
Ebs (dict) --
Parameters used to automatically set up EBS volumes when the instance is launched.
Encrypted (boolean) --
Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
DeleteOnTermination (boolean) --
Indicates whether the EBS volume is deleted on instance termination.
Iops (integer) --
The number of I/O operations per second (IOPS). For gp3 , io1 , and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.
The following are the supported values for each volume type:
gp3 : 3,000-16,000 IOPS
io1 : 100-64,000 IOPS
io2 : 100-64,000 IOPS
For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System. Other instance families guarantee performance up to 32,000 IOPS.
This parameter is supported for io1 , io2 , and gp3 volumes only. This parameter is not supported for gp2 , st1 , sc1 , or standard volumes.
KmsKeyId (string) --
The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.
SnapshotId (string) --
The ID of the snapshot.
VolumeSize (integer) --
The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:
gp2 and gp3 : 1-16,384
io1 and io2 : 4-16,384
st1 and sc1 : 125-16,384
standard : 1-1,024
VolumeType (string) --
The volume type. For more information, see Amazon EBS volume types in the Amazon Elastic Compute Cloud User Guide .
Throughput (integer) --
The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.
Valid Range: Minimum value of 125. Maximum value of 1000.
NoDevice (string) --
To omit the device from the block device mapping, specify an empty string.
NetworkInterfaces (list) --
One or more network interfaces. If you specify a network interface, you must specify any security groups and subnets as part of the network interface.
(dict) --
The parameters for a network interface.
AssociateCarrierIpAddress (boolean) --
Associates a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide .
AssociatePublicIpAddress (boolean) --
Associates a public IPv4 address with eth0 for a new network interface.
DeleteOnTermination (boolean) --
Indicates whether the network interface is deleted when the instance is terminated.
Description (string) --
A description for the network interface.
DeviceIndex (integer) --
The device index for the network interface attachment.
Groups (list) --
The IDs of one or more security groups.
(string) --
InterfaceType (string) --
The type of network interface. To create an Elastic Fabric Adapter (EFA), specify efa . For more information, see Elastic Fabric Adapter in the Amazon Elastic Compute Cloud User Guide .
If you are not creating an EFA, specify interface or omit this parameter.
Valid values: interface | efa
Ipv6AddressCount (integer) --
The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.
Ipv6Addresses (list) --
One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.
(dict) --
Describes an IPv6 address.
Ipv6Address (string) --
The IPv6 address.
NetworkInterfaceId (string) --
The ID of the network interface.
PrivateIpAddress (string) --
The primary private IPv4 address of the network interface.
PrivateIpAddresses (list) --
One or more private IPv4 addresses.
(dict) --
Describes a secondary private IPv4 address for a network interface.
Primary (boolean) --
Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.
PrivateIpAddress (string) --
The private IPv4 addresses.
SecondaryPrivateIpAddressCount (integer) --
The number of secondary private IPv4 addresses to assign to a network interface.
SubnetId (string) --
The ID of the subnet for the network interface.
NetworkCardIndex (integer) --
The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.
ImageId (string) --
The ID of the AMI.
InstanceType (string) --
The instance type. For more information, see Instance Types in the Amazon Elastic Compute Cloud User Guide .
KeyName (string) --
The name of the key pair. You can create a key pair using CreateKeyPair or ImportKeyPair.
Warning
If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
Monitoring (dict) --
The monitoring for the instance.
Enabled (boolean) --
Specify true to enable detailed monitoring. Otherwise, basic monitoring is enabled.
Placement (dict) --
The placement for the instance.
AvailabilityZone (string) --
The Availability Zone for the instance.
Affinity (string) --
The affinity setting for an instance on a Dedicated Host.
GroupName (string) --
The name of the placement group for the instance.
HostId (string) --
The ID of the Dedicated Host for the instance.
Tenancy (string) --
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
SpreadDomain (string) --
Reserved for future use.
HostResourceGroupArn (string) --
The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host .
PartitionNumber (integer) --
The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition .
RamDiskId (string) --
The ID of the RAM disk.
Warning
We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see User Provided Kernels in the Amazon Elastic Compute Cloud User Guide .
DisableApiTermination (boolean) --
If you set this parameter to true , you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute after launch, use ModifyInstanceAttribute. Alternatively, if you set InstanceInitiatedShutdownBehavior to terminate , you can terminate the instance by running the shutdown command from the instance.
InstanceInitiatedShutdownBehavior (string) --
Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).
Default: stop
UserData (string) --
The Base64-encoded user data to make available to the instance. For more information, see Running Commands on Your Linux Instance at Launch (Linux) and Adding User Data (Windows).
TagSpecifications (list) --
The tags to apply to the resources during launch. You can only tag instances and volumes on launch. The specified tags are applied to all instances or volumes that are created during launch. To tag a resource after it has been created, see CreateTags.
(dict) --
The tags specification for the launch template.
ResourceType (string) --
The type of resource to tag. Currently, the resource types that support tagging on creation are instance and volume . To tag a resource after it has been created, see CreateTags.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
ElasticGpuSpecifications (list) --
An elastic GPU to associate with the instance.
(dict) --
A specification for an Elastic Graphics accelerator.
Type (string) -- [REQUIRED]
The type of Elastic Graphics accelerator. For more information about the values to specify for Type , see Elastic Graphics Basics, specifically the Elastic Graphics accelerator column, in the Amazon Elastic Compute Cloud User Guide for Windows Instances .
ElasticInferenceAccelerators (list) --
The elastic inference accelerator for the instance.
(dict) --
Describes an elastic inference accelerator.
Type (string) -- [REQUIRED]
The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.
Count (integer) --
The number of elastic inference accelerators to attach to the instance.
Default: 1
SecurityGroupIds (list) --
One or more security group IDs. You can create a security group using CreateSecurityGroup. You cannot specify both a security group ID and security name in the same request.
(string) --
SecurityGroups (list) --
[EC2-Classic, default VPC] One or more security group names. For a nondefault VPC, you must use security group IDs instead. You cannot specify both a security group ID and security name in the same request.
(string) --
InstanceMarketOptions (dict) --
The market (purchasing) option for the instances.
MarketType (string) --
The market type.
SpotOptions (dict) --
The options for Spot Instances.
MaxPrice (string) --
The maximum hourly price you're willing to pay for the Spot Instances.
SpotInstanceType (string) --
The Spot Instance request type.
BlockDurationMinutes (integer) --
The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
ValidUntil (datetime) --
The end date of the request. For a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date and time is reached. The default end date is 7 days from the current date.
InstanceInterruptionBehavior (string) --
The behavior when a Spot Instance is interrupted. The default is terminate .
CreditSpecification (dict) --
The credit option for CPU usage of the instance. Valid for T2, T3, or T3a instances only.
CpuCredits (string) -- [REQUIRED]
The credit option for CPU usage of a T2, T3, or T3a instance. Valid values are standard and unlimited .
CpuOptions (dict) --
The CPU options for the instance. For more information, see Optimizing CPU Options in the Amazon Elastic Compute Cloud User Guide .
CoreCount (integer) --
The number of CPU cores for the instance.
ThreadsPerCore (integer) --
The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.
CapacityReservationSpecification (dict) --
The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to open , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).
CapacityReservationPreference (string) --
Indicates the instance's Capacity Reservation preferences. Possible preferences include:
open - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).
none - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.
CapacityReservationTarget (dict) --
Information about the target Capacity Reservation or Capacity Reservation group.
CapacityReservationId (string) --
The ID of the Capacity Reservation in which to run the instance.
CapacityReservationResourceGroupArn (string) --
The ARN of the Capacity Reservation resource group in which to run the instance.
LicenseSpecifications (list) --
The license configurations.
(dict) --
Describes a license configuration.
LicenseConfigurationArn (string) --
The Amazon Resource Name (ARN) of the license configuration.
HibernationOptions (dict) --
Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the hibernation prerequisites. For more information, see Hibernate Your Instance in the Amazon Elastic Compute Cloud User Guide .
Configured (boolean) --
If you set this parameter to true , the instance is enabled for hibernation.
Default: false
MetadataOptions (dict) --
The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide .
HttpTokens (string) --
The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is optional .
If the state is optional , you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.
If the state is required , you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.
HttpPutResponseHopLimit (integer) --
The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.
Default: 1
Possible values: Integers from 1 to 64
HttpEndpoint (string) --
This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled .
Note
If you specify a value of disabled , you will not be able to access your instance metadata.
EnclaveOptions (dict) --
Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see What is AWS Nitro Enclaves? in the AWS Nitro Enclaves User Guide .
You can't enable AWS Nitro Enclaves and hibernation on the same instance.
Enabled (boolean) --
To enable the instance for AWS Nitro Enclaves, set this parameter to true .
list
The tags to apply to the launch template during creation.
(dict) --
The tags to apply to a resource when the resource is being created.
ResourceType (string) --
The type of resource to tag. Currently, the resource types that support tagging on creation are: capacity-reservation | carrier-gateway | client-vpn-endpoint | customer-gateway | dedicated-host | dhcp-options | egress-only-internet-gateway | elastic-ip | elastic-gpu | export-image-task | export-instance-task | fleet | fpga-image | host-reservation | image | import-image-task | import-snapshot-task | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 | key-pair | launch-template | local-gateway-route-table-vpc-association | placement-group | prefix-list | natgateway | network-acl | network-interface | reserved-instances | route-table | security-group | snapshot | spot-fleet-request | spot-instances-request | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target | transit-gateway | transit-gateway-attachment | transit-gateway-multicast-domain | transit-gateway-route-table | volume | vpc | vpc-peering-connection | vpc-endpoint (for interface and gateway endpoints) | vpc-endpoint-service (for AWS PrivateLink) | vpc-flow-log | vpn-connection | vpn-gateway .
To tag a resource after it has been created, see CreateTags.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
dict
Response Syntax
{
'LaunchTemplate': {
'LaunchTemplateId': 'string',
'LaunchTemplateName': 'string',
'CreateTime': datetime(2015, 1, 1),
'CreatedBy': 'string',
'DefaultVersionNumber': 123,
'LatestVersionNumber': 123,
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
'Warning': {
'Errors': [
{
'Code': 'string',
'Message': 'string'
},
]
}
}
Response Structure
(dict) --
LaunchTemplate (dict) --
Information about the launch template.
LaunchTemplateId (string) --
The ID of the launch template.
LaunchTemplateName (string) --
The name of the launch template.
CreateTime (datetime) --
The time launch template was created.
CreatedBy (string) --
The principal that created the launch template.
DefaultVersionNumber (integer) --
The version number of the default version of the launch template.
LatestVersionNumber (integer) --
The version number of the latest version of the launch template.
Tags (list) --
The tags for the launch template.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
Warning (dict) --
If the launch template contains parameters or parameter combinations that are not valid, an error code and an error message are returned for each issue that's found.
Errors (list) --
The error codes and error messages.
(dict) --
The error code and error message that is returned for a parameter or parameter combination that is not valid when a new launch template or new version of a launch template is created.
Code (string) --
The error code that indicates why the parameter or parameter combination is not valid. For more information about error codes, see Error Codes.
Message (string) --
The error message that describes why the parameter or parameter combination is not valid. For more information about error messages, see Error Codes.
{'LaunchTemplateData': {'TagSpecifications': {'ResourceType': {'security-group-rule'}}}}
Response {'LaunchTemplateVersion': {'LaunchTemplateData': {'TagSpecifications': {'ResourceType': {'security-group-rule'}}}}}
Creates a new version for a launch template. You can specify an existing version of launch template from which to base the new version.
Launch template versions are numbered in the order in which they are created. You cannot specify, change, or replace the numbering of launch template versions.
For more information, see Managing launch template versions in the Amazon Elastic Compute Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.create_launch_template_version(
DryRun=True|False,
ClientToken='string',
LaunchTemplateId='string',
LaunchTemplateName='string',
SourceVersion='string',
VersionDescription='string',
LaunchTemplateData={
'KernelId': 'string',
'EbsOptimized': True|False,
'IamInstanceProfile': {
'Arn': 'string',
'Name': 'string'
},
'BlockDeviceMappings': [
{
'DeviceName': 'string',
'VirtualName': 'string',
'Ebs': {
'Encrypted': True|False,
'DeleteOnTermination': True|False,
'Iops': 123,
'KmsKeyId': 'string',
'SnapshotId': 'string',
'VolumeSize': 123,
'VolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
'Throughput': 123
},
'NoDevice': 'string'
},
],
'NetworkInterfaces': [
{
'AssociateCarrierIpAddress': True|False,
'AssociatePublicIpAddress': True|False,
'DeleteOnTermination': True|False,
'Description': 'string',
'DeviceIndex': 123,
'Groups': [
'string',
],
'InterfaceType': 'string',
'Ipv6AddressCount': 123,
'Ipv6Addresses': [
{
'Ipv6Address': 'string'
},
],
'NetworkInterfaceId': 'string',
'PrivateIpAddress': 'string',
'PrivateIpAddresses': [
{
'Primary': True|False,
'PrivateIpAddress': 'string'
},
],
'SecondaryPrivateIpAddressCount': 123,
'SubnetId': 'string',
'NetworkCardIndex': 123
},
],
'ImageId': 'string',
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'KeyName': 'string',
'Monitoring': {
'Enabled': True|False
},
'Placement': {
'AvailabilityZone': 'string',
'Affinity': 'string',
'GroupName': 'string',
'HostId': 'string',
'Tenancy': 'default'|'dedicated'|'host',
'SpreadDomain': 'string',
'HostResourceGroupArn': 'string',
'PartitionNumber': 123
},
'RamDiskId': 'string',
'DisableApiTermination': True|False,
'InstanceInitiatedShutdownBehavior': 'stop'|'terminate',
'UserData': 'string',
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'ElasticGpuSpecifications': [
{
'Type': 'string'
},
],
'ElasticInferenceAccelerators': [
{
'Type': 'string',
'Count': 123
},
],
'SecurityGroupIds': [
'string',
],
'SecurityGroups': [
'string',
],
'InstanceMarketOptions': {
'MarketType': 'spot',
'SpotOptions': {
'MaxPrice': 'string',
'SpotInstanceType': 'one-time'|'persistent',
'BlockDurationMinutes': 123,
'ValidUntil': datetime(2015, 1, 1),
'InstanceInterruptionBehavior': 'hibernate'|'stop'|'terminate'
}
},
'CreditSpecification': {
'CpuCredits': 'string'
},
'CpuOptions': {
'CoreCount': 123,
'ThreadsPerCore': 123
},
'CapacityReservationSpecification': {
'CapacityReservationPreference': 'open'|'none',
'CapacityReservationTarget': {
'CapacityReservationId': 'string',
'CapacityReservationResourceGroupArn': 'string'
}
},
'LicenseSpecifications': [
{
'LicenseConfigurationArn': 'string'
},
],
'HibernationOptions': {
'Configured': True|False
},
'MetadataOptions': {
'HttpTokens': 'optional'|'required',
'HttpPutResponseHopLimit': 123,
'HttpEndpoint': 'disabled'|'enabled'
},
'EnclaveOptions': {
'Enabled': True|False
}
}
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
Unique, case-sensitive identifier you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.
Constraint: Maximum 128 ASCII characters.
string
The ID of the launch template. You must specify either the launch template ID or launch template name in the request.
string
The name of the launch template. You must specify either the launch template ID or launch template name in the request.
string
The version number of the launch template version on which to base the new version. The new version inherits the same launch parameters as the source version, except for parameters that you specify in LaunchTemplateData . Snapshots applied to the block device mapping are ignored when creating a new version unless they are explicitly included.
string
A description for the version of the launch template.
dict
[REQUIRED]
The information for the launch template.
KernelId (string) --
The ID of the kernel.
Warning
We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see User Provided Kernels in the Amazon Elastic Compute Cloud User Guide .
EbsOptimized (boolean) --
Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance.
IamInstanceProfile (dict) --
The name or Amazon Resource Name (ARN) of an IAM instance profile.
Arn (string) --
The Amazon Resource Name (ARN) of the instance profile.
Name (string) --
The name of the instance profile.
BlockDeviceMappings (list) --
The block device mapping.
(dict) --
Describes a block device mapping.
DeviceName (string) --
The device name (for example, /dev/sdh or xvdh).
VirtualName (string) --
The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
Ebs (dict) --
Parameters used to automatically set up EBS volumes when the instance is launched.
Encrypted (boolean) --
Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value.
DeleteOnTermination (boolean) --
Indicates whether the EBS volume is deleted on instance termination.
Iops (integer) --
The number of I/O operations per second (IOPS). For gp3 , io1 , and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.
The following are the supported values for each volume type:
gp3 : 3,000-16,000 IOPS
io1 : 100-64,000 IOPS
io2 : 100-64,000 IOPS
For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System. Other instance families guarantee performance up to 32,000 IOPS.
This parameter is supported for io1 , io2 , and gp3 volumes only. This parameter is not supported for gp2 , st1 , sc1 , or standard volumes.
KmsKeyId (string) --
The ARN of the symmetric AWS Key Management Service (AWS KMS) CMK used for encryption.
