2025/11/07 - Amazon VPC Lattice - 4 new9 updated api methods
Changes Amazon VPC Lattice now supports custom domain name for resource configurations
Lists the domain verifications.
See also: AWS API Documentation
Request Syntax
client.list_domain_verifications(
maxResults=123,
nextToken='string'
)
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
dict
Response Syntax
{
'items': [
{
'id': 'string',
'arn': 'string',
'domainName': 'string',
'status': 'VERIFIED'|'PENDING'|'VERIFICATION_TIMED_OUT',
'txtMethodConfig': {
'value': 'string',
'name': 'string'
},
'createdAt': datetime(2015, 1, 1),
'lastVerifiedTime': datetime(2015, 1, 1),
'tags': {
'string': 'string'
}
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the domain verifications.
(dict) --
Summary information about a domain verification.
id (string) --
The ID of the domain verification.
arn (string) --
The Amazon Resource Name (ARN) of the domain verification.
domainName (string) --
The domain name being verified.
status (string) --
The current status of the domain verification process.
txtMethodConfig (dict) --
The TXT record configuration used for domain verification.
value (string) --
The value that must be added to the TXT record for domain verification.
name (string) --
The name of the TXT record that must be created for domain verification.
createdAt (datetime) --
The date and time that the domain verification was created, in ISO-8601 format.
lastVerifiedTime (datetime) --
The date and time that the domain was last successfully verified, in ISO-8601 format.
tags (dict) --
The tags associated with the domain verification.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws:.
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
nextToken (string) --
A pagination token for the next page of results.
Deletes the specified domain verification.
See also: AWS API Documentation
Request Syntax
client.delete_domain_verification(
domainVerificationIdentifier='string'
)
string
[REQUIRED]
The ID of the domain verification to delete.
dict
Response Syntax
{}
Response Structure
(dict) --
Retrieves information about a domain verification.ß
See also: AWS API Documentation
Request Syntax
client.get_domain_verification(
domainVerificationIdentifier='string'
)
string
[REQUIRED]
The ID or ARN of the domain verification to retrieve.
dict
Response Syntax
{
'id': 'string',
'arn': 'string',
'domainName': 'string',
'status': 'VERIFIED'|'PENDING'|'VERIFICATION_TIMED_OUT',
'txtMethodConfig': {
'value': 'string',
'name': 'string'
},
'createdAt': datetime(2015, 1, 1),
'lastVerifiedTime': datetime(2015, 1, 1),
'tags': {
'string': 'string'
}
}
Response Structure
(dict) --
id (string) --
The ID of the domain verification.
arn (string) --
The Amazon Resource Name (ARN) of the domain verification.
domainName (string) --
The domain name being verified.
status (string) --
The current status of the domain verification process.
txtMethodConfig (dict) --
The TXT record configuration used for domain verification.
value (string) --
The value that must be added to the TXT record for domain verification.
name (string) --
The name of the TXT record that must be created for domain verification.
createdAt (datetime) --
The date and time that the domain verification was created, in ISO-8601 format.
lastVerifiedTime (datetime) --
The date and time that the domain was last successfully verified, in ISO-8601 format.
tags (dict) --
The tags associated with the domain verification.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws:.
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
Starts the domain verification process for a custom domain name.
See also: AWS API Documentation
Request Syntax
client.start_domain_verification(
clientToken='string',
domainName='string',
tags={
'string': 'string'
}
)
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
string
[REQUIRED]
The domain name to verify ownership for.
dict
The tags for the domain verification.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws:.
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'id': 'string',
'arn': 'string',
'domainName': 'string',
'status': 'VERIFIED'|'PENDING'|'VERIFICATION_TIMED_OUT',
'txtMethodConfig': {
'value': 'string',
'name': 'string'
}
}
Response Structure
(dict) --
id (string) --
The ID of the domain verification.
arn (string) --
The Amazon Resource Name (ARN) of the domain verification.
domainName (string) --
The domain name being verified.
status (string) --
The current status of the domain verification process.
txtMethodConfig (dict) --
The TXT record configuration used for domain verification.
value (string) --
The value that must be added to the TXT record for domain verification.
name (string) --
The name of the TXT record that must be created for domain verification.