SnapshotId (string) --
The ID of the snapshot.
VolumeSize (integer) --
The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type:
gp2 and gp3 : 1-16,384
io1 and io2 : 4-16,384
st1 and sc1 : 125-16,384
standard : 1-1,024
VolumeType (string) --
The volume type. For more information, see Amazon EBS volume types in the Amazon Elastic Compute Cloud User Guide .
Throughput (integer) --
The throughput to provision for a gp3 volume, with a maximum of 1,000 MiB/s.
Valid Range: Minimum value of 125. Maximum value of 1000.
NoDevice (string) --
To omit the device from the block device mapping, specify an empty string.
NetworkInterfaces (list) --
One or more network interfaces. If you specify a network interface, you must specify any security groups and subnets as part of the network interface.
(dict) --
The parameters for a network interface.
AssociateCarrierIpAddress (boolean) --
Associates a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide .
AssociatePublicIpAddress (boolean) --
Associates a public IPv4 address with eth0 for a new network interface.
DeleteOnTermination (boolean) --
Indicates whether the network interface is deleted when the instance is terminated.
Description (string) --
A description for the network interface.
DeviceIndex (integer) --
The device index for the network interface attachment.
Groups (list) --
The IDs of one or more security groups.
(string) --
InterfaceType (string) --
The type of network interface. To create an Elastic Fabric Adapter (EFA), specify efa . For more information, see Elastic Fabric Adapter in the Amazon Elastic Compute Cloud User Guide .
If you are not creating an EFA, specify interface or omit this parameter.
Valid values: interface | efa
Ipv6AddressCount (integer) --
The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses.
Ipv6Addresses (list) --
One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses.
(dict) --
Describes an IPv6 address.
Ipv6Address (string) --
The IPv6 address.
NetworkInterfaceId (string) --
The ID of the network interface.
PrivateIpAddress (string) --
The primary private IPv4 address of the network interface.
PrivateIpAddresses (list) --
One or more private IPv4 addresses.
(dict) --
Describes a secondary private IPv4 address for a network interface.
Primary (boolean) --
Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.
PrivateIpAddress (string) --
The private IPv4 addresses.
SecondaryPrivateIpAddressCount (integer) --
The number of secondary private IPv4 addresses to assign to a network interface.
SubnetId (string) --
The ID of the subnet for the network interface.
NetworkCardIndex (integer) --
The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.
ImageId (string) --
The ID of the AMI.
InstanceType (string) --
The instance type. For more information, see Instance Types in the Amazon Elastic Compute Cloud User Guide .
KeyName (string) --
The name of the key pair. You can create a key pair using CreateKeyPair or ImportKeyPair.
Warning
If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in.
Monitoring (dict) --
The monitoring for the instance.
Enabled (boolean) --
Specify true to enable detailed monitoring. Otherwise, basic monitoring is enabled.
Placement (dict) --
The placement for the instance.
AvailabilityZone (string) --
The Availability Zone for the instance.
Affinity (string) --
The affinity setting for an instance on a Dedicated Host.
GroupName (string) --
The name of the placement group for the instance.
HostId (string) --
The ID of the Dedicated Host for the instance.
Tenancy (string) --
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
SpreadDomain (string) --
Reserved for future use.
HostResourceGroupArn (string) --
The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the Tenancy parameter or set it to host .
PartitionNumber (integer) --
The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition .
RamDiskId (string) --
The ID of the RAM disk.
Warning
We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see User Provided Kernels in the Amazon Elastic Compute Cloud User Guide .
DisableApiTermination (boolean) --
If you set this parameter to true , you can't terminate the instance using the Amazon EC2 console, CLI, or API; otherwise, you can. To change this attribute after launch, use ModifyInstanceAttribute. Alternatively, if you set InstanceInitiatedShutdownBehavior to terminate , you can terminate the instance by running the shutdown command from the instance.
InstanceInitiatedShutdownBehavior (string) --
Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).
Default: stop
UserData (string) --
The Base64-encoded user data to make available to the instance. For more information, see Running Commands on Your Linux Instance at Launch (Linux) and Adding User Data (Windows).
TagSpecifications (list) --
The tags to apply to the resources during launch. You can only tag instances and volumes on launch. The specified tags are applied to all instances or volumes that are created during launch. To tag a resource after it has been created, see CreateTags.
(dict) --
The tags specification for the launch template.
ResourceType (string) --
The type of resource to tag. Currently, the resource types that support tagging on creation are instance and volume . To tag a resource after it has been created, see CreateTags.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
ElasticGpuSpecifications (list) --
An elastic GPU to associate with the instance.
(dict) --
A specification for an Elastic Graphics accelerator.
Type (string) -- [REQUIRED]
The type of Elastic Graphics accelerator. For more information about the values to specify for Type , see Elastic Graphics Basics, specifically the Elastic Graphics accelerator column, in the Amazon Elastic Compute Cloud User Guide for Windows Instances .
ElasticInferenceAccelerators (list) --
The elastic inference accelerator for the instance.
(dict) --
Describes an elastic inference accelerator.
Type (string) -- [REQUIRED]
The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.
Count (integer) --
The number of elastic inference accelerators to attach to the instance.
Default: 1
SecurityGroupIds (list) --
One or more security group IDs. You can create a security group using CreateSecurityGroup. You cannot specify both a security group ID and security name in the same request.
(string) --
SecurityGroups (list) --
[EC2-Classic, default VPC] One or more security group names. For a nondefault VPC, you must use security group IDs instead. You cannot specify both a security group ID and security name in the same request.
(string) --
InstanceMarketOptions (dict) --
The market (purchasing) option for the instances.
MarketType (string) --
The market type.
SpotOptions (dict) --
The options for Spot Instances.
MaxPrice (string) --
The maximum hourly price you're willing to pay for the Spot Instances.
SpotInstanceType (string) --
The Spot Instance request type.
BlockDurationMinutes (integer) --
The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
ValidUntil (datetime) --
The end date of the request. For a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date and time is reached. The default end date is 7 days from the current date.
InstanceInterruptionBehavior (string) --
The behavior when a Spot Instance is interrupted. The default is terminate .
CreditSpecification (dict) --
The credit option for CPU usage of the instance. Valid for T2, T3, or T3a instances only.
CpuCredits (string) -- [REQUIRED]
The credit option for CPU usage of a T2, T3, or T3a instance. Valid values are standard and unlimited .
CpuOptions (dict) --
The CPU options for the instance. For more information, see Optimizing CPU Options in the Amazon Elastic Compute Cloud User Guide .
CoreCount (integer) --
The number of CPU cores for the instance.
ThreadsPerCore (integer) --
The number of threads per CPU core. To disable multithreading for the instance, specify a value of 1. Otherwise, specify the default value of 2.
CapacityReservationSpecification (dict) --
The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to open , which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).
CapacityReservationPreference (string) --
Indicates the instance's Capacity Reservation preferences. Possible preferences include:
open - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).
none - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.
CapacityReservationTarget (dict) --
Information about the target Capacity Reservation or Capacity Reservation group.
CapacityReservationId (string) --
The ID of the Capacity Reservation in which to run the instance.
CapacityReservationResourceGroupArn (string) --
The ARN of the Capacity Reservation resource group in which to run the instance.
LicenseSpecifications (list) --
The license configurations.
(dict) --
Describes a license configuration.
LicenseConfigurationArn (string) --
The Amazon Resource Name (ARN) of the license configuration.
HibernationOptions (dict) --
Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the hibernation prerequisites. For more information, see Hibernate Your Instance in the Amazon Elastic Compute Cloud User Guide .
Configured (boolean) --
If you set this parameter to true , the instance is enabled for hibernation.
Default: false
MetadataOptions (dict) --
The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide .
HttpTokens (string) --
The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is optional .
If the state is optional , you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.
If the state is required , you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.
HttpPutResponseHopLimit (integer) --
The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.
Default: 1
Possible values: Integers from 1 to 64
HttpEndpoint (string) --
This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled .
Note
If you specify a value of disabled , you will not be able to access your instance metadata.
EnclaveOptions (dict) --
Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see What is AWS Nitro Enclaves? in the AWS Nitro Enclaves User Guide .
You can't enable AWS Nitro Enclaves and hibernation on the same instance.
Enabled (boolean) --
To enable the instance for AWS Nitro Enclaves, set this parameter to true .
dict
Response Syntax
{
'LaunchTemplateVersion': {
'LaunchTemplateId': 'string',
'LaunchTemplateName': 'string',
'VersionNumber': 123,
'VersionDescription': 'string',
'CreateTime': datetime(2015, 1, 1),
'CreatedBy': 'string',
'DefaultVersion': True|False,
'LaunchTemplateData': {
'KernelId': 'string',
'EbsOptimized': True|False,
'IamInstanceProfile': {
'Arn': 'string',
'Name': 'string'
},
'BlockDeviceMappings': [
{
'DeviceName': 'string',
'VirtualName': 'string',
'Ebs': {
'Encrypted': True|False,
'DeleteOnTermination': True|False,
'Iops': 123,
'KmsKeyId': 'string',
'SnapshotId': 'string',
'VolumeSize': 123,
'VolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
'Throughput': 123
},
'NoDevice': 'string'
},
],
'NetworkInterfaces': [
{
'AssociateCarrierIpAddress': True|False,
'AssociatePublicIpAddress': True|False,
'DeleteOnTermination': True|False,
'Description': 'string',
'DeviceIndex': 123,
'Groups': [
'string',
],
'InterfaceType': 'string',
'Ipv6AddressCount': 123,
'Ipv6Addresses': [
{
'Ipv6Address': 'string'
},
],
'NetworkInterfaceId': 'string',
'PrivateIpAddress': 'string',
'PrivateIpAddresses': [
{
'Primary': True|False,
'PrivateIpAddress': 'string'
},
],
'SecondaryPrivateIpAddressCount': 123,
'SubnetId': 'string',
'NetworkCardIndex': 123
},
],
'ImageId': 'string',
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'KeyName': 'string',
'Monitoring': {
'Enabled': True|False
},
'Placement': {
'AvailabilityZone': 'string',
'Affinity': 'string',
'GroupName': 'string',
'HostId': 'string',
'Tenancy': 'default'|'dedicated'|'host',
'SpreadDomain': 'string',
'HostResourceGroupArn': 'string',
'PartitionNumber': 123
},
'RamDiskId': 'string',
'DisableApiTermination': True|False,
'InstanceInitiatedShutdownBehavior': 'stop'|'terminate',
'UserData': 'string',
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'ElasticGpuSpecifications': [
{
'Type': 'string'
},
],
'ElasticInferenceAccelerators': [
{
'Type': 'string',
'Count': 123
},
],
'SecurityGroupIds': [
'string',
],
'SecurityGroups': [
'string',
],
'InstanceMarketOptions': {
'MarketType': 'spot',
'SpotOptions': {
'MaxPrice': 'string',
'SpotInstanceType': 'one-time'|'persistent',
'BlockDurationMinutes': 123,
'ValidUntil': datetime(2015, 1, 1),
'InstanceInterruptionBehavior': 'hibernate'|'stop'|'terminate'
}
},
'CreditSpecification': {
'CpuCredits': 'string'
},
'CpuOptions': {
'CoreCount': 123,
'ThreadsPerCore': 123
},
'CapacityReservationSpecification': {
'CapacityReservationPreference': 'open'|'none',
'CapacityReservationTarget': {
'CapacityReservationId': 'string',
'CapacityReservationResourceGroupArn': 'string'
}
},
'LicenseSpecifications': [
{
'LicenseConfigurationArn': 'string'
},
],
'HibernationOptions': {
'Configured': True|False
},
'MetadataOptions': {
'State': 'pending'|'applied',
'HttpTokens': 'optional'|'required',
'HttpPutResponseHopLimit': 123,
'HttpEndpoint': 'disabled'|'enabled'
},
'EnclaveOptions': {
'Enabled': True|False
}
}
},
'Warning': {
'Errors': [
{
'Code': 'string',
'Message': 'string'
},
]
}
}
Response Structure
(dict) --
LaunchTemplateVersion (dict) --
Information about the launch template version.
LaunchTemplateId (string) --
The ID of the launch template.
LaunchTemplateName (string) --
The name of the launch template.
VersionNumber (integer) --
The version number.
VersionDescription (string) --
The description for the version.
CreateTime (datetime) --
The time the version was created.
CreatedBy (string) --
The principal that created the version.
DefaultVersion (boolean) --
Indicates whether the version is the default version.
LaunchTemplateData (dict) --
Information about the launch template.
KernelId (string) --
The ID of the kernel, if applicable.
EbsOptimized (boolean) --
Indicates whether the instance is optimized for Amazon EBS I/O.
IamInstanceProfile (dict) --
The IAM instance profile.
Arn (string) --
The Amazon Resource Name (ARN) of the instance profile.
Name (string) --
The name of the instance profile.
BlockDeviceMappings (list) --
The block device mappings.
(dict) --
Describes a block device mapping.
DeviceName (string) --
The device name.
VirtualName (string) --
The virtual device name (ephemeralN).
Ebs (dict) --
Information about the block device for an EBS volume.
Encrypted (boolean) --
Indicates whether the EBS volume is encrypted.
DeleteOnTermination (boolean) --
Indicates whether the EBS volume is deleted on instance termination.
Iops (integer) --
The number of I/O operations per second (IOPS) that the volume supports.
KmsKeyId (string) --
The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
SnapshotId (string) --
The ID of the snapshot.
VolumeSize (integer) --
The size of the volume, in GiB.
VolumeType (string) --
The volume type.
Throughput (integer) --
The throughput that the volume supports, in MiB/s.
NoDevice (string) --
To omit the device from the block device mapping, specify an empty string.
NetworkInterfaces (list) --
The network interfaces.
(dict) --
Describes a network interface.
AssociateCarrierIpAddress (boolean) --
Indicates whether to associate a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide .
AssociatePublicIpAddress (boolean) --
Indicates whether to associate a public IPv4 address with eth0 for a new network interface.
DeleteOnTermination (boolean) --
Indicates whether the network interface is deleted when the instance is terminated.
Description (string) --
A description for the network interface.
DeviceIndex (integer) --
The device index for the network interface attachment.
Groups (list) --
The IDs of one or more security groups.
(string) --
InterfaceType (string) --
The type of network interface.
Ipv6AddressCount (integer) --
The number of IPv6 addresses for the network interface.
Ipv6Addresses (list) --
The IPv6 addresses for the network interface.
(dict) --
Describes an IPv6 address.
Ipv6Address (string) --
The IPv6 address.
NetworkInterfaceId (string) --
The ID of the network interface.
PrivateIpAddress (string) --
The primary private IPv4 address of the network interface.
PrivateIpAddresses (list) --
One or more private IPv4 addresses.
(dict) --
Describes a secondary private IPv4 address for a network interface.
Primary (boolean) --
Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.
PrivateIpAddress (string) --
The private IPv4 addresses.
SecondaryPrivateIpAddressCount (integer) --
The number of secondary private IPv4 addresses for the network interface.
SubnetId (string) --
The ID of the subnet for the network interface.
NetworkCardIndex (integer) --
The index of the network card.
ImageId (string) --
The ID of the AMI that was used to launch the instance.
InstanceType (string) --
The instance type.
KeyName (string) --
The name of the key pair.
Monitoring (dict) --
The monitoring for the instance.
Enabled (boolean) --
Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
Placement (dict) --
The placement of the instance.
AvailabilityZone (string) --
The Availability Zone of the instance.
Affinity (string) --
The affinity setting for the instance on the Dedicated Host.
GroupName (string) --
The name of the placement group for the instance.
HostId (string) --
The ID of the Dedicated Host for the instance.
Tenancy (string) --
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
SpreadDomain (string) --
Reserved for future use.
HostResourceGroupArn (string) --
The ARN of the host resource group in which to launch the instances.
PartitionNumber (integer) --
The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition .
RamDiskId (string) --
The ID of the RAM disk, if applicable.
DisableApiTermination (boolean) --
If set to true , indicates that the instance cannot be terminated using the Amazon EC2 console, command line tool, or API.
InstanceInitiatedShutdownBehavior (string) --
Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).
UserData (string) --
The user data for the instance.
TagSpecifications (list) --
The tags.
(dict) --
The tag specification for the launch template.
ResourceType (string) --
The type of resource.
Tags (list) --
The tags for the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
ElasticGpuSpecifications (list) --
The elastic GPU specification.
(dict) --
Describes an elastic GPU.
Type (string) --
The elastic GPU type.
ElasticInferenceAccelerators (list) --
The elastic inference accelerator for the instance.
(dict) --
Describes an elastic inference accelerator.
Type (string) --
The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.
Count (integer) --
The number of elastic inference accelerators to attach to the instance.
Default: 1
SecurityGroupIds (list) --
The security group IDs.
(string) --
SecurityGroups (list) --
The security group names.
(string) --
InstanceMarketOptions (dict) --
The market (purchasing) option for the instances.
MarketType (string) --
The market type.
SpotOptions (dict) --
The options for Spot Instances.
MaxPrice (string) --
The maximum hourly price you're willing to pay for the Spot Instances.
SpotInstanceType (string) --
The Spot Instance request type.
BlockDurationMinutes (integer) --
The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
ValidUntil (datetime) --
The end date of the request. For a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date and time is reached.
InstanceInterruptionBehavior (string) --
The behavior when a Spot Instance is interrupted.
CreditSpecification (dict) --
The credit option for CPU usage of the instance.
CpuCredits (string) --
The credit option for CPU usage of a T2, T3, or T3a instance. Valid values are standard and unlimited .
CpuOptions (dict) --
The CPU options for the instance. For more information, see Optimizing CPU Options in the Amazon Elastic Compute Cloud User Guide .
CoreCount (integer) --
The number of CPU cores for the instance.
ThreadsPerCore (integer) --
The number of threads per CPU core.
CapacityReservationSpecification (dict) --
Information about the Capacity Reservation targeting option.
CapacityReservationPreference (string) --
Indicates the instance's Capacity Reservation preferences. Possible preferences include:
open - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).
none - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.
CapacityReservationTarget (dict) --
Information about the target Capacity Reservation or Capacity Reservation group.
CapacityReservationId (string) --
The ID of the targeted Capacity Reservation.
CapacityReservationResourceGroupArn (string) --
The ARN of the targeted Capacity Reservation group.
LicenseSpecifications (list) --
The license configurations.
(dict) --
Describes a license configuration.
LicenseConfigurationArn (string) --
The Amazon Resource Name (ARN) of the license configuration.
HibernationOptions (dict) --
Indicates whether an instance is configured for hibernation. For more information, see Hibernate Your Instance in the Amazon Elastic Compute Cloud User Guide .
Configured (boolean) --
If this parameter is set to true , the instance is enabled for hibernation; otherwise, it is not enabled for hibernation.
MetadataOptions (dict) --
The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide .
State (string) --
The state of the metadata option changes.
pending - The metadata options are being updated and the instance is not ready to process metadata traffic with the new selection.
applied - The metadata options have been successfully applied on the instance.
HttpTokens (string) --
The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is optional .
If the state is optional , you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.
If the state is required , you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.
HttpPutResponseHopLimit (integer) --
The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.
Default: 1
Possible values: Integers from 1 to 64
HttpEndpoint (string) --
This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled .
Note
If you specify a value of disabled , you will not be able to access your instance metadata.
EnclaveOptions (dict) --
Indicates whether the instance is enabled for AWS Nitro Enclaves.
Enabled (boolean) --
If this parameter is set to true , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.
Warning (dict) --
If the new version of the launch template contains parameters or parameter combinations that are not valid, an error code and an error message are returned for each issue that's found.
Errors (list) --
The error codes and error messages.
(dict) --
The error code and error message that is returned for a parameter or parameter combination that is not valid when a new launch template or new version of a launch template is created.
Code (string) --
The error code that indicates why the parameter or parameter combination is not valid. For more information about error codes, see Error Codes.
Message (string) --
The error message that describes why the parameter or parameter combination is not valid. For more information about error messages, see Error Codes.
{'LaunchTemplateVersions': {'LaunchTemplateData': {'TagSpecifications': {'ResourceType': {'security-group-rule'}}}}}
Describes one or more versions of a specified launch template. You can describe all versions, individual versions, or a range of versions. You can also describe all the latest versions or all the default versions of all the launch templates in your account.
See also: AWS API Documentation
Request Syntax
client.describe_launch_template_versions(
DryRun=True|False,
LaunchTemplateId='string',
LaunchTemplateName='string',
Versions=[
'string',
],
MinVersion='string',
MaxVersion='string',
NextToken='string',
MaxResults=123,
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
]
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The ID of the launch template. To describe one or more versions of a specified launch template, you must specify either the launch template ID or the launch template name in the request. To describe all the latest or default launch template versions in your account, you must omit this parameter.
string
The name of the launch template. To describe one or more versions of a specified launch template, you must specify either the launch template ID or the launch template name in the request. To describe all the latest or default launch template versions in your account, you must omit this parameter.
list
One or more versions of the launch template. Valid values depend on whether you are describing a specified launch template (by ID or name) or all launch templates in your account.
To describe one or more versions of a specified launch template, valid values are $Latest , $Default , and numbers.
To describe all launch templates in your account that are defined as the latest version, the valid value is $Latest . To describe all launch templates in your account that are defined as the default version, the valid value is $Default . You can specify $Latest and $Default in the same call. You cannot specify numbers.
(string) --
string
The version number after which to describe launch template versions.
string
The version number up to which to describe launch template versions.
string
The token to request the next page of results.
integer
The maximum number of results to return in a single call. To retrieve the remaining results, make another call with the returned NextToken value. This value can be between 1 and 200.
list
One or more filters.
create-time - The time the launch template version was created.
ebs-optimized - A boolean that indicates whether the instance is optimized for Amazon EBS I/O.
iam-instance-profile - The ARN of the IAM instance profile.
image-id - The ID of the AMI.
instance-type - The instance type.
is-default-version - A boolean that indicates whether the launch template version is the default version.
kernel-id - The kernel ID.
ram-disk-id - The RAM disk ID.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive.
(string) --
dict
Response Syntax
{
'LaunchTemplateVersions': [
{
'LaunchTemplateId': 'string',
'LaunchTemplateName': 'string',
'VersionNumber': 123,
'VersionDescription': 'string',
'CreateTime': datetime(2015, 1, 1),
'CreatedBy': 'string',
'DefaultVersion': True|False,
'LaunchTemplateData': {
'KernelId': 'string',
'EbsOptimized': True|False,
'IamInstanceProfile': {
'Arn': 'string',
'Name': 'string'
},
'BlockDeviceMappings': [
{
'DeviceName': 'string',
'VirtualName': 'string',
'Ebs': {
'Encrypted': True|False,
'DeleteOnTermination': True|False,
'Iops': 123,
'KmsKeyId': 'string',
'SnapshotId': 'string',
'VolumeSize': 123,
'VolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
'Throughput': 123
},
'NoDevice': 'string'
},
],
'NetworkInterfaces': [
{
'AssociateCarrierIpAddress': True|False,
'AssociatePublicIpAddress': True|False,
'DeleteOnTermination': True|False,
'Description': 'string',
'DeviceIndex': 123,
'Groups': [
'string',
],
'InterfaceType': 'string',
'Ipv6AddressCount': 123,
'Ipv6Addresses': [
{
'Ipv6Address': 'string'
},
],
'NetworkInterfaceId': 'string',
'PrivateIpAddress': 'string',
'PrivateIpAddresses': [
{
'Primary': True|False,
'PrivateIpAddress': 'string'
},
],
'SecondaryPrivateIpAddressCount': 123,
'SubnetId': 'string',
'NetworkCardIndex': 123
},
],
'ImageId': 'string',
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'KeyName': 'string',
'Monitoring': {
'Enabled': True|False
},
'Placement': {
'AvailabilityZone': 'string',
'Affinity': 'string',
'GroupName': 'string',
'HostId': 'string',
'Tenancy': 'default'|'dedicated'|'host',
'SpreadDomain': 'string',
'HostResourceGroupArn': 'string',
'PartitionNumber': 123
},
'RamDiskId': 'string',
'DisableApiTermination': True|False,
'InstanceInitiatedShutdownBehavior': 'stop'|'terminate',
'UserData': 'string',
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'ElasticGpuSpecifications': [
{
'Type': 'string'
},
],
'ElasticInferenceAccelerators': [
{
'Type': 'string',
'Count': 123
},
],
'SecurityGroupIds': [
'string',
],
'SecurityGroups': [
'string',
],
'InstanceMarketOptions': {
'MarketType': 'spot',
'SpotOptions': {
'MaxPrice': 'string',
'SpotInstanceType': 'one-time'|'persistent',
'BlockDurationMinutes': 123,
'ValidUntil': datetime(2015, 1, 1),
'InstanceInterruptionBehavior': 'hibernate'|'stop'|'terminate'
}
},
'CreditSpecification': {
'CpuCredits': 'string'
},
'CpuOptions': {
'CoreCount': 123,
'ThreadsPerCore': 123
},
'CapacityReservationSpecification': {
'CapacityReservationPreference': 'open'|'none',
'CapacityReservationTarget': {
'CapacityReservationId': 'string',
'CapacityReservationResourceGroupArn': 'string'
}
},
'LicenseSpecifications': [
{
'LicenseConfigurationArn': 'string'
},
],
'HibernationOptions': {
'Configured': True|False
},
'MetadataOptions': {
'State': 'pending'|'applied',
'HttpTokens': 'optional'|'required',
'HttpPutResponseHopLimit': 123,
'HttpEndpoint': 'disabled'|'enabled'
},
'EnclaveOptions': {
'Enabled': True|False
}
}
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
LaunchTemplateVersions (list) --
Information about the launch template versions.
(dict) --
Describes a launch template version.
LaunchTemplateId (string) --
The ID of the launch template.
LaunchTemplateName (string) --
The name of the launch template.
VersionNumber (integer) --
The version number.
VersionDescription (string) --
The description for the version.
CreateTime (datetime) --
The time the version was created.
CreatedBy (string) --
The principal that created the version.
DefaultVersion (boolean) --
Indicates whether the version is the default version.
LaunchTemplateData (dict) --
Information about the launch template.
KernelId (string) --
The ID of the kernel, if applicable.
EbsOptimized (boolean) --
Indicates whether the instance is optimized for Amazon EBS I/O.
IamInstanceProfile (dict) --
The IAM instance profile.
Arn (string) --
The Amazon Resource Name (ARN) of the instance profile.
Name (string) --
The name of the instance profile.
BlockDeviceMappings (list) --
The block device mappings.
(dict) --
Describes a block device mapping.
DeviceName (string) --
The device name.
VirtualName (string) --
The virtual device name (ephemeralN).
Ebs (dict) --
Information about the block device for an EBS volume.
Encrypted (boolean) --
Indicates whether the EBS volume is encrypted.
DeleteOnTermination (boolean) --
Indicates whether the EBS volume is deleted on instance termination.
Iops (integer) --
The number of I/O operations per second (IOPS) that the volume supports.
KmsKeyId (string) --
The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
SnapshotId (string) --
The ID of the snapshot.
VolumeSize (integer) --
The size of the volume, in GiB.
VolumeType (string) --
The volume type.
Throughput (integer) --
The throughput that the volume supports, in MiB/s.
NoDevice (string) --
To omit the device from the block device mapping, specify an empty string.
NetworkInterfaces (list) --
The network interfaces.
(dict) --
Describes a network interface.
AssociateCarrierIpAddress (boolean) --
Indicates whether to associate a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide .
AssociatePublicIpAddress (boolean) --
Indicates whether to associate a public IPv4 address with eth0 for a new network interface.
DeleteOnTermination (boolean) --
Indicates whether the network interface is deleted when the instance is terminated.
Description (string) --
A description for the network interface.
DeviceIndex (integer) --
The device index for the network interface attachment.
Groups (list) --
The IDs of one or more security groups.
(string) --
InterfaceType (string) --
The type of network interface.
Ipv6AddressCount (integer) --
The number of IPv6 addresses for the network interface.
Ipv6Addresses (list) --
The IPv6 addresses for the network interface.
(dict) --
Describes an IPv6 address.
Ipv6Address (string) --
The IPv6 address.
NetworkInterfaceId (string) --
The ID of the network interface.
PrivateIpAddress (string) --
The primary private IPv4 address of the network interface.
PrivateIpAddresses (list) --
One or more private IPv4 addresses.
(dict) --
Describes a secondary private IPv4 address for a network interface.
Primary (boolean) --
Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.
PrivateIpAddress (string) --
The private IPv4 addresses.
SecondaryPrivateIpAddressCount (integer) --
The number of secondary private IPv4 addresses for the network interface.
SubnetId (string) --
The ID of the subnet for the network interface.
NetworkCardIndex (integer) --
The index of the network card.
ImageId (string) --
The ID of the AMI that was used to launch the instance.
InstanceType (string) --
The instance type.
KeyName (string) --
The name of the key pair.
Monitoring (dict) --
The monitoring for the instance.
Enabled (boolean) --
Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
Placement (dict) --
The placement of the instance.
AvailabilityZone (string) --
The Availability Zone of the instance.
Affinity (string) --
The affinity setting for the instance on the Dedicated Host.
GroupName (string) --
The name of the placement group for the instance.
HostId (string) --
The ID of the Dedicated Host for the instance.
Tenancy (string) --
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
SpreadDomain (string) --
Reserved for future use.
HostResourceGroupArn (string) --
The ARN of the host resource group in which to launch the instances.
PartitionNumber (integer) --
The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition .
RamDiskId (string) --
The ID of the RAM disk, if applicable.
DisableApiTermination (boolean) --
If set to true , indicates that the instance cannot be terminated using the Amazon EC2 console, command line tool, or API.
InstanceInitiatedShutdownBehavior (string) --
Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).
UserData (string) --
The user data for the instance.
TagSpecifications (list) --
The tags.
(dict) --
The tag specification for the launch template.
ResourceType (string) --
The type of resource.
Tags (list) --
The tags for the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
ElasticGpuSpecifications (list) --
The elastic GPU specification.
(dict) --
Describes an elastic GPU.
Type (string) --
The elastic GPU type.
ElasticInferenceAccelerators (list) --
The elastic inference accelerator for the instance.
(dict) --
Describes an elastic inference accelerator.
Type (string) --
The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.
Count (integer) --
The number of elastic inference accelerators to attach to the instance.
Default: 1
SecurityGroupIds (list) --
The security group IDs.
(string) --
SecurityGroups (list) --
The security group names.
(string) --
InstanceMarketOptions (dict) --
The market (purchasing) option for the instances.
MarketType (string) --
The market type.
SpotOptions (dict) --
The options for Spot Instances.
MaxPrice (string) --
The maximum hourly price you're willing to pay for the Spot Instances.
SpotInstanceType (string) --
The Spot Instance request type.
BlockDurationMinutes (integer) --
The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
ValidUntil (datetime) --
The end date of the request. For a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date and time is reached.
InstanceInterruptionBehavior (string) --
The behavior when a Spot Instance is interrupted.
CreditSpecification (dict) --
The credit option for CPU usage of the instance.
CpuCredits (string) --
The credit option for CPU usage of a T2, T3, or T3a instance. Valid values are standard and unlimited .
CpuOptions (dict) --
The CPU options for the instance. For more information, see Optimizing CPU Options in the Amazon Elastic Compute Cloud User Guide .
CoreCount (integer) --
The number of CPU cores for the instance.
ThreadsPerCore (integer) --
The number of threads per CPU core.
CapacityReservationSpecification (dict) --
Information about the Capacity Reservation targeting option.
CapacityReservationPreference (string) --
Indicates the instance's Capacity Reservation preferences. Possible preferences include:
open - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).
none - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.
CapacityReservationTarget (dict) --
Information about the target Capacity Reservation or Capacity Reservation group.
CapacityReservationId (string) --
The ID of the targeted Capacity Reservation.
CapacityReservationResourceGroupArn (string) --
The ARN of the targeted Capacity Reservation group.
LicenseSpecifications (list) --
The license configurations.
(dict) --
Describes a license configuration.
LicenseConfigurationArn (string) --
The Amazon Resource Name (ARN) of the license configuration.
HibernationOptions (dict) --
Indicates whether an instance is configured for hibernation. For more information, see Hibernate Your Instance in the Amazon Elastic Compute Cloud User Guide .
Configured (boolean) --
If this parameter is set to true , the instance is enabled for hibernation; otherwise, it is not enabled for hibernation.
MetadataOptions (dict) --
The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide .
State (string) --
The state of the metadata option changes.
pending - The metadata options are being updated and the instance is not ready to process metadata traffic with the new selection.
applied - The metadata options have been successfully applied on the instance.
HttpTokens (string) --
The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is optional .
If the state is optional , you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.
If the state is required , you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.
HttpPutResponseHopLimit (integer) --
The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.
Default: 1
Possible values: Integers from 1 to 64
HttpEndpoint (string) --
This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled .
Note
If you specify a value of disabled , you will not be able to access your instance metadata.
EnclaveOptions (dict) --
Indicates whether the instance is enabled for AWS Nitro Enclaves.
Enabled (boolean) --
If this parameter is set to true , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.
NextToken (string) --
The token to use to retrieve the next page of results. This value is null when there are no more results to return.
{'SecurityGroups': {'IpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}},
'IpPermissionsEgress': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}}}}
Describes the specified security groups or all of your security groups.