{'customDomainName': 'string',
'domainVerificationIdentifier': 'string',
'groupDomain': 'string'}
Response {'customDomainName': 'string',
'domainVerificationArn': 'string',
'domainVerificationId': 'string',
'groupDomain': 'string'}
Creates a resource configuration. A resource configuration defines a specific resource. You can associate a resource configuration with a service network or a VPC endpoint.
See also: AWS API Documentation
Request Syntax
client.create_resource_configuration(
name='string',
type='GROUP'|'CHILD'|'SINGLE'|'ARN',
portRanges=[
'string',
],
protocol='TCP',
resourceGatewayIdentifier='string',
resourceConfigurationGroupIdentifier='string',
resourceConfigurationDefinition={
'dnsResource': {
'domainName': 'string',
'ipAddressType': 'IPV4'|'IPV6'|'DUALSTACK'
},
'ipResource': {
'ipAddress': 'string'
},
'arnResource': {
'arn': 'string'
}
},
allowAssociationToShareableServiceNetwork=True|False,
customDomainName='string',
groupDomain='string',
domainVerificationIdentifier='string',
clientToken='string',
tags={
'string': 'string'
}
)
string
[REQUIRED]
The name of the resource configuration. The name must be unique within the account. The valid characters are a-z, 0-9, and hyphens (-). You can't use a hyphen as the first or last character, or immediately after another hyphen.
string
[REQUIRED]
The type of resource configuration. A resource configuration can be one of the following types:
SINGLE - A single resource.
GROUP - A group of resources. You must create a group resource configuration before you create a child resource configuration.
CHILD - A single resource that is part of a group resource configuration.
ARN - An Amazon Web Services resource.
list
(SINGLE, GROUP, CHILD) The TCP port ranges that a consumer can use to access a resource configuration (for example: 1-65535). You can separate port ranges using commas (for example: 1,2,22-30).
(string) --
string
(SINGLE, GROUP) The protocol accepted by the resource configuration.
string
(SINGLE, GROUP, ARN) The ID or ARN of the resource gateway used to connect to the resource configuration. For a child resource configuration, this value is inherited from the parent resource configuration.
string
(CHILD) The ID or ARN of the parent resource configuration of type GROUP. This is used to associate a child resource configuration with a group resource configuration.
dict
Identifies the resource configuration in one of the following ways:
Amazon Resource Name (ARN) - Supported resource-types that are provisioned by Amazon Web Services services, such as RDS databases, can be identified by their ARN.
Domain name - Any domain name that is publicly resolvable.
IP address - For IPv4 and IPv6, only IP addresses in the VPC are supported.
dnsResource (dict) --
The DNS name of the resource.
domainName (string) --
The domain name of the resource.
ipAddressType (string) --
The type of IP address. Dualstack is currently not supported.
ipResource (dict) --
The IP resource.
ipAddress (string) --
The IP address of the IP resource.
arnResource (dict) --
The Amazon Resource Name (ARN) of the resource.
arn (string) --
The Amazon Resource Name (ARN) of the resource.
boolean
(SINGLE, GROUP, ARN) Specifies whether the resource configuration can be associated with a sharable service network. The default is false.
string
A custom domain name for your resource configuration. Additionally, provide a DomainVerificationID to prove your ownership of a domain.
string
(GROUP) The group domain for a group resource configuration. Any domains that you create for the child resource are subdomains of the group domain. Child resources inherit the verification status of the domain.
string
The domain verification ID of your verified custom domain name. If you don't provide an ID, you must configure the DNS settings yourself.
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
dict
The tags for the resource configuration.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws:.