A security group is for use with instances either in the EC2-Classic platform or in a specific VPC. For more information, see Amazon EC2 Security Groups in the Amazon Elastic Compute Cloud User Guide and Security Groups for Your VPC in the Amazon Virtual Private Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_security_groups(
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
GroupIds=[
'string',
],
GroupNames=[
'string',
],
DryRun=True|False,
NextToken='string',
MaxResults=123
)
list
The filters. If using multiple filters for rules, the results include security groups for which any combination of rules - not necessarily a single rule - match all filters.
description - The description of the security group.
egress.ip-permission.cidr - An IPv4 CIDR block for an outbound security group rule.
egress.ip-permission.from-port - For an outbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.
egress.ip-permission.group-id - The ID of a security group that has been referenced in an outbound security group rule.
egress.ip-permission.group-name - The name of a security group that is referenced in an outbound security group rule.
egress.ip-permission.ipv6-cidr - An IPv6 CIDR block for an outbound security group rule.
egress.ip-permission.prefix-list-id - The ID of a prefix list to which a security group rule allows outbound access.
egress.ip-permission.protocol - The IP protocol for an outbound security group rule ( tcp | udp | icmp , a protocol number, or -1 for all protocols).
egress.ip-permission.to-port - For an outbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.
egress.ip-permission.user-id - The ID of an AWS account that has been referenced in an outbound security group rule.
group-id - The ID of the security group.
group-name - The name of the security group.
ip-permission.cidr - An IPv4 CIDR block for an inbound security group rule.
ip-permission.from-port - For an inbound rule, the start of port range for the TCP and UDP protocols, or an ICMP type number.
ip-permission.group-id - The ID of a security group that has been referenced in an inbound security group rule.
ip-permission.group-name - The name of a security group that is referenced in an inbound security group rule.
ip-permission.ipv6-cidr - An IPv6 CIDR block for an inbound security group rule.
ip-permission.prefix-list-id - The ID of a prefix list from which a security group rule allows inbound access.
ip-permission.protocol - The IP protocol for an inbound security group rule ( tcp | udp | icmp , a protocol number, or -1 for all protocols).
ip-permission.to-port - For an inbound rule, the end of port range for the TCP and UDP protocols, or an ICMP code.
ip-permission.user-id - The ID of an AWS account that has been referenced in an inbound security group rule.
owner-id - The AWS account ID of the owner of the security group.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC specified when the security group was created.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive.
(string) --
list
The IDs of the security groups. Required for security groups in a nondefault VPC.
Default: Describes all of your security groups.
(string) --
list
[EC2-Classic and default VPC only] The names of the security groups. You can specify either the security group name or the security group ID. For security groups in a nondefault VPC, use the group-name filter to describe security groups by name.
Default: Describes all of your security groups.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The token to request the next page of results.
integer
The maximum number of results to return in a single call. To retrieve the remaining results, make another request with the returned NextToken value. This value can be between 5 and 1000. If this parameter is not specified, then all results are returned.
dict
Response Syntax
{
'SecurityGroups': [
{
'Description': 'string',
'GroupName': 'string',
'IpPermissions': [
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
'OwnerId': 'string',
'GroupId': 'string',
'IpPermissionsEgress': [
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
],
'VpcId': 'string'
},
],
'NextToken': 'string'
}
Response Structure
(dict) --
SecurityGroups (list) --
Information about the security groups.
(dict) --
Describes a security group.
Description (string) --
A description of the security group.
GroupName (string) --
The name of the security group.
IpPermissions (list) --
The inbound rules associated with the security group.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
OwnerId (string) --
The AWS account ID of the owner of the security group.
GroupId (string) --
The ID of the security group.
IpPermissionsEgress (list) --
[VPC only] The outbound rules associated with the security group.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
Tags (list) --
Any tags assigned to the security group.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
VpcId (string) --
[VPC only] The ID of the VPC for the security group.
NextToken (string) --
The token to use to retrieve the next page of results. This value is null when there are no more results to return.
{'SpotFleetRequestConfigs': {'SpotFleetRequestConfig': {'LaunchSpecifications': {'TagSpecifications': {'ResourceType': {'security-group-rule'}}},
'TagSpecifications': {'ResourceType': {'security-group-rule'}}}}}
Describes your Spot Fleet requests.
Spot Fleet requests are deleted 48 hours after they are canceled and their instances are terminated.
See also: AWS API Documentation
Request Syntax
client.describe_spot_fleet_requests(
DryRun=True|False,
MaxResults=123,
NextToken='string',
SpotFleetRequestIds=[
'string',
]
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
integer
The maximum number of results to return in a single call. Specify a value between 1 and 1000. The default value is 1000. To retrieve the remaining results, make another call with the returned NextToken value.
string
The token for the next set of results.
list
The IDs of the Spot Fleet requests.
(string) --
dict
Response Syntax
{
'NextToken': 'string',
'SpotFleetRequestConfigs': [
{
'ActivityStatus': 'error'|'pending_fulfillment'|'pending_termination'|'fulfilled',
'CreateTime': datetime(2015, 1, 1),
'SpotFleetRequestConfig': {
'AllocationStrategy': 'lowestPrice'|'diversified'|'capacityOptimized'|'capacityOptimizedPrioritized',
'OnDemandAllocationStrategy': 'lowestPrice'|'prioritized',
'SpotMaintenanceStrategies': {
'CapacityRebalance': {
'ReplacementStrategy': 'launch'
}
},
'ClientToken': 'string',
'ExcessCapacityTerminationPolicy': 'noTermination'|'default',
'FulfilledCapacity': 123.0,
'OnDemandFulfilledCapacity': 123.0,
'IamFleetRole': 'string',
'LaunchSpecifications': [
{
'SecurityGroups': [
{
'GroupName': 'string',
'GroupId': 'string'
},
],
'AddressingType': 'string',
'BlockDeviceMappings': [
{
'DeviceName': 'string',
'VirtualName': 'string',
'Ebs': {
'DeleteOnTermination': True|False,
'Iops': 123,
'SnapshotId': 'string',
'VolumeSize': 123,
'VolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
'KmsKeyId': 'string',
'Throughput': 123,
'OutpostArn': 'string',
'Encrypted': True|False
},
'NoDevice': 'string'
},
],
'EbsOptimized': True|False,
'IamInstanceProfile': {
'Arn': 'string',
'Name': 'string'
},
'ImageId': 'string',
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'KernelId': 'string',
'KeyName': 'string',
'Monitoring': {
'Enabled': True|False
},
'NetworkInterfaces': [
{
'AssociatePublicIpAddress': True|False,
'DeleteOnTermination': True|False,
'Description': 'string',
'DeviceIndex': 123,
'Groups': [
'string',
],
'Ipv6AddressCount': 123,
'Ipv6Addresses': [
{
'Ipv6Address': 'string'
},
],
'NetworkInterfaceId': 'string',
'PrivateIpAddress': 'string',
'PrivateIpAddresses': [
{
'Primary': True|False,
'PrivateIpAddress': 'string'
},
],
'SecondaryPrivateIpAddressCount': 123,
'SubnetId': 'string',
'AssociateCarrierIpAddress': True|False,
'InterfaceType': 'string',
'NetworkCardIndex': 123
},
],
'Placement': {
'AvailabilityZone': 'string',
'GroupName': 'string',
'Tenancy': 'default'|'dedicated'|'host'
},
'RamdiskId': 'string',
'SpotPrice': 'string',
'SubnetId': 'string',
'UserData': 'string',
'WeightedCapacity': 123.0,
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
},
],
'LaunchTemplateConfigs': [
{
'LaunchTemplateSpecification': {
'LaunchTemplateId': 'string',
'LaunchTemplateName': 'string',
'Version': 'string'
},
'Overrides': [
{
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'SpotPrice': 'string',
'SubnetId': 'string',
'AvailabilityZone': 'string',
'WeightedCapacity': 123.0,
'Priority': 123.0
},
]
},
],
'SpotPrice': 'string',
'TargetCapacity': 123,
'OnDemandTargetCapacity': 123,
'OnDemandMaxTotalPrice': 'string',
'SpotMaxTotalPrice': 'string',
'TerminateInstancesWithExpiration': True|False,
'Type': 'request'|'maintain'|'instant',
'ValidFrom': datetime(2015, 1, 1),
'ValidUntil': datetime(2015, 1, 1),
'ReplaceUnhealthyInstances': True|False,
'InstanceInterruptionBehavior': 'hibernate'|'stop'|'terminate',
'LoadBalancersConfig': {
'ClassicLoadBalancersConfig': {
'ClassicLoadBalancers': [
{
'Name': 'string'
},
]
},
'TargetGroupsConfig': {
'TargetGroups': [
{
'Arn': 'string'
},
]
}
},
'InstancePoolsToUseCount': 123,
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
},
'SpotFleetRequestId': 'string',
'SpotFleetRequestState': 'submitted'|'active'|'cancelled'|'failed'|'cancelled_running'|'cancelled_terminating'|'modifying',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
}
Response Structure
(dict) --
Contains the output of DescribeSpotFleetRequests.
NextToken (string) --
The token required to retrieve the next set of results. This value is null when there are no more results to return.
SpotFleetRequestConfigs (list) --
Information about the configuration of your Spot Fleet.
(dict) --
Describes a Spot Fleet request.
ActivityStatus (string) --
The progress of the Spot Fleet request. If there is an error, the status is error . After all requests are placed, the status is pending_fulfillment . If the size of the fleet is equal to or greater than its target capacity, the status is fulfilled . If the size of the fleet is decreased, the status is pending_termination while Spot Instances are terminating.
CreateTime (datetime) --
The creation date and time of the request.
SpotFleetRequestConfig (dict) --
The configuration of the Spot Fleet request.
AllocationStrategy (string) --
Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet request.
If the allocation strategy is lowestPrice , Spot Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.
If the allocation strategy is diversified , Spot Fleet launches instances from all the Spot Instance pools that you specify.
If the allocation strategy is capacityOptimized (recommended), Spot Fleet launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching. To give certain instance types a higher chance of launching first, use capacityOptimizedPrioritized . Set a priority for each instance type by using the Priority parameter for LaunchTemplateOverrides . You can assign the same priority to different LaunchTemplateOverrides . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. capacityOptimizedPrioritized is supported only if your Spot Fleet uses a launch template. Note that if the OnDemandAllocationStrategy is set to prioritized , the same priority is applied when fulfilling On-Demand capacity.
OnDemandAllocationStrategy (string) --
The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify lowestPrice , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify prioritized , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to lowestPrice .
SpotMaintenanceStrategies (dict) --
The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.
CapacityRebalance (dict) --
The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.
ReplacementStrategy (string) --
The replacement strategy to use. Only available for fleets of type maintain . You must specify a value, otherwise you get an error.
To allow Spot Fleet to launch a replacement Spot Instance when an instance rebalance notification is emitted for a Spot Instance in the fleet, specify launch .
Note
When a replacement instance is launched, the instance marked for rebalance is not automatically terminated. You can terminate it, or you can leave it running. You are charged for all instances while they are running.
ClientToken (string) --
A unique, case-sensitive identifier that you provide to ensure the idempotency of your listings. This helps to avoid duplicate listings. For more information, see Ensuring Idempotency.
ExcessCapacityTerminationPolicy (string) --
Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.
FulfilledCapacity (float) --
The number of units fulfilled by this request compared to the set target capacity. You cannot set this value.
OnDemandFulfilledCapacity (float) --
The number of On-Demand units fulfilled by this request compared to the set target On-Demand capacity.
IamFleetRole (string) --
The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see Spot Fleet prerequisites in the Amazon EC2 User Guide for Linux Instances . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request using CancelSpotFleetRequests or when the Spot Fleet request expires, if you set TerminateInstancesWithExpiration .
LaunchSpecifications (list) --
The launch specifications for the Spot Fleet request. If you specify LaunchSpecifications , you can't specify LaunchTemplateConfigs . If you include On-Demand capacity in your request, you must use LaunchTemplateConfigs .
(dict) --
Describes the launch specification for one or more Spot Instances. If you include On-Demand capacity in your fleet request or want to specify an EFA network device, you can't use SpotFleetLaunchSpecification ; you must use LaunchTemplateConfig.
SecurityGroups (list) --
One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.
(dict) --
Describes a security group.
GroupName (string) --
The name of the security group.
GroupId (string) --
The ID of the security group.
AddressingType (string) --
Deprecated.
BlockDeviceMappings (list) --
One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.
(dict) --
Describes a block device mapping.
DeviceName (string) --
The device name (for example, /dev/sdh or xvdh ).
VirtualName (string) --
The virtual device name ( ephemeral N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1 . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
NVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.
Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.
Ebs (dict) --
Parameters used to automatically set up EBS volumes when the instance is launched.
DeleteOnTermination (boolean) --
Indicates whether the EBS volume is deleted on instance termination. For more information, see Preserving Amazon EBS volumes on instance termination in the Amazon EC2 User Guide .
Iops (integer) --
The number of I/O operations per second (IOPS). For gp3 , io1 , and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.
The following are the supported values for each volume type:
gp3 : 3,000-16,000 IOPS
io1 : 100-64,000 IOPS
io2 : 100-64,000 IOPS
For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System. Other instance families guarantee performance up to 32,000 IOPS.
This parameter is required for io1 and io2 volumes. The default for gp3 volumes is 3,000 IOPS. This parameter is not supported for gp2 , st1 , sc1 , or standard volumes.
SnapshotId (string) --
The ID of the snapshot.
VolumeSize (integer) --
The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.
The following are the supported volumes sizes for each volume type:
gp2 and gp3 :1-16,384
io1 and io2 : 4-16,384
st1 and sc1 : 125-16,384
standard : 1-1,024
VolumeType (string) --
The volume type. For more information, see Amazon EBS volume types in the Amazon EC2 User Guide . If the volume type is io1 or io2 , you must specify the IOPS that the volume supports.
KmsKeyId (string) --
Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed CMK under which the EBS volume is encrypted.
This parameter is only supported on BlockDeviceMapping objects called by RunInstances, RequestSpotFleet, and RequestSpotInstances.
Throughput (integer) --
The throughput that the volume supports, in MiB/s.
This parameter is valid only for gp3 volumes.
Valid Range: Minimum value of 125. Maximum value of 1000.
OutpostArn (string) --
The ARN of the Outpost on which the snapshot is stored.
Encrypted (boolean) --
Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to true depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see Amazon EBS encryption in the Amazon EC2 User Guide .
In no case can you remove encryption from an encrypted volume.
Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see Supported instance types.
This parameter is not returned by .
NoDevice (string) --
To omit the device from the block device mapping, specify an empty string.
EbsOptimized (boolean) --
Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.
Default: false
IamInstanceProfile (dict) --
The IAM instance profile.
Arn (string) --
The Amazon Resource Name (ARN) of the instance profile.
Name (string) --
The name of the instance profile.
ImageId (string) --
The ID of the AMI.
InstanceType (string) --
The instance type.
KernelId (string) --
The ID of the kernel.
KeyName (string) --
The name of the key pair.
Monitoring (dict) --
Enable or disable monitoring for the instances.
Enabled (boolean) --
Enables monitoring for the instance.
Default: false
NetworkInterfaces (list) --
One or more network interfaces. If you specify a network interface, you must specify subnet IDs and security group IDs using the network interface.
Note
SpotFleetLaunchSpecification currently does not support Elastic Fabric Adapter (EFA). To specify an EFA, you must use LaunchTemplateConfig.
(dict) --
Describes a network interface.
AssociatePublicIpAddress (boolean) --
Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is true .
DeleteOnTermination (boolean) --
If set to true , the interface is deleted when the instance is terminated. You can specify true only if creating a new network interface when launching an instance.
Description (string) --
The description of the network interface. Applies only if creating a network interface when launching an instance.
DeviceIndex (integer) --
The position of the network interface in the attachment order. A primary network interface has a device index of 0.
If you specify a network interface when launching an instance, you must specify the device index.
Groups (list) --
The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.
(string) --
Ipv6AddressCount (integer) --
A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.
Ipv6Addresses (list) --
One or more IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.
(dict) --
Describes an IPv6 address.
Ipv6Address (string) --
The IPv6 address.
NetworkInterfaceId (string) --
The ID of the network interface.
If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification.
PrivateIpAddress (string) --
The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance. You cannot specify this option if you're launching more than one instance in a RunInstances request.
PrivateIpAddresses (list) --
One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a RunInstances request.
(dict) --
Describes a secondary private IPv4 address for a network interface.
Primary (boolean) --
Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.
PrivateIpAddress (string) --
The private IPv4 addresses.
SecondaryPrivateIpAddressCount (integer) --
The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're launching more than one instance in a RunInstances request.
SubnetId (string) --
The ID of the subnet associated with the network interface. Applies only if creating a network interface when launching an instance.
AssociateCarrierIpAddress (boolean) --
Indicates whether to assign a carrier IP address to the network interface.
You can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide.
InterfaceType (string) --
The type of network interface.
To create an Elastic Fabric Adapter (EFA), specify efa . For more information, see Elastic Fabric Adapter in the Amazon Elastic Compute Cloud User Guide .
If you are not creating an EFA, specify interface or omit this parameter.
Valid values: interface | efa
NetworkCardIndex (integer) --
The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.
Placement (dict) --
The placement information.
AvailabilityZone (string) --
The Availability Zone.
[Spot Fleet only] To specify multiple Availability Zones, separate them using commas; for example, "us-west-2a, us-west-2b".
GroupName (string) --
The name of the placement group.
Tenancy (string) --
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for Spot Instances.
RamdiskId (string) --
The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.
SpotPrice (string) --
The maximum price per unit hour that you are willing to pay for a Spot Instance. If this value is not specified, the default is the Spot price specified for the fleet. To determine the Spot price per unit hour, divide the Spot price by the value of WeightedCapacity .
SubnetId (string) --
The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, "subnet-1234abcdeexample1, subnet-0987cdef6example2".
UserData (string) --
The Base64-encoded user data that instances use when starting up.
WeightedCapacity (float) --
The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.
If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.
TagSpecifications (list) --
The tags to apply during creation.
(dict) --
The tags for a Spot Fleet resource.
ResourceType (string) --
The type of resource. Currently, the only resource type that is supported is instance . To tag the Spot Fleet request on creation, use the TagSpecifications parameter in SpotFleetRequestConfigData.
Tags (list) --
The tags.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
LaunchTemplateConfigs (list) --
The launch template and overrides. If you specify LaunchTemplateConfigs , you can't specify LaunchSpecifications . If you include On-Demand capacity in your request, you must use LaunchTemplateConfigs .
(dict) --
Describes a launch template and overrides.
LaunchTemplateSpecification (dict) --
The launch template.
LaunchTemplateId (string) --
The ID of the launch template. If you specify the template ID, you can't specify the template name.
LaunchTemplateName (string) --
The name of the launch template. If you specify the template name, you can't specify the template ID.
Version (string) --
The launch template version number, $Latest , or $Default . You must specify a value, otherwise the request fails.
If the value is $Latest , Amazon EC2 uses the latest version of the launch template.
If the value is $Default , Amazon EC2 uses the default version of the launch template.
Overrides (list) --
Any parameters that you specify override the same parameters in the launch template.
(dict) --
Describes overrides for a launch template.
InstanceType (string) --
The instance type.
SpotPrice (string) --
The maximum price per unit hour that you are willing to pay for a Spot Instance.
SubnetId (string) --
The ID of the subnet in which to launch the instances.
AvailabilityZone (string) --
The Availability Zone in which to launch the instances.
WeightedCapacity (float) --
The number of units provided by the specified instance type.
Priority (float) --
The priority for the launch template override. The highest priority is launched first.
If OnDemandAllocationStrategy is set to prioritized , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.
If the Spot AllocationStrategy is set to capacityOptimizedPrioritized , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.
Valid values are whole numbers starting at 0 . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.
SpotPrice (string) --
The maximum price per unit hour that you are willing to pay for a Spot Instance. The default is the On-Demand price.
TargetCapacity (integer) --
The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is maintain , you can specify a target capacity of 0 and add capacity later.
OnDemandTargetCapacity (integer) --
The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is maintain , you can specify a target capacity of 0 and add capacity later.
OnDemandMaxTotalPrice (string) --
The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the onDemandMaxTotalPrice parameter, the spotMaxTotalPrice parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.
SpotMaxTotalPrice (string) --
The maximum amount per hour for Spot Instances that you're willing to pay. You can use the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.
TerminateInstancesWithExpiration (boolean) --
Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.
Type (string) --
The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is request , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is maintain , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: maintain . instant is listed but is not used by Spot Fleet.
ValidFrom (datetime) --
The start date and time of the request, in UTC format (YYYY -MM -DD T*HH* :MM :SS Z). By default, Amazon EC2 starts fulfilling the request immediately.
ValidUntil (datetime) --
The end date and time of the request, in UTC format (YYYY -MM -DD T*HH* :MM :SS Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.
ReplaceUnhealthyInstances (boolean) --
Indicates whether Spot Fleet should replace unhealthy instances.
InstanceInterruptionBehavior (string) --
The behavior when a Spot Instance is interrupted. The default is terminate .
LoadBalancersConfig (dict) --
One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.
With Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.
ClassicLoadBalancersConfig (dict) --
The Classic Load Balancers.
ClassicLoadBalancers (list) --
One or more Classic Load Balancers.
(dict) --
Describes a Classic Load Balancer.
Name (string) --
The name of the load balancer.
TargetGroupsConfig (dict) --
The target groups.
TargetGroups (list) --
One or more target groups.
(dict) --
Describes a load balancer target group.
Arn (string) --
The Amazon Resource Name (ARN) of the target group.
InstancePoolsToUseCount (integer) --
The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot AllocationStrategy is set to lowest-price . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.
TagSpecifications (list) --
The key-value pair for tagging the Spot Fleet request on creation. The value for ResourceType must be spot-fleet-request , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the launch template (valid only if you use LaunchTemplateConfigs ) or in the SpotFleetTagSpecification (valid only if you use LaunchSpecifications ). For information about tagging after launch, see Tagging Your Resources.
(dict) --
The tags to apply to a resource when the resource is being created.
ResourceType (string) --
The type of resource to tag. Currently, the resource types that support tagging on creation are: capacity-reservation | carrier-gateway | client-vpn-endpoint | customer-gateway | dedicated-host | dhcp-options | egress-only-internet-gateway | elastic-ip | elastic-gpu | export-image-task | export-instance-task | fleet | fpga-image | host-reservation | image | import-image-task | import-snapshot-task | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 | key-pair | launch-template | local-gateway-route-table-vpc-association | placement-group | prefix-list | natgateway | network-acl | network-interface | reserved-instances | route-table | security-group | snapshot | spot-fleet-request | spot-instances-request | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target | transit-gateway | transit-gateway-attachment | transit-gateway-multicast-domain | transit-gateway-route-table | volume | vpc | vpc-peering-connection | vpc-endpoint (for interface and gateway endpoints) | vpc-endpoint-service (for AWS PrivateLink) | vpc-flow-log | vpn-connection | vpn-gateway .
To tag a resource after it has been created, see CreateTags.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
SpotFleetRequestId (string) --
The ID of the Spot Fleet request.
SpotFleetRequestState (string) --
The state of the Spot Fleet request.
Tags (list) --
The tags for a Spot Fleet resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
{'StaleSecurityGroupSet': {'StaleIpPermissions': {'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}},
'StaleIpPermissionsEgress': {'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}}}}
[VPC only] Describes the stale security group rules for security groups in a specified VPC. Rules are stale when they reference a deleted security group in a peer VPC, or a security group in a peer VPC for which the VPC peering connection has been deleted.
See also: AWS API Documentation
Request Syntax
client.describe_stale_security_groups(
DryRun=True|False,
MaxResults=123,
NextToken='string',
VpcId='string'
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
integer
The maximum number of items to return for this request. The request returns a token that you can specify in a subsequent call to get the next set of results.
string
The token for the next set of items to return. (You received this token from a prior call.)
string
[REQUIRED]
The ID of the VPC.
dict
Response Syntax
{
'NextToken': 'string',
'StaleSecurityGroupSet': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'StaleIpPermissions': [
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
'string',
],
'PrefixListIds': [
'string',
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
'StaleIpPermissionsEgress': [
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
'string',
],
'PrefixListIds': [
'string',
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
'VpcId': 'string'
},
]
}
Response Structure
(dict) --
NextToken (string) --
The token to use when requesting the next set of items. If there are no additional items to return, the string is empty.
StaleSecurityGroupSet (list) --
Information about the stale security groups.
(dict) --
Describes a stale security group (a security group that contains stale rules).
Description (string) --
The description of the security group.
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group.
StaleIpPermissions (list) --
Information about the stale inbound rules in the security group.
(dict) --
Describes a stale rule in a security group.
FromPort (integer) --
The start of the port range for the TCP and UDP protocols, or an ICMP type number. A value of -1 indicates all ICMP types.
IpProtocol (string) --
The IP protocol name (for tcp , udp , and icmp ) or number (see Protocol Numbers).
IpRanges (list) --
The IP ranges. Not applicable for stale security group rules.
(string) --
PrefixListIds (list) --
The prefix list IDs. Not applicable for stale security group rules.
(string) --
ToPort (integer) --
The end of the port range for the TCP and UDP protocols, or an ICMP type number. A value of -1 indicates all ICMP types.
UserIdGroupPairs (list) --
The security group pairs. Returns the ID of the referenced security group and VPC, and the ID and status of the VPC peering connection.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
StaleIpPermissionsEgress (list) --
Information about the stale outbound rules in the security group.
(dict) --
Describes a stale rule in a security group.
FromPort (integer) --
The start of the port range for the TCP and UDP protocols, or an ICMP type number. A value of -1 indicates all ICMP types.
IpProtocol (string) --
The IP protocol name (for tcp , udp , and icmp ) or number (see Protocol Numbers).
IpRanges (list) --
The IP ranges. Not applicable for stale security group rules.
(string) --
PrefixListIds (list) --
The prefix list IDs. Not applicable for stale security group rules.
(string) --
ToPort (integer) --
The end of the port range for the TCP and UDP protocols, or an ICMP type number. A value of -1 indicates all ICMP types.
UserIdGroupPairs (list) --
The security group pairs. Returns the ID of the referenced security group and VPC, and the ID and status of the VPC peering connection.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
VpcId (string) --
The ID of the VPC for the security group.
{'Tags': {'ResourceType': {'security-group-rule'}}}
Describes the specified tags for your EC2 resources.
For more information about tags, see Tagging Your Resources in the Amazon Elastic Compute Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_tags(
DryRun=True|False,
Filters=[
{
'Name': 'string',
'Values': [
'string',
]
},
],
MaxResults=123,
NextToken='string'
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
list
The filters.
key - The tag key.
resource-id - The ID of the resource.
resource-type - The resource type ( customer-gateway | dedicated-host | dhcp-options | elastic-ip | fleet | fpga-image | host-reservation | image | instance | internet-gateway | key-pair | launch-template | natgateway | network-acl | network-interface | placement-group | reserved-instances | route-table | security-group | snapshot | spot-instances-request | subnet | volume | vpc | vpc-endpoint | vpc-endpoint-service | vpc-peering-connection | vpn-connection | vpn-gateway ).
tag :<key> - The key/value combination of the tag. For example, specify "tag:Owner" for the filter name and "TeamA" for the filter value to find resources with the tag "Owner=TeamA".
value - The tag value.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive.
(string) --
integer
The maximum number of results to return in a single call. This value can be between 5 and 1000. To retrieve the remaining results, make another call with the returned NextToken value.
string
The token to retrieve the next page of results.
dict
Response Syntax
{
'NextToken': 'string',
'Tags': [
{
'Key': 'string',
'ResourceId': 'string',
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Value': 'string'
},
]
}
Response Structure
(dict) --
NextToken (string) --
The token to use to retrieve the next page of results. This value is null when there are no more results to return.
Tags (list) --
The tags.
(dict) --
Describes a tag.
Key (string) --
The tag key.
ResourceId (string) --
The ID of the resource.
ResourceType (string) --
The resource type.
Value (string) --
The tag value.
{'LaunchTemplateData': {'TagSpecifications': {'ResourceType': {'security-group-rule'}}}}
Retrieves the configuration data of the specified instance. You can use this data to create a launch template.
This action calls on other describe actions to get instance information. Depending on your instance configuration, you may need to allow the following actions in your IAM policy: DescribeSpotInstanceRequests, DescribeInstanceCreditSpecifications, DescribeVolumes, DescribeInstanceAttribute, and DescribeElasticGpus. Or, you can allow describe* depending on your instance requirements.
See also: AWS API Documentation
Request Syntax
client.get_launch_template_data(
DryRun=True|False,
InstanceId='string'
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the instance.
dict
Response Syntax
{
'LaunchTemplateData': {
'KernelId': 'string',
'EbsOptimized': True|False,
'IamInstanceProfile': {
'Arn': 'string',
'Name': 'string'
},
'BlockDeviceMappings': [
{
'DeviceName': 'string',
'VirtualName': 'string',
'Ebs': {
'Encrypted': True|False,
'DeleteOnTermination': True|False,
'Iops': 123,
'KmsKeyId': 'string',
'SnapshotId': 'string',
'VolumeSize': 123,
'VolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
'Throughput': 123
},
'NoDevice': 'string'
},
],
'NetworkInterfaces': [
{
'AssociateCarrierIpAddress': True|False,
'AssociatePublicIpAddress': True|False,
'DeleteOnTermination': True|False,
'Description': 'string',
'DeviceIndex': 123,
'Groups': [
'string',
],
'InterfaceType': 'string',
'Ipv6AddressCount': 123,
'Ipv6Addresses': [
{
'Ipv6Address': 'string'
},
],
'NetworkInterfaceId': 'string',
'PrivateIpAddress': 'string',
'PrivateIpAddresses': [
{
'Primary': True|False,
'PrivateIpAddress': 'string'
},
],
'SecondaryPrivateIpAddressCount': 123,
'SubnetId': 'string',
'NetworkCardIndex': 123
},
],
'ImageId': 'string',
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'KeyName': 'string',
'Monitoring': {
'Enabled': True|False
},
'Placement': {
'AvailabilityZone': 'string',
'Affinity': 'string',
'GroupName': 'string',
'HostId': 'string',
'Tenancy': 'default'|'dedicated'|'host',
'SpreadDomain': 'string',
'HostResourceGroupArn': 'string',
'PartitionNumber': 123
},
'RamDiskId': 'string',
'DisableApiTermination': True|False,
'InstanceInitiatedShutdownBehavior': 'stop'|'terminate',
'UserData': 'string',
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
],
'ElasticGpuSpecifications': [
{
'Type': 'string'
},
],
'ElasticInferenceAccelerators': [
{
'Type': 'string',
'Count': 123
},
],
'SecurityGroupIds': [
'string',
],
'SecurityGroups': [
'string',
],
'InstanceMarketOptions': {
'MarketType': 'spot',
'SpotOptions': {
'MaxPrice': 'string',
'SpotInstanceType': 'one-time'|'persistent',
'BlockDurationMinutes': 123,
'ValidUntil': datetime(2015, 1, 1),
'InstanceInterruptionBehavior': 'hibernate'|'stop'|'terminate'
}
},
'CreditSpecification': {
'CpuCredits': 'string'
},
'CpuOptions': {
'CoreCount': 123,
'ThreadsPerCore': 123
},
'CapacityReservationSpecification': {
'CapacityReservationPreference': 'open'|'none',
'CapacityReservationTarget': {
'CapacityReservationId': 'string',
'CapacityReservationResourceGroupArn': 'string'
}
},
'LicenseSpecifications': [
{
'LicenseConfigurationArn': 'string'
},
],
'HibernationOptions': {
'Configured': True|False
},
'MetadataOptions': {
'State': 'pending'|'applied',
'HttpTokens': 'optional'|'required',
'HttpPutResponseHopLimit': 123,
'HttpEndpoint': 'disabled'|'enabled'
},
'EnclaveOptions': {
'Enabled': True|False
}
}
}
Response Structure
(dict) --
LaunchTemplateData (dict) --
The instance data.
KernelId (string) --
The ID of the kernel, if applicable.
EbsOptimized (boolean) --
Indicates whether the instance is optimized for Amazon EBS I/O.
IamInstanceProfile (dict) --
The IAM instance profile.
Arn (string) --
The Amazon Resource Name (ARN) of the instance profile.
Name (string) --
The name of the instance profile.
BlockDeviceMappings (list) --
The block device mappings.
(dict) --
Describes a block device mapping.
DeviceName (string) --
The device name.
VirtualName (string) --
The virtual device name (ephemeralN).
Ebs (dict) --
Information about the block device for an EBS volume.
Encrypted (boolean) --
Indicates whether the EBS volume is encrypted.
DeleteOnTermination (boolean) --
Indicates whether the EBS volume is deleted on instance termination.
Iops (integer) --
The number of I/O operations per second (IOPS) that the volume supports.
KmsKeyId (string) --
The ARN of the AWS Key Management Service (AWS KMS) CMK used for encryption.
SnapshotId (string) --
The ID of the snapshot.
VolumeSize (integer) --
The size of the volume, in GiB.
VolumeType (string) --
The volume type.
Throughput (integer) --
The throughput that the volume supports, in MiB/s.
NoDevice (string) --
To omit the device from the block device mapping, specify an empty string.
NetworkInterfaces (list) --
The network interfaces.
(dict) --
Describes a network interface.
AssociateCarrierIpAddress (boolean) --
Indicates whether to associate a Carrier IP address with eth0 for a new network interface.
Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide .
AssociatePublicIpAddress (boolean) --
Indicates whether to associate a public IPv4 address with eth0 for a new network interface.
DeleteOnTermination (boolean) --
Indicates whether the network interface is deleted when the instance is terminated.
Description (string) --
A description for the network interface.
DeviceIndex (integer) --
The device index for the network interface attachment.
Groups (list) --
The IDs of one or more security groups.
(string) --
InterfaceType (string) --
The type of network interface.
Ipv6AddressCount (integer) --
The number of IPv6 addresses for the network interface.
Ipv6Addresses (list) --
The IPv6 addresses for the network interface.
(dict) --
Describes an IPv6 address.
Ipv6Address (string) --
The IPv6 address.
NetworkInterfaceId (string) --
The ID of the network interface.
PrivateIpAddress (string) --
The primary private IPv4 address of the network interface.
PrivateIpAddresses (list) --
One or more private IPv4 addresses.
(dict) --
Describes a secondary private IPv4 address for a network interface.