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'id': 'string',
'name': 'string',
'arn': 'string',
'resourceGatewayId': 'string',
'resourceConfigurationGroupId': 'string',
'type': 'GROUP'|'CHILD'|'SINGLE'|'ARN',
'portRanges': [
'string',
],
'protocol': 'TCP',
'status': 'ACTIVE'|'CREATE_IN_PROGRESS'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'UPDATE_FAILED'|'DELETE_FAILED',
'resourceConfigurationDefinition': {
'dnsResource': {
'domainName': 'string',
'ipAddressType': 'IPV4'|'IPV6'|'DUALSTACK'
},
'ipResource': {
'ipAddress': 'string'
},
'arnResource': {
'arn': 'string'
}
},
'allowAssociationToShareableServiceNetwork': True|False,
'createdAt': datetime(2015, 1, 1),
'failureReason': 'string',
'customDomainName': 'string',
'domainVerificationId': 'string',
'groupDomain': 'string',
'domainVerificationArn': 'string'
}
Response Structure
(dict) --
id (string) --
The ID of the resource configuration.
name (string) --
The name of the resource configuration.
arn (string) --
The Amazon Resource Name (ARN) of the resource configuration.
resourceGatewayId (string) --
The ID of the resource gateway associated with the resource configuration.
resourceConfigurationGroupId (string) --
The ID of the parent resource configuration of type GROUP.
type (string) --
The type of resource configuration. A resource configuration can be one of the following types:
SINGLE - A single resource.
GROUP - A group of resources. You must create a group resource configuration before you create a child resource configuration.
CHILD - A single resource that is part of a group resource configuration.
ARN - An Amazon Web Services resource.
portRanges (list) --
The port range.
(string) --
protocol (string) --
The protocol.
status (string) --
The current status of the resource configuration.
resourceConfigurationDefinition (dict) --
Identifies the resource configuration in one of the following ways:
Amazon Resource Name (ARN) - Supported resource-types that are provisioned by Amazon Web Services services, such as RDS databases, can be identified by their ARN.
Domain name - Any domain name that is publicly resolvable.
IP address - For IPv4 and IPv6, only IP addresses in the VPC are supported.
dnsResource (dict) --
The DNS name of the resource.
domainName (string) --
The domain name of the resource.
ipAddressType (string) --
The type of IP address. Dualstack is currently not supported.
ipResource (dict) --
The IP resource.
ipAddress (string) --
The IP address of the IP resource.
arnResource (dict) --
The Amazon Resource Name (ARN) of the resource.
arn (string) --
The Amazon Resource Name (ARN) of the resource.
allowAssociationToShareableServiceNetwork (boolean) --
Specifies whether the resource configuration can be associated with a sharable service network.
createdAt (datetime) --
The date and time that the resource configuration was created, in ISO-8601 format.
failureReason (string) --
The reason that the request failed.
customDomainName (string) --
The custom domain name for your resource configuration.
domainVerificationId (string) --
The domain name verification ID.
groupDomain (string) --
(GROUP) The group domain for a group resource configuration. Any domains that you create for the child resource are subdomains of the group domain. Child resources inherit the verification status of the domain.
domainVerificationArn (string) --
The verification ID ARN
{'privateDnsEnabled': 'boolean'}
Associates the specified service network with the specified resource configuration. This allows the resource configuration to receive connections through the service network, including through a service network VPC endpoint.
See also: AWS API Documentation
Request Syntax
client.create_service_network_resource_association(
clientToken='string',
resourceConfigurationIdentifier='string',
serviceNetworkIdentifier='string',
privateDnsEnabled=True|False,
tags={
'string': 'string'
}
)
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
string
[REQUIRED]
The ID of the resource configuration to associate with the service network.
string
[REQUIRED]
The ID of the service network to associate with the resource configuration.
boolean
Indicates if private DNS is enabled for the service network resource association.
dict
A key-value pair to associate with a resource.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws:.
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
Response Syntax
{
'id': 'string',
'arn': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'PARTIAL'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED',
'createdBy': 'string',
'privateDnsEnabled': True|False
}
Response Structure
(dict) --
id (string) --
The ID of the association.
arn (string) --
The Amazon Resource Name (ARN) of the association.
status (string) --
The status of the association.
createdBy (string) --
The ID of the account that created the association.
privateDnsEnabled (boolean) --
Indicates if private DNS is is enabled for the service network resource association.