Primary (boolean) --
Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.
PrivateIpAddress (string) --
The private IPv4 addresses.
SecondaryPrivateIpAddressCount (integer) --
The number of secondary private IPv4 addresses for the network interface.
SubnetId (string) --
The ID of the subnet for the network interface.
NetworkCardIndex (integer) --
The index of the network card.
ImageId (string) --
The ID of the AMI that was used to launch the instance.
InstanceType (string) --
The instance type.
KeyName (string) --
The name of the key pair.
Monitoring (dict) --
The monitoring for the instance.
Enabled (boolean) --
Indicates whether detailed monitoring is enabled. Otherwise, basic monitoring is enabled.
Placement (dict) --
The placement of the instance.
AvailabilityZone (string) --
The Availability Zone of the instance.
Affinity (string) --
The affinity setting for the instance on the Dedicated Host.
GroupName (string) --
The name of the placement group for the instance.
HostId (string) --
The ID of the Dedicated Host for the instance.
Tenancy (string) --
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware.
SpreadDomain (string) --
Reserved for future use.
HostResourceGroupArn (string) --
The ARN of the host resource group in which to launch the instances.
PartitionNumber (integer) --
The number of the partition the instance should launch in. Valid only if the placement group strategy is set to partition .
RamDiskId (string) --
The ID of the RAM disk, if applicable.
DisableApiTermination (boolean) --
If set to true , indicates that the instance cannot be terminated using the Amazon EC2 console, command line tool, or API.
InstanceInitiatedShutdownBehavior (string) --
Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown).
UserData (string) --
The user data for the instance.
TagSpecifications (list) --
The tags.
(dict) --
The tag specification for the launch template.
ResourceType (string) --
The type of resource.
Tags (list) --
The tags for the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
ElasticGpuSpecifications (list) --
The elastic GPU specification.
(dict) --
Describes an elastic GPU.
Type (string) --
The elastic GPU type.
ElasticInferenceAccelerators (list) --
The elastic inference accelerator for the instance.
(dict) --
Describes an elastic inference accelerator.
Type (string) --
The type of elastic inference accelerator. The possible values are eia1.medium, eia1.large, and eia1.xlarge.
Count (integer) --
The number of elastic inference accelerators to attach to the instance.
Default: 1
SecurityGroupIds (list) --
The security group IDs.
(string) --
SecurityGroups (list) --
The security group names.
(string) --
InstanceMarketOptions (dict) --
The market (purchasing) option for the instances.
MarketType (string) --
The market type.
SpotOptions (dict) --
The options for Spot Instances.
MaxPrice (string) --
The maximum hourly price you're willing to pay for the Spot Instances.
SpotInstanceType (string) --
The Spot Instance request type.
BlockDurationMinutes (integer) --
The required duration for the Spot Instances (also known as Spot blocks), in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
ValidUntil (datetime) --
The end date of the request. For a one-time request, the request remains active until all instances launch, the request is canceled, or this date is reached. If the request is persistent, it remains active until it is canceled or this date and time is reached.
InstanceInterruptionBehavior (string) --
The behavior when a Spot Instance is interrupted.
CreditSpecification (dict) --
The credit option for CPU usage of the instance.
CpuCredits (string) --
The credit option for CPU usage of a T2, T3, or T3a instance. Valid values are standard and unlimited .
CpuOptions (dict) --
The CPU options for the instance. For more information, see Optimizing CPU Options in the Amazon Elastic Compute Cloud User Guide .
CoreCount (integer) --
The number of CPU cores for the instance.
ThreadsPerCore (integer) --
The number of threads per CPU core.
CapacityReservationSpecification (dict) --
Information about the Capacity Reservation targeting option.
CapacityReservationPreference (string) --
Indicates the instance's Capacity Reservation preferences. Possible preferences include:
open - The instance can run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone).
none - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity.
CapacityReservationTarget (dict) --
Information about the target Capacity Reservation or Capacity Reservation group.
CapacityReservationId (string) --
The ID of the targeted Capacity Reservation.
CapacityReservationResourceGroupArn (string) --
The ARN of the targeted Capacity Reservation group.
LicenseSpecifications (list) --
The license configurations.
(dict) --
Describes a license configuration.
LicenseConfigurationArn (string) --
The Amazon Resource Name (ARN) of the license configuration.
HibernationOptions (dict) --
Indicates whether an instance is configured for hibernation. For more information, see Hibernate Your Instance in the Amazon Elastic Compute Cloud User Guide .
Configured (boolean) --
If this parameter is set to true , the instance is enabled for hibernation; otherwise, it is not enabled for hibernation.
MetadataOptions (dict) --
The metadata options for the instance. For more information, see Instance Metadata and User Data in the Amazon Elastic Compute Cloud User Guide .
State (string) --
The state of the metadata option changes.
pending - The metadata options are being updated and the instance is not ready to process metadata traffic with the new selection.
applied - The metadata options have been successfully applied on the instance.
HttpTokens (string) --
The state of token usage for your instance metadata requests. If the parameter is not specified in the request, the default state is optional .
If the state is optional , you can choose to retrieve instance metadata with or without a signed token header on your request. If you retrieve the IAM role credentials without a token, the version 1.0 role credentials are returned. If you retrieve the IAM role credentials using a valid signed token, the version 2.0 role credentials are returned.
If the state is required , you must send a signed token header with any instance metadata retrieval requests. In this state, retrieving the IAM role credentials always returns the version 2.0 credentials; the version 1.0 credentials are not available.
HttpPutResponseHopLimit (integer) --
The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel.
Default: 1
Possible values: Integers from 1 to 64
HttpEndpoint (string) --
This parameter enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is enabled .
Note
If you specify a value of disabled , you will not be able to access your instance metadata.
EnclaveOptions (dict) --
Indicates whether the instance is enabled for AWS Nitro Enclaves.
Enabled (boolean) --
If this parameter is set to true , the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves.
{'PoolTagSpecifications': {'ResourceType': {'security-group-rule'}}}
Provisions an IPv4 or IPv6 address range for use with your AWS resources through bring your own IP addresses (BYOIP) and creates a corresponding address pool. After the address range is provisioned, it is ready to be advertised using AdvertiseByoipCidr.
AWS verifies that you own the address range and are authorized to advertise it. You must ensure that the address range is registered to you and that you created an RPKI ROA to authorize Amazon ASNs 16509 and 14618 to advertise the address range. For more information, see Bring Your Own IP Addresses (BYOIP) in the Amazon Elastic Compute Cloud User Guide .
Provisioning an address range is an asynchronous operation, so the call returns immediately, but the address range is not ready to use until its status changes from pending-provision to provisioned . To monitor the status of an address range, use DescribeByoipCidrs. To allocate an Elastic IP address from your IPv4 address pool, use AllocateAddress with either the specific address from the address pool or the ID of the address pool.
See also: AWS API Documentation
Request Syntax
client.provision_byoip_cidr(
Cidr='string',
CidrAuthorizationContext={
'Message': 'string',
'Signature': 'string'
},
PubliclyAdvertisable=True|False,
Description='string',
DryRun=True|False,
PoolTagSpecifications=[
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
)
string
[REQUIRED]
The public IPv4 or IPv6 address range, in CIDR notation. The most specific IPv4 prefix that you can specify is /24. The most specific IPv6 prefix you can specify is /56. The address range cannot overlap with another address range that you've brought to this or another Region.
dict
A signed document that proves that you are authorized to bring the specified IP address range to Amazon using BYOIP.
Message (string) -- [REQUIRED]
The plain-text authorization message for the prefix and account.
Signature (string) -- [REQUIRED]
The signed authorization message for the prefix and account.
boolean
(IPv6 only) Indicate whether the address range will be publicly advertised to the internet.
Default: true
string
A description for the address range and the address pool.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
list
The tags to apply to the address pool.
(dict) --
The tags to apply to a resource when the resource is being created.
ResourceType (string) --
The type of resource to tag. Currently, the resource types that support tagging on creation are: capacity-reservation | carrier-gateway | client-vpn-endpoint | customer-gateway | dedicated-host | dhcp-options | egress-only-internet-gateway | elastic-ip | elastic-gpu | export-image-task | export-instance-task | fleet | fpga-image | host-reservation | image | import-image-task | import-snapshot-task | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 | key-pair | launch-template | local-gateway-route-table-vpc-association | placement-group | prefix-list | natgateway | network-acl | network-interface | reserved-instances | route-table | security-group | snapshot | spot-fleet-request | spot-instances-request | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target | transit-gateway | transit-gateway-attachment | transit-gateway-multicast-domain | transit-gateway-route-table | volume | vpc | vpc-peering-connection | vpc-endpoint (for interface and gateway endpoints) | vpc-endpoint-service (for AWS PrivateLink) | vpc-flow-log | vpn-connection | vpn-gateway .
To tag a resource after it has been created, see CreateTags.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
dict
Response Syntax
{
'ByoipCidr': {
'Cidr': 'string',
'Description': 'string',
'StatusMessage': 'string',
'State': 'advertised'|'deprovisioned'|'failed-deprovision'|'failed-provision'|'pending-deprovision'|'pending-provision'|'provisioned'|'provisioned-not-publicly-advertisable'
}
}
Response Structure
(dict) --
ByoipCidr (dict) --
Information about the address range.
Cidr (string) --
The address range, in CIDR notation.
Description (string) --
The description of the address range.
StatusMessage (string) --
Upon success, contains the ID of the address pool. Otherwise, contains an error message.
State (string) --
The state of the address pool.
{'SpotFleetRequestConfig': {'LaunchSpecifications': {'TagSpecifications': {'ResourceType': {'security-group-rule'}}},
'TagSpecifications': {'ResourceType': {'security-group-rule'}}}}
Creates a Spot Fleet request.
The Spot Fleet request specifies the total target capacity and the On-Demand target capacity. Amazon EC2 calculates the difference between the total capacity and On-Demand capacity, and launches the difference as Spot capacity.
You can submit a single request that includes multiple launch specifications that vary by instance type, AMI, Availability Zone, or subnet.
By default, the Spot Fleet requests Spot Instances in the Spot Instance pool where the price per unit is the lowest. Each launch specification can include its own instance weighting that reflects the value of the instance type to your application workload.
Alternatively, you can specify that the Spot Fleet distribute the target capacity across the Spot pools included in its launch specifications. By ensuring that the Spot Instances in your Spot Fleet are in different Spot pools, you can improve the availability of your fleet.
You can specify tags for the Spot Fleet request and instances launched by the fleet. You cannot tag other resource types in a Spot Fleet request because only the spot-fleet-request and instance resource types are supported.
For more information, see Spot Fleet requests in the Amazon EC2 User Guide for Linux Instances .
See also: AWS API Documentation
Request Syntax
client.request_spot_fleet(
DryRun=True|False,
SpotFleetRequestConfig={
'AllocationStrategy': 'lowestPrice'|'diversified'|'capacityOptimized'|'capacityOptimizedPrioritized',
'OnDemandAllocationStrategy': 'lowestPrice'|'prioritized',
'SpotMaintenanceStrategies': {
'CapacityRebalance': {
'ReplacementStrategy': 'launch'
}
},
'ClientToken': 'string',
'ExcessCapacityTerminationPolicy': 'noTermination'|'default',
'FulfilledCapacity': 123.0,
'OnDemandFulfilledCapacity': 123.0,
'IamFleetRole': 'string',
'LaunchSpecifications': [
{
'SecurityGroups': [
{
'GroupName': 'string',
'GroupId': 'string'
},
],
'AddressingType': 'string',
'BlockDeviceMappings': [
{
'DeviceName': 'string',
'VirtualName': 'string',
'Ebs': {
'DeleteOnTermination': True|False,
'Iops': 123,
'SnapshotId': 'string',
'VolumeSize': 123,
'VolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
'KmsKeyId': 'string',
'Throughput': 123,
'OutpostArn': 'string',
'Encrypted': True|False
},
'NoDevice': 'string'
},
],
'EbsOptimized': True|False,
'IamInstanceProfile': {
'Arn': 'string',
'Name': 'string'
},
'ImageId': 'string',
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'KernelId': 'string',
'KeyName': 'string',
'Monitoring': {
'Enabled': True|False
},
'NetworkInterfaces': [
{
'AssociatePublicIpAddress': True|False,
'DeleteOnTermination': True|False,
'Description': 'string',
'DeviceIndex': 123,
'Groups': [
'string',
],
'Ipv6AddressCount': 123,
'Ipv6Addresses': [
{
'Ipv6Address': 'string'
},
],
'NetworkInterfaceId': 'string',
'PrivateIpAddress': 'string',
'PrivateIpAddresses': [
{
'Primary': True|False,
'PrivateIpAddress': 'string'
},
],
'SecondaryPrivateIpAddressCount': 123,
'SubnetId': 'string',
'AssociateCarrierIpAddress': True|False,
'InterfaceType': 'string',
'NetworkCardIndex': 123
},
],
'Placement': {
'AvailabilityZone': 'string',
'GroupName': 'string',
'Tenancy': 'default'|'dedicated'|'host'
},
'RamdiskId': 'string',
'SpotPrice': 'string',
'SubnetId': 'string',
'UserData': 'string',
'WeightedCapacity': 123.0,
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
},
],
'LaunchTemplateConfigs': [
{
'LaunchTemplateSpecification': {
'LaunchTemplateId': 'string',
'LaunchTemplateName': 'string',
'Version': 'string'
},
'Overrides': [
{