{'dnsOptions': {'privateDnsPreference': 'VERIFIED_DOMAINS_ONLY | ALL_DOMAINS | '
'VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS '
'| SPECIFIED_DOMAINS_ONLY',
'privateDnsSpecifiedDomains': ['string']},
'privateDnsEnabled': 'boolean'}
Associates a VPC with a service network. When you associate a VPC with the service network, it enables all the resources within that VPC to be clients and communicate with other services in the service network. For more information, see Manage VPC associations in the Amazon VPC Lattice User Guide.
You can't use this operation if there is a disassociation in progress. If the association fails, retry by deleting the association and recreating it.
As a result of this operation, the association gets created in the service network account and the VPC owner account.
If you add a security group to the service network and VPC association, the association must continue to always have at least one security group. You can add or edit security groups at any time. However, to remove all security groups, you must first delete the association and recreate it without security groups.
See also: AWS API Documentation
Request Syntax
client.create_service_network_vpc_association(
clientToken='string',
serviceNetworkIdentifier='string',
vpcIdentifier='string',
privateDnsEnabled=True|False,
securityGroupIds=[
'string',
],
tags={
'string': 'string'
},
dnsOptions={
'privateDnsPreference': 'VERIFIED_DOMAINS_ONLY'|'ALL_DOMAINS'|'VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS'|'SPECIFIED_DOMAINS_ONLY',
'privateDnsSpecifiedDomains': [
'string',
]
}
)
string
A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. If you retry a request that completed successfully using the same client token and parameters, the retry succeeds without performing any actions. If the parameters aren't identical, the retry fails.
This field is autopopulated if not provided.
string
[REQUIRED]
The ID or ARN of the service network. You must use an ARN if the resources are in different accounts.
string
[REQUIRED]
The ID of the VPC.
boolean
Indicates if private DNS is enabled for the VPC association.
list
The IDs of the security groups. Security groups aren't added by default. You can add a security group to apply network level controls to control which resources in a VPC are allowed to access the service network and its services. For more information, see Control traffic to resources using security groups in the Amazon VPC User Guide.
(string) --
dict
The tags for the association.
(string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 128 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @ May not begin with aws:.
(string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters. Valid characters are Unicode letters, digits, white space, and any of the following symbols: _ . : / = + - @
dict
DNS options for the service network VPC association.
privateDnsPreference (string) --
The preference for which private domains have a private hosted zone created for and associated with the specified VPC. Only supported when private DNS is enabled and when the VPC endpoint type is ServiceNetwork or Resource.
ALL_DOMAINS - VPC Lattice provisions private hosted zones for all custom domain names.
VERIFIED_DOMAINS_ONLY - VPC Lattice provisions a private hosted zone only if custom domain name has been verified by the provider.
VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS - VPC Lattice provisions private hosted zones for all verified custom domain names and other domain names that the resource consumer specifies. The resource consumer specifies the domain names in the privateDnsSpecifiedDomains parameter.
SPECIFIED_DOMAINS_ONLY - VPC Lattice provisions a private hosted zone for domain names specified by the resource consumer. The resource consumer specifies the domain names in the privateDnsSpecifiedDomains parameter.
privateDnsSpecifiedDomains (list) --
Indicates which of the private domains to create private hosted zones for and associate with the specified VPC. Only supported when private DNS is enabled and the private DNS preference is VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS or SPECIFIED_DOMAINS_ONLY.
(string) --
dict
Response Syntax
{
'id': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'|'UPDATE_FAILED',
'arn': 'string',
'createdBy': 'string',
'securityGroupIds': [
'string',
],
'privateDnsEnabled': True|False,
'dnsOptions': {
'privateDnsPreference': 'VERIFIED_DOMAINS_ONLY'|'ALL_DOMAINS'|'VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS'|'SPECIFIED_DOMAINS_ONLY',
'privateDnsSpecifiedDomains': [
'string',
]
}
}
Response Structure
(dict) --
id (string) --
The ID of the association.
status (string) --
The association status.
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdBy (string) --
The account that created the association.
securityGroupIds (list) --
The IDs of the security groups.