'InstanceType': 't1.micro'|'t2.nano'|'t2.micro'|'t2.small'|'t2.medium'|'t2.large'|'t2.xlarge'|'t2.2xlarge'|'t3.nano'|'t3.micro'|'t3.small'|'t3.medium'|'t3.large'|'t3.xlarge'|'t3.2xlarge'|'t3a.nano'|'t3a.micro'|'t3a.small'|'t3a.medium'|'t3a.large'|'t3a.xlarge'|'t3a.2xlarge'|'t4g.nano'|'t4g.micro'|'t4g.small'|'t4g.medium'|'t4g.large'|'t4g.xlarge'|'t4g.2xlarge'|'m1.small'|'m1.medium'|'m1.large'|'m1.xlarge'|'m3.medium'|'m3.large'|'m3.xlarge'|'m3.2xlarge'|'m4.large'|'m4.xlarge'|'m4.2xlarge'|'m4.4xlarge'|'m4.10xlarge'|'m4.16xlarge'|'m2.xlarge'|'m2.2xlarge'|'m2.4xlarge'|'cr1.8xlarge'|'r3.large'|'r3.xlarge'|'r3.2xlarge'|'r3.4xlarge'|'r3.8xlarge'|'r4.large'|'r4.xlarge'|'r4.2xlarge'|'r4.4xlarge'|'r4.8xlarge'|'r4.16xlarge'|'r5.large'|'r5.xlarge'|'r5.2xlarge'|'r5.4xlarge'|'r5.8xlarge'|'r5.12xlarge'|'r5.16xlarge'|'r5.24xlarge'|'r5.metal'|'r5a.large'|'r5a.xlarge'|'r5a.2xlarge'|'r5a.4xlarge'|'r5a.8xlarge'|'r5a.12xlarge'|'r5a.16xlarge'|'r5a.24xlarge'|'r5b.large'|'r5b.xlarge'|'r5b.2xlarge'|'r5b.4xlarge'|'r5b.8xlarge'|'r5b.12xlarge'|'r5b.16xlarge'|'r5b.24xlarge'|'r5b.metal'|'r5d.large'|'r5d.xlarge'|'r5d.2xlarge'|'r5d.4xlarge'|'r5d.8xlarge'|'r5d.12xlarge'|'r5d.16xlarge'|'r5d.24xlarge'|'r5d.metal'|'r5ad.large'|'r5ad.xlarge'|'r5ad.2xlarge'|'r5ad.4xlarge'|'r5ad.8xlarge'|'r5ad.12xlarge'|'r5ad.16xlarge'|'r5ad.24xlarge'|'r6g.metal'|'r6g.medium'|'r6g.large'|'r6g.xlarge'|'r6g.2xlarge'|'r6g.4xlarge'|'r6g.8xlarge'|'r6g.12xlarge'|'r6g.16xlarge'|'r6gd.metal'|'r6gd.medium'|'r6gd.large'|'r6gd.xlarge'|'r6gd.2xlarge'|'r6gd.4xlarge'|'r6gd.8xlarge'|'r6gd.12xlarge'|'r6gd.16xlarge'|'x1.16xlarge'|'x1.32xlarge'|'x1e.xlarge'|'x1e.2xlarge'|'x1e.4xlarge'|'x1e.8xlarge'|'x1e.16xlarge'|'x1e.32xlarge'|'i2.xlarge'|'i2.2xlarge'|'i2.4xlarge'|'i2.8xlarge'|'i3.large'|'i3.xlarge'|'i3.2xlarge'|'i3.4xlarge'|'i3.8xlarge'|'i3.16xlarge'|'i3.metal'|'i3en.large'|'i3en.xlarge'|'i3en.2xlarge'|'i3en.3xlarge'|'i3en.6xlarge'|'i3en.12xlarge'|'i3en.24xlarge'|'i3en.metal'|'hi1.4xlarge'|'hs1.8xlarge'|'c1.medium'|'c1.xlarge'|'c3.large'|'c3.xlarge'|'c3.2xlarge'|'c3.4xlarge'|'c3.8xlarge'|'c4.large'|'c4.xlarge'|'c4.2xlarge'|'c4.4xlarge'|'c4.8xlarge'|'c5.large'|'c5.xlarge'|'c5.2xlarge'|'c5.4xlarge'|'c5.9xlarge'|'c5.12xlarge'|'c5.18xlarge'|'c5.24xlarge'|'c5.metal'|'c5a.large'|'c5a.xlarge'|'c5a.2xlarge'|'c5a.4xlarge'|'c5a.8xlarge'|'c5a.12xlarge'|'c5a.16xlarge'|'c5a.24xlarge'|'c5ad.large'|'c5ad.xlarge'|'c5ad.2xlarge'|'c5ad.4xlarge'|'c5ad.8xlarge'|'c5ad.12xlarge'|'c5ad.16xlarge'|'c5ad.24xlarge'|'c5d.large'|'c5d.xlarge'|'c5d.2xlarge'|'c5d.4xlarge'|'c5d.9xlarge'|'c5d.12xlarge'|'c5d.18xlarge'|'c5d.24xlarge'|'c5d.metal'|'c5n.large'|'c5n.xlarge'|'c5n.2xlarge'|'c5n.4xlarge'|'c5n.9xlarge'|'c5n.18xlarge'|'c5n.metal'|'c6g.metal'|'c6g.medium'|'c6g.large'|'c6g.xlarge'|'c6g.2xlarge'|'c6g.4xlarge'|'c6g.8xlarge'|'c6g.12xlarge'|'c6g.16xlarge'|'c6gd.metal'|'c6gd.medium'|'c6gd.large'|'c6gd.xlarge'|'c6gd.2xlarge'|'c6gd.4xlarge'|'c6gd.8xlarge'|'c6gd.12xlarge'|'c6gd.16xlarge'|'c6gn.medium'|'c6gn.large'|'c6gn.xlarge'|'c6gn.2xlarge'|'c6gn.4xlarge'|'c6gn.8xlarge'|'c6gn.12xlarge'|'c6gn.16xlarge'|'cc1.4xlarge'|'cc2.8xlarge'|'g2.2xlarge'|'g2.8xlarge'|'g3.4xlarge'|'g3.8xlarge'|'g3.16xlarge'|'g3s.xlarge'|'g4ad.4xlarge'|'g4ad.8xlarge'|'g4ad.16xlarge'|'g4dn.xlarge'|'g4dn.2xlarge'|'g4dn.4xlarge'|'g4dn.8xlarge'|'g4dn.12xlarge'|'g4dn.16xlarge'|'g4dn.metal'|'cg1.4xlarge'|'p2.xlarge'|'p2.8xlarge'|'p2.16xlarge'|'p3.2xlarge'|'p3.8xlarge'|'p3.16xlarge'|'p3dn.24xlarge'|'p4d.24xlarge'|'d2.xlarge'|'d2.2xlarge'|'d2.4xlarge'|'d2.8xlarge'|'d3.xlarge'|'d3.2xlarge'|'d3.4xlarge'|'d3.8xlarge'|'d3en.xlarge'|'d3en.2xlarge'|'d3en.4xlarge'|'d3en.6xlarge'|'d3en.8xlarge'|'d3en.12xlarge'|'f1.2xlarge'|'f1.4xlarge'|'f1.16xlarge'|'m5.large'|'m5.xlarge'|'m5.2xlarge'|'m5.4xlarge'|'m5.8xlarge'|'m5.12xlarge'|'m5.16xlarge'|'m5.24xlarge'|'m5.metal'|'m5a.large'|'m5a.xlarge'|'m5a.2xlarge'|'m5a.4xlarge'|'m5a.8xlarge'|'m5a.12xlarge'|'m5a.16xlarge'|'m5a.24xlarge'|'m5d.large'|'m5d.xlarge'|'m5d.2xlarge'|'m5d.4xlarge'|'m5d.8xlarge'|'m5d.12xlarge'|'m5d.16xlarge'|'m5d.24xlarge'|'m5d.metal'|'m5ad.large'|'m5ad.xlarge'|'m5ad.2xlarge'|'m5ad.4xlarge'|'m5ad.8xlarge'|'m5ad.12xlarge'|'m5ad.16xlarge'|'m5ad.24xlarge'|'m5zn.large'|'m5zn.xlarge'|'m5zn.2xlarge'|'m5zn.3xlarge'|'m5zn.6xlarge'|'m5zn.12xlarge'|'m5zn.metal'|'h1.2xlarge'|'h1.4xlarge'|'h1.8xlarge'|'h1.16xlarge'|'z1d.large'|'z1d.xlarge'|'z1d.2xlarge'|'z1d.3xlarge'|'z1d.6xlarge'|'z1d.12xlarge'|'z1d.metal'|'u-6tb1.56xlarge'|'u-6tb1.112xlarge'|'u-9tb1.112xlarge'|'u-12tb1.112xlarge'|'u-6tb1.metal'|'u-9tb1.metal'|'u-12tb1.metal'|'u-18tb1.metal'|'u-24tb1.metal'|'a1.medium'|'a1.large'|'a1.xlarge'|'a1.2xlarge'|'a1.4xlarge'|'a1.metal'|'m5dn.large'|'m5dn.xlarge'|'m5dn.2xlarge'|'m5dn.4xlarge'|'m5dn.8xlarge'|'m5dn.12xlarge'|'m5dn.16xlarge'|'m5dn.24xlarge'|'m5n.large'|'m5n.xlarge'|'m5n.2xlarge'|'m5n.4xlarge'|'m5n.8xlarge'|'m5n.12xlarge'|'m5n.16xlarge'|'m5n.24xlarge'|'r5dn.large'|'r5dn.xlarge'|'r5dn.2xlarge'|'r5dn.4xlarge'|'r5dn.8xlarge'|'r5dn.12xlarge'|'r5dn.16xlarge'|'r5dn.24xlarge'|'r5n.large'|'r5n.xlarge'|'r5n.2xlarge'|'r5n.4xlarge'|'r5n.8xlarge'|'r5n.12xlarge'|'r5n.16xlarge'|'r5n.24xlarge'|'inf1.xlarge'|'inf1.2xlarge'|'inf1.6xlarge'|'inf1.24xlarge'|'m6g.metal'|'m6g.medium'|'m6g.large'|'m6g.xlarge'|'m6g.2xlarge'|'m6g.4xlarge'|'m6g.8xlarge'|'m6g.12xlarge'|'m6g.16xlarge'|'m6gd.metal'|'m6gd.medium'|'m6gd.large'|'m6gd.xlarge'|'m6gd.2xlarge'|'m6gd.4xlarge'|'m6gd.8xlarge'|'m6gd.12xlarge'|'m6gd.16xlarge'|'mac1.metal'|'x2gd.medium'|'x2gd.large'|'x2gd.xlarge'|'x2gd.2xlarge'|'x2gd.4xlarge'|'x2gd.8xlarge'|'x2gd.12xlarge'|'x2gd.16xlarge'|'x2gd.metal',
'SpotPrice': 'string',
'SubnetId': 'string',
'AvailabilityZone': 'string',
'WeightedCapacity': 123.0,
'Priority': 123.0
},
]
},
],
'SpotPrice': 'string',
'TargetCapacity': 123,
'OnDemandTargetCapacity': 123,
'OnDemandMaxTotalPrice': 'string',
'SpotMaxTotalPrice': 'string',
'TerminateInstancesWithExpiration': True|False,
'Type': 'request'|'maintain'|'instant',
'ValidFrom': datetime(2015, 1, 1),
'ValidUntil': datetime(2015, 1, 1),
'ReplaceUnhealthyInstances': True|False,
'InstanceInterruptionBehavior': 'hibernate'|'stop'|'terminate',
'LoadBalancersConfig': {
'ClassicLoadBalancersConfig': {
'ClassicLoadBalancers': [
{
'Name': 'string'
},
]
},
'TargetGroupsConfig': {
'TargetGroups': [
{
'Arn': 'string'
},
]
}
},
'InstancePoolsToUseCount': 123,
'TagSpecifications': [
{
'ResourceType': 'client-vpn-endpoint'|'customer-gateway'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'internet-gateway'|'key-pair'|'launch-template'|'local-gateway-route-table-vpc-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'placement-group'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-route-table'|'volume'|'vpc'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log',
'Tags': [
{
'Key': 'string',
'Value': 'string'
},
]
},
]
}
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
[REQUIRED]
The configuration for the Spot Fleet request.
AllocationStrategy (string) --
Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet request.
If the allocation strategy is lowestPrice , Spot Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy.
If the allocation strategy is diversified , Spot Fleet launches instances from all the Spot Instance pools that you specify.
If the allocation strategy is capacityOptimized (recommended), Spot Fleet launches instances from Spot Instance pools with optimal capacity for the number of instances that are launching. To give certain instance types a higher chance of launching first, use capacityOptimizedPrioritized . Set a priority for each instance type by using the Priority parameter for LaunchTemplateOverrides . You can assign the same priority to different LaunchTemplateOverrides . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. capacityOptimizedPrioritized is supported only if your Spot Fleet uses a launch template. Note that if the OnDemandAllocationStrategy is set to prioritized , the same priority is applied when fulfilling On-Demand capacity.
OnDemandAllocationStrategy (string) --
The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify lowestPrice , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify prioritized , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to lowestPrice .
SpotMaintenanceStrategies (dict) --
The strategies for managing your Spot Instances that are at an elevated risk of being interrupted.
CapacityRebalance (dict) --
The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted.
ReplacementStrategy (string) --
The replacement strategy to use. Only available for fleets of type maintain . You must specify a value, otherwise you get an error.
To allow Spot Fleet to launch a replacement Spot Instance when an instance rebalance notification is emitted for a Spot Instance in the fleet, specify launch .
Note
When a replacement instance is launched, the instance marked for rebalance is not automatically terminated. You can terminate it, or you can leave it running. You are charged for all instances while they are running.
ClientToken (string) --
A unique, case-sensitive identifier that you provide to ensure the idempotency of your listings. This helps to avoid duplicate listings. For more information, see Ensuring Idempotency.
ExcessCapacityTerminationPolicy (string) --
Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet.
FulfilledCapacity (float) --
The number of units fulfilled by this request compared to the set target capacity. You cannot set this value.
OnDemandFulfilledCapacity (float) --
The number of On-Demand units fulfilled by this request compared to the set target On-Demand capacity.
IamFleetRole (string) -- [REQUIRED]
The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see Spot Fleet prerequisites in the Amazon EC2 User Guide for Linux Instances . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request using CancelSpotFleetRequests or when the Spot Fleet request expires, if you set TerminateInstancesWithExpiration .
LaunchSpecifications (list) --
The launch specifications for the Spot Fleet request. If you specify LaunchSpecifications , you can't specify LaunchTemplateConfigs . If you include On-Demand capacity in your request, you must use LaunchTemplateConfigs .
(dict) --
Describes the launch specification for one or more Spot Instances. If you include On-Demand capacity in your fleet request or want to specify an EFA network device, you can't use SpotFleetLaunchSpecification ; you must use LaunchTemplateConfig.
SecurityGroups (list) --
One or more security groups. When requesting instances in a VPC, you must specify the IDs of the security groups. When requesting instances in EC2-Classic, you can specify the names or the IDs of the security groups.
(dict) --
Describes a security group.
GroupName (string) --
The name of the security group.
GroupId (string) --
The ID of the security group.
AddressingType (string) --
Deprecated.
BlockDeviceMappings (list) --
One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status.
(dict) --
Describes a block device mapping.
DeviceName (string) --
The device name (for example, /dev/sdh or xvdh ).
VirtualName (string) --
The virtual device name ( ephemeral N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1 . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume.
NVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect.
Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI.
Ebs (dict) --
Parameters used to automatically set up EBS volumes when the instance is launched.
DeleteOnTermination (boolean) --
Indicates whether the EBS volume is deleted on instance termination. For more information, see Preserving Amazon EBS volumes on instance termination in the Amazon EC2 User Guide .
Iops (integer) --
The number of I/O operations per second (IOPS). For gp3 , io1 , and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting.
The following are the supported values for each volume type:
gp3 : 3,000-16,000 IOPS
io1 : 100-64,000 IOPS
io2 : 100-64,000 IOPS
For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built on the Nitro System. Other instance families guarantee performance up to 32,000 IOPS.
This parameter is required for io1 and io2 volumes. The default for gp3 volumes is 3,000 IOPS. This parameter is not supported for gp2 , st1 , sc1 , or standard volumes.
SnapshotId (string) --
The ID of the snapshot.
VolumeSize (integer) --
The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size.
The following are the supported volumes sizes for each volume type:
gp2 and gp3 :1-16,384
io1 and io2 : 4-16,384
st1 and sc1 : 125-16,384
standard : 1-1,024
VolumeType (string) --
The volume type. For more information, see Amazon EBS volume types in the Amazon EC2 User Guide . If the volume type is io1 or io2 , you must specify the IOPS that the volume supports.
KmsKeyId (string) --
Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed CMK under which the EBS volume is encrypted.
This parameter is only supported on BlockDeviceMapping objects called by RunInstances, RequestSpotFleet, and RequestSpotInstances.
Throughput (integer) --
The throughput that the volume supports, in MiB/s.
This parameter is valid only for gp3 volumes.
Valid Range: Minimum value of 125. Maximum value of 1000.
OutpostArn (string) --
The ARN of the Outpost on which the snapshot is stored.
Encrypted (boolean) --
Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to true depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see Amazon EBS encryption in the Amazon EC2 User Guide .
In no case can you remove encryption from an encrypted volume.
Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see Supported instance types.
This parameter is not returned by .
NoDevice (string) --
To omit the device from the block device mapping, specify an empty string.
EbsOptimized (boolean) --
Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance.
Default: false
IamInstanceProfile (dict) --
The IAM instance profile.
Arn (string) --
The Amazon Resource Name (ARN) of the instance profile.
Name (string) --
The name of the instance profile.
ImageId (string) --
The ID of the AMI.
InstanceType (string) --
The instance type.
KernelId (string) --
The ID of the kernel.
KeyName (string) --
The name of the key pair.
Monitoring (dict) --
Enable or disable monitoring for the instances.
Enabled (boolean) --
Enables monitoring for the instance.
Default: false
NetworkInterfaces (list) --
One or more network interfaces. If you specify a network interface, you must specify subnet IDs and security group IDs using the network interface.
Note
SpotFleetLaunchSpecification currently does not support Elastic Fabric Adapter (EFA). To specify an EFA, you must use LaunchTemplateConfig.
(dict) --
Describes a network interface.
AssociatePublicIpAddress (boolean) --
Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is true .
DeleteOnTermination (boolean) --
If set to true , the interface is deleted when the instance is terminated. You can specify true only if creating a new network interface when launching an instance.
Description (string) --
The description of the network interface. Applies only if creating a network interface when launching an instance.
DeviceIndex (integer) --
The position of the network interface in the attachment order. A primary network interface has a device index of 0.
If you specify a network interface when launching an instance, you must specify the device index.
Groups (list) --
The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance.
(string) --
Ipv6AddressCount (integer) --
A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch.
Ipv6Addresses (list) --
One or more IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch.
(dict) --
Describes an IPv6 address.
Ipv6Address (string) --
The IPv6 address.
NetworkInterfaceId (string) --
The ID of the network interface.
If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification.
PrivateIpAddress (string) --
The private IPv4 address of the network interface. Applies only if creating a network interface when launching an instance. You cannot specify this option if you're launching more than one instance in a RunInstances request.
PrivateIpAddresses (list) --
One or more private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a RunInstances request.
(dict) --
Describes a secondary private IPv4 address for a network interface.
Primary (boolean) --
Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary.
PrivateIpAddress (string) --
The private IPv4 addresses.
SecondaryPrivateIpAddressCount (integer) --
The number of secondary private IPv4 addresses. You can't specify this option and specify more than one private IP address using the private IP addresses option. You cannot specify this option if you're launching more than one instance in a RunInstances request.
SubnetId (string) --
The ID of the subnet associated with the network interface. Applies only if creating a network interface when launching an instance.
AssociateCarrierIpAddress (boolean) --
Indicates whether to assign a carrier IP address to the network interface.
You can only assign a carrier IP address to a network interface that is in a subnet in a Wavelength Zone. For more information about carrier IP addresses, see Carrier IP addresses in the AWS Wavelength Developer Guide.
InterfaceType (string) --
The type of network interface.
To create an Elastic Fabric Adapter (EFA), specify efa . For more information, see Elastic Fabric Adapter in the Amazon Elastic Compute Cloud User Guide .
If you are not creating an EFA, specify interface or omit this parameter.
Valid values: interface | efa
NetworkCardIndex (integer) --
The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.
Placement (dict) --
The placement information.
AvailabilityZone (string) --
The Availability Zone.