(string) --
privateDnsEnabled (boolean) --
Indicates if private DNS is enabled for the VPC association.
dnsOptions (dict) --
The DNS configuration options.
privateDnsPreference (string) --
The preference for which private domains have a private hosted zone created for and associated with the specified VPC. Only supported when private DNS is enabled and when the VPC endpoint type is ServiceNetwork or Resource.
ALL_DOMAINS - VPC Lattice provisions private hosted zones for all custom domain names.
VERIFIED_DOMAINS_ONLY - VPC Lattice provisions a private hosted zone only if custom domain name has been verified by the provider.
VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS - VPC Lattice provisions private hosted zones for all verified custom domain names and other domain names that the resource consumer specifies. The resource consumer specifies the domain names in the privateDnsSpecifiedDomains parameter.
SPECIFIED_DOMAINS_ONLY - VPC Lattice provisions a private hosted zone for domain names specified by the resource consumer. The resource consumer specifies the domain names in the privateDnsSpecifiedDomains parameter.
privateDnsSpecifiedDomains (list) --
Indicates which of the private domains to create private hosted zones for and associate with the specified VPC. Only supported when private DNS is enabled and the private DNS preference is VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS or SPECIFIED_DOMAINS_ONLY.
(string) --
{'domainVerificationArn': 'string',
'domainVerificationId': 'string',
'domainVerificationStatus': 'VERIFIED | PENDING | VERIFICATION_TIMED_OUT',
'groupDomain': 'string'}
Retrieves information about the specified resource configuration.
See also: AWS API Documentation
Request Syntax
client.get_resource_configuration(
resourceConfigurationIdentifier='string'
)
string
[REQUIRED]
The ID of the resource configuration.
dict
Response Syntax
{
'id': 'string',
'name': 'string',
'arn': 'string',
'resourceGatewayId': 'string',
'resourceConfigurationGroupId': 'string',
'type': 'GROUP'|'CHILD'|'SINGLE'|'ARN',
'allowAssociationToShareableServiceNetwork': True|False,
'portRanges': [
'string',
],
'protocol': 'TCP',
'customDomainName': 'string',
'status': 'ACTIVE'|'CREATE_IN_PROGRESS'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'UPDATE_FAILED'|'DELETE_FAILED',
'resourceConfigurationDefinition': {
'dnsResource': {
'domainName': 'string',
'ipAddressType': 'IPV4'|'IPV6'|'DUALSTACK'
},
'ipResource': {
'ipAddress': 'string'
},
'arnResource': {
'arn': 'string'
}
},
'createdAt': datetime(2015, 1, 1),
'amazonManaged': True|False,
'failureReason': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'domainVerificationId': 'string',
'domainVerificationArn': 'string',
'domainVerificationStatus': 'VERIFIED'|'PENDING'|'VERIFICATION_TIMED_OUT',
'groupDomain': 'string'
}
Response Structure
(dict) --
id (string) --
The ID of the resource configuration.
name (string) --
The name of the resource configuration.
arn (string) --
The Amazon Resource Name (ARN) of the resource configuration.
resourceGatewayId (string) --
The ID of the resource gateway used to connect to the resource configuration in a given VPC. You can specify the resource gateway identifier only for resource configurations with type SINGLE, GROUP, or ARN.
resourceConfigurationGroupId (string) --
The ID of the group resource configuration.
type (string) --
The type of resource configuration.
SINGLE - A single resource.
GROUP - A group of resources.
CHILD - A single resource that is part of a group resource configuration.
ARN - An Amazon Web Services resource.
allowAssociationToShareableServiceNetwork (boolean) --
Specifies whether the resource configuration is associated with a sharable service network.
portRanges (list) --
The TCP port ranges that a consumer can use to access a resource configuration. You can separate port ranges with a comma. Example: 1-65535 or 1,2,22-30
(string) --
protocol (string) --
The TCP protocol accepted by the specified resource configuration.
customDomainName (string) --
The custom domain name of the resource configuration.
status (string) --
The status of the resource configuration.
resourceConfigurationDefinition (dict) --
The resource configuration.
dnsResource (dict) --
The DNS name of the resource.
domainName (string) --
The domain name of the resource.
ipAddressType (string) --
The type of IP address. Dualstack is currently not supported.