[Spot Fleet only] To specify multiple Availability Zones, separate them using commas; for example, "us-west-2a, us-west-2b".
GroupName (string) --
The name of the placement group.
Tenancy (string) --
The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for Spot Instances.
RamdiskId (string) --
The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID.
SpotPrice (string) --
The maximum price per unit hour that you are willing to pay for a Spot Instance. If this value is not specified, the default is the Spot price specified for the fleet. To determine the Spot price per unit hour, divide the Spot price by the value of WeightedCapacity .
SubnetId (string) --
The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, "subnet-1234abcdeexample1, subnet-0987cdef6example2".
UserData (string) --
The Base64-encoded user data that instances use when starting up.
WeightedCapacity (float) --
The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O.
If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1.
TagSpecifications (list) --
The tags to apply during creation.
(dict) --
The tags for a Spot Fleet resource.
ResourceType (string) --
The type of resource. Currently, the only resource type that is supported is instance . To tag the Spot Fleet request on creation, use the TagSpecifications parameter in SpotFleetRequestConfigData.
Tags (list) --
The tags.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
LaunchTemplateConfigs (list) --
The launch template and overrides. If you specify LaunchTemplateConfigs , you can't specify LaunchSpecifications . If you include On-Demand capacity in your request, you must use LaunchTemplateConfigs .
(dict) --
Describes a launch template and overrides.
LaunchTemplateSpecification (dict) --
The launch template.
LaunchTemplateId (string) --
The ID of the launch template. If you specify the template ID, you can't specify the template name.
LaunchTemplateName (string) --
The name of the launch template. If you specify the template name, you can't specify the template ID.
Version (string) --
The launch template version number, $Latest , or $Default . You must specify a value, otherwise the request fails.
If the value is $Latest , Amazon EC2 uses the latest version of the launch template.
If the value is $Default , Amazon EC2 uses the default version of the launch template.
Overrides (list) --
Any parameters that you specify override the same parameters in the launch template.
(dict) --
Describes overrides for a launch template.
InstanceType (string) --
The instance type.
SpotPrice (string) --
The maximum price per unit hour that you are willing to pay for a Spot Instance.
SubnetId (string) --
The ID of the subnet in which to launch the instances.
AvailabilityZone (string) --
The Availability Zone in which to launch the instances.
WeightedCapacity (float) --
The number of units provided by the specified instance type.
Priority (float) --
The priority for the launch template override. The highest priority is launched first.
If OnDemandAllocationStrategy is set to prioritized , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity.
If the Spot AllocationStrategy is set to capacityOptimizedPrioritized , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first.
Valid values are whole numbers starting at 0 . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides.
SpotPrice (string) --
The maximum price per unit hour that you are willing to pay for a Spot Instance. The default is the On-Demand price.
TargetCapacity (integer) -- [REQUIRED]
The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is maintain , you can specify a target capacity of 0 and add capacity later.
OnDemandTargetCapacity (integer) --
The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is maintain , you can specify a target capacity of 0 and add capacity later.
OnDemandMaxTotalPrice (string) --
The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the onDemandMaxTotalPrice parameter, the spotMaxTotalPrice parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.
SpotMaxTotalPrice (string) --
The maximum amount per hour for Spot Instances that you're willing to pay. You can use the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity.
TerminateInstancesWithExpiration (boolean) --
Indicates whether running Spot Instances are terminated when the Spot Fleet request expires.
Type (string) --
The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is request , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is maintain , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: maintain . instant is listed but is not used by Spot Fleet.
ValidFrom (datetime) --
The start date and time of the request, in UTC format (YYYY -MM -DD T*HH* :MM :SS Z). By default, Amazon EC2 starts fulfilling the request immediately.
ValidUntil (datetime) --
The end date and time of the request, in UTC format (YYYY -MM -DD T*HH* :MM :SS Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it.
ReplaceUnhealthyInstances (boolean) --
Indicates whether Spot Fleet should replace unhealthy instances.
InstanceInterruptionBehavior (string) --
The behavior when a Spot Instance is interrupted. The default is terminate .
LoadBalancersConfig (dict) --
One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups.
With Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1.
ClassicLoadBalancersConfig (dict) --
The Classic Load Balancers.
ClassicLoadBalancers (list) --
One or more Classic Load Balancers.
(dict) --
Describes a Classic Load Balancer.
Name (string) --
The name of the load balancer.
TargetGroupsConfig (dict) --
The target groups.
TargetGroups (list) --
One or more target groups.
(dict) --
Describes a load balancer target group.
Arn (string) --
The Amazon Resource Name (ARN) of the target group.
InstancePoolsToUseCount (integer) --
The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot AllocationStrategy is set to lowest-price . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.
TagSpecifications (list) --
The key-value pair for tagging the Spot Fleet request on creation. The value for ResourceType must be spot-fleet-request , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the launch template (valid only if you use LaunchTemplateConfigs ) or in the SpotFleetTagSpecification (valid only if you use LaunchSpecifications ). For information about tagging after launch, see Tagging Your Resources.
(dict) --
The tags to apply to a resource when the resource is being created.
ResourceType (string) --
The type of resource to tag. Currently, the resource types that support tagging on creation are: capacity-reservation | carrier-gateway | client-vpn-endpoint | customer-gateway | dedicated-host | dhcp-options | egress-only-internet-gateway | elastic-ip | elastic-gpu | export-image-task | export-instance-task | fleet | fpga-image | host-reservation | image | import-image-task | import-snapshot-task | instance | internet-gateway | ipv4pool-ec2 | ipv6pool-ec2 | key-pair | launch-template | local-gateway-route-table-vpc-association | placement-group | prefix-list | natgateway | network-acl | network-interface | reserved-instances | route-table | security-group | snapshot | spot-fleet-request | spot-instances-request | snapshot | subnet | traffic-mirror-filter | traffic-mirror-session | traffic-mirror-target | transit-gateway | transit-gateway-attachment | transit-gateway-multicast-domain | transit-gateway-route-table | volume | vpc | vpc-peering-connection | vpc-endpoint (for interface and gateway endpoints) | vpc-endpoint-service (for AWS PrivateLink) | vpc-flow-log | vpn-connection | vpn-gateway .
To tag a resource after it has been created, see CreateTags.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.
dict
Response Syntax
{
'SpotFleetRequestId': 'string'
}
Response Structure
(dict) --
Contains the output of RequestSpotFleet.
SpotFleetRequestId (string) --
The ID of the Spot Fleet request.
{'IpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}},
'SecurityGroupRuleIds': ['string']}
Response {'UnknownIpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}}}
Removes the specified egress (outbound) rules from a security group for EC2-VPC. This action does not apply to security groups for use in EC2-Classic.
You can specify the rules that you want to remove by using one of the following methods:
The security group rule IDs.
The security group rule properties. Each rule consists of the protocol, from port, to port, and the IPv4 or IPv6 CIDR range or referenced security group or prefix list id. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
Note
[Default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked. AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
See also: AWS API Documentation
Request Syntax
client.revoke_security_group_egress(
DryRun=True|False,
GroupId='string',
IpPermissions=[
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
SecurityGroupRuleIds=[
'string',
],
CidrIp='string',
FromPort=123,
IpProtocol='string',
ToPort=123,
SourceSecurityGroupName='string',
SourceSecurityGroupOwnerId='string'
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the security group.
list
The sets of IP permissions. You can't specify a destination security group and a CIDR IP address range in the same set of permissions.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
list
The IDs of the security group rules.
(string) --
string
Not supported. Use a set of IP permissions to specify the CIDR.
integer
Not supported. Use a set of IP permissions to specify the port.
string
Not supported. Use a set of IP permissions to specify the protocol name or number.
integer
Not supported. Use a set of IP permissions to specify the port.
string
Not supported. Use a set of IP permissions to specify a destination security group.
string
Not supported. Use a set of IP permissions to specify a destination security group.
dict
Response Syntax
{
'Return': True|False,
'UnknownIpPermissions': [
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
]
}
Response Structure
(dict) --
Return (boolean) --
Returns true if the request succeeds; otherwise, returns an error.
UnknownIpPermissions (list) --
The outbound rules that were unknown to the service. In some cases, unknownIpPermissionSet might be in a different format from the request parameter.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
{'IpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}},
'SecurityGroupRuleIds': ['string']}
Response {'UnknownIpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}}}
Removes the specified ingress rules from a security group. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
Note
[EC2-Classic, default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked.
AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
You can specify the rules that you want to remove by using one of the following methods:
[VPC only] The security group rule IDs.
The security group rule properties. Each rule consists of the protocol, from port, to port, and the IPv4 or IPv6 CIDR range or referenced security group or prefix list id. For the TCP and UDP protocols, you must also specify the destination port or range of ports. For the ICMP protocol, you must also specify the ICMP type and code. If the security group rule has a description, you do not have to specify the description to revoke the rule. To remove a rule, the values that you specify (for example, ports) must match the existing rule's values exactly.
Note
[Default VPC] If the values you specify do not match the existing rule's values, no error is returned, and the output describes the security group rules that were not revoked. AWS recommends that you use DescribeSecurityGroups to verify that the rule has been removed.
Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.
See also: AWS API Documentation
Request Syntax
client.revoke_security_group_ingress(
CidrIp='string',
FromPort=123,
GroupId='string',
GroupName='string',
IpPermissions=[
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
IpProtocol='string',
SourceSecurityGroupName='string',
SourceSecurityGroupOwnerId='string',
ToPort=123,
DryRun=True|False,
SecurityGroupRuleIds=[
'string',
]
)
string
The CIDR IP address range. You can't specify this parameter when specifying a source security group.
integer
The start of port range for the TCP and UDP protocols, or an ICMP type number. For the ICMP type number, use -1 to specify all ICMP types.
string
The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
string
[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.
list
The sets of IP permissions. You can't specify a source security group and a CIDR IP address range in the same set of permissions.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
string
The IP protocol name ( tcp , udp , icmp ) or number (see Protocol Numbers ). Use -1 to specify all.
string
[EC2-Classic, default VPC] The name of the source security group. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. For EC2-VPC, the source security group must be in the same VPC. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead.
string
[EC2-Classic] The AWS account ID of the source security group, if the source security group is in a different account. You can't specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. To revoke a specific rule for an IP protocol and port range, use a set of IP permissions instead.
integer
The end of port range for the TCP and UDP protocols, or an ICMP code number. For the ICMP code number, use -1 to specify all ICMP codes for the ICMP type.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
list
The IDs of the security group rules.
(string) --
dict
Response Syntax
{
'Return': True|False,
'UnknownIpPermissions': [
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
]
}
Response Structure
(dict) --
Return (boolean) --
Returns true if the request succeeds; otherwise, returns an error.
UnknownIpPermissions (list) --
The inbound rules that were unknown to the service. In some cases, unknownIpPermissionSet might be in a different format from the request parameter.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
{'IpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}},
'SecurityGroupRuleDescriptions': [{'Description': 'string',
'SecurityGroupRuleId': 'string'}]}
[VPC only] Updates the description of an egress (outbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.
You can specify the rule that you want to update by using one of the following methods:
The security group rule descriptions.
The IP permissions structure.
You can remove a description for a security group rule by omitting the description parameter in the request.
See also: AWS API Documentation
Request Syntax
client.update_security_group_rule_descriptions_egress(
DryRun=True|False,
GroupId='string',
GroupName='string',
IpPermissions=[
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
SecurityGroupRuleDescriptions=[
{
'SecurityGroupRuleId': 'string',
'Description': 'string'
},
]
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
string
[Default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.
list
The IP permissions for the security group rule. You can either specify this parameter, or the SecurityGroupRuleDescriptions parameter.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
list
The description for the egress security group rules. You can either specify this parameter, or the IpPermissions parameter.
(dict) --
Describes the description of a security group rule.
You can use this when you want to update the security group rule description for either an inbound or outbound rule.
SecurityGroupRuleId (string) --
The ID of the security group rule.
Description (string) --
The description of the security group rule.
dict
Response Syntax
{
'Return': True|False
}
Response Structure
(dict) --
Return (boolean) --
Returns true if the request succeeds; otherwise, returns an error.
{'IpPermissions': {'IpRanges': {'SecurityGroupRuleId': 'string'},
'Ipv6Ranges': {'SecurityGroupRuleId': 'string'},
'PrefixListIds': {'SecurityGroupRuleId': 'string'},
'UserIdGroupPairs': {'SecurityGroupRuleId': 'string'}},
'SecurityGroupRuleDescriptions': [{'Description': 'string',
'SecurityGroupRuleId': 'string'}]}
Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously.
You can specify the rule that you want to update by using one of the following methods:
[VPC only] The security group rule descriptions.
The IP permissions structure.
You can remove a description for a security group rule by omitting the description parameter in the request.
See also: AWS API Documentation
Request Syntax
client.update_security_group_rule_descriptions_ingress(
DryRun=True|False,
GroupId='string',
GroupName='string',
IpPermissions=[
{
'FromPort': 123,
'IpProtocol': 'string',
'IpRanges': [
{
'CidrIp': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'Ipv6Ranges': [
{
'CidrIpv6': 'string',
'Description': 'string',
'SecurityGroupRuleId': 'string'
},
],
'PrefixListIds': [
{
'Description': 'string',
'PrefixListId': 'string',
'SecurityGroupRuleId': 'string'
},
],
'ToPort': 123,
'UserIdGroupPairs': [
{
'Description': 'string',
'GroupId': 'string',
'GroupName': 'string',
'PeeringStatus': 'string',
'UserId': 'string',
'VpcId': 'string',
'VpcPeeringConnectionId': 'string',
'SecurityGroupRuleId': 'string'
},
]
},
],
SecurityGroupRuleDescriptions=[
{
'SecurityGroupRuleId': 'string',
'Description': 'string'
},
]
)
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.
string
[EC2-Classic, default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request.
list
The IP permissions for the security group rule. You can either specify this parameter, or the SecurityGroupRuleDescriptions parameter.
(dict) --
Describes a set of permissions for a security group rule.
FromPort (integer) --
The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 types, you must specify all codes.
IpProtocol (string) --
The IP protocol name ( tcp , udp , icmp , icmpv6 ) or number (see Protocol Numbers ).
[VPC only] Use -1 to specify all protocols. When authorizing security group rules, specifying -1 or a protocol number other than tcp , udp , icmp , or icmpv6 allows traffic on all ports, regardless of any port range you specify. For tcp , udp , and icmp , you must specify a port range. For icmpv6 , the port range is optional; if you omit the port range, traffic for all types and codes is allowed.
IpRanges (list) --
The IPv4 ranges.
(dict) --
Describes an IPv4 range.
CidrIp (string) --
The IPv4 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv4 address, use the /32 prefix length.
Description (string) --
A description for the security group rule that references this IPv4 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
Ipv6Ranges (list) --
[VPC only] The IPv6 ranges.
(dict) --
[EC2-VPC only] Describes an IPv6 range.
CidrIpv6 (string) --
The IPv6 CIDR range. You can either specify a CIDR range or a source security group, not both. To specify a single IPv6 address, use the /128 prefix length.
Description (string) --
A description for the security group rule that references this IPv6 address range.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$*
SecurityGroupRuleId (string) --
The ID of the security group rule.
PrefixListIds (list) --
[VPC only] The prefix list IDs.
(dict) --
Describes a prefix list ID.
Description (string) --
A description for the security group rule that references this prefix list ID.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
PrefixListId (string) --
The ID of the prefix.
SecurityGroupRuleId (string) --
The ID of the security group rule.
ToPort (integer) --
The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 types, you must specify all codes.
UserIdGroupPairs (list) --
The security group and AWS account ID pairs.
(dict) --
Describes a security group and AWS account ID pair.
Description (string) --
A description for the security group rule that references this user ID group pair.
Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$*
GroupId (string) --
The ID of the security group.
GroupName (string) --
The name of the security group. In a request, use this parameter for a security group in EC2-Classic or a default VPC only. For a security group in a nondefault VPC, use the security group ID.
For a referenced security group in another VPC, this value is not returned if the referenced security group is deleted.
PeeringStatus (string) --
The status of a VPC peering connection, if applicable.
UserId (string) --
The ID of an AWS account.
For a referenced security group in another VPC, the account ID of the referenced security group is returned in the response. If the referenced security group is deleted, this value is not returned.
[EC2-Classic] Required when adding or removing rules that reference a security group in another AWS account.
VpcId (string) --
The ID of the VPC for the referenced security group, if applicable.
VpcPeeringConnectionId (string) --
The ID of the VPC peering connection, if applicable.
SecurityGroupRuleId (string) --
The ID of the security group rule.
list
[VPC only] The description for the ingress security group rules. You can either specify this parameter, or the IpPermissions parameter.
(dict) --
Describes the description of a security group rule.
You can use this when you want to update the security group rule description for either an inbound or outbound rule.
SecurityGroupRuleId (string) --
The ID of the security group rule.
Description (string) --
The description of the security group rule.
dict
Response Syntax
{
'Return': True|False
}
Response Structure
(dict) --
Return (boolean) --
Returns true if the request succeeds; otherwise, returns an error.