ipResource (dict) --
The IP resource.
ipAddress (string) --
The IP address of the IP resource.
arnResource (dict) --
The Amazon Resource Name (ARN) of the resource.
arn (string) --
The Amazon Resource Name (ARN) of the resource.
createdAt (datetime) --
The date and time that the resource configuration was created, in ISO-8601 format.
amazonManaged (boolean) --
Indicates whether the resource configuration was created and is managed by Amazon.
failureReason (string) --
The reason the create-resource-configuration request failed.
lastUpdatedAt (datetime) --
The most recent date and time that the resource configuration was updated, in ISO-8601 format.
domainVerificationId (string) --
The domain verification ID.
domainVerificationArn (string) --
The ARN of the domain verification.
domainVerificationStatus (string) --
The domain verification status.
groupDomain (string) --
(GROUP) The group domain for a group resource configuration. Any domains that you create for the child resource are subdomains of the group domain. Child resources inherit the verification status of the domain.
{'domainVerificationStatus': 'VERIFIED | PENDING | VERIFICATION_TIMED_OUT',
'privateDnsEnabled': 'boolean'}
Retrieves information about the specified association between a service network and a resource configuration.
See also: AWS API Documentation
Request Syntax
client.get_service_network_resource_association(
serviceNetworkResourceAssociationIdentifier='string'
)
string
[REQUIRED]
The ID of the association.
dict
Response Syntax
{
'id': 'string',
'arn': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'PARTIAL'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED',
'createdBy': 'string',
'createdAt': datetime(2015, 1, 1),
'resourceConfigurationId': 'string',
'resourceConfigurationArn': 'string',
'resourceConfigurationName': 'string',
'serviceNetworkId': 'string',
'serviceNetworkArn': 'string',
'serviceNetworkName': 'string',
'failureReason': 'string',
'failureCode': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'privateDnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'privateDnsEnabled': True|False,
'dnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'isManagedAssociation': True|False,
'domainVerificationStatus': 'VERIFIED'|'PENDING'|'VERIFICATION_TIMED_OUT'
}
Response Structure
(dict) --
id (string) --
The ID of the association.
arn (string) --
The Amazon Resource Name (ARN) of the association.
status (string) --
The status of the association.
createdBy (string) --
The account that created the association.
createdAt (datetime) --
The date and time that the association was created, in ISO-8601 format.
resourceConfigurationId (string) --
The ID of the resource configuration that is associated with the service network.
resourceConfigurationArn (string) --
The Amazon Resource Name (ARN) of the association.
resourceConfigurationName (string) --
The name of the resource configuration that is associated with the service network.
serviceNetworkId (string) --
The ID of the service network that is associated with the resource configuration.
serviceNetworkArn (string) --
The Amazon Resource Name (ARN) of the service network that is associated with the resource configuration.
serviceNetworkName (string) --
The name of the service network that is associated with the resource configuration.
failureReason (string) --
The reason the association request failed.
failureCode (string) --
The failure code.
lastUpdatedAt (datetime) --
The most recent date and time that the association was updated, in ISO-8601 format.
privateDnsEntry (dict) --
The private DNS entry for the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
privateDnsEnabled (boolean) --
Indicates if private DNS is enabled in the service network resource association.
dnsEntry (dict) --
The DNS entry for the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
isManagedAssociation (boolean) --
Indicates whether the association is managed by Amazon.
domainVerificationStatus (string) --
The domain verification status in the service network resource association.
{'dnsOptions': {'privateDnsPreference': 'VERIFIED_DOMAINS_ONLY | ALL_DOMAINS | '
'VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS '
'| SPECIFIED_DOMAINS_ONLY',
'privateDnsSpecifiedDomains': ['string']},
'privateDnsEnabled': 'boolean'}
Retrieves information about the specified association between a service network and a VPC.
See also: AWS API Documentation
Request Syntax
client.get_service_network_vpc_association(
serviceNetworkVpcAssociationIdentifier='string'
)
string
[REQUIRED]
The ID or ARN of the association.
dict
Response Syntax
{
'id': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'|'UPDATE_FAILED',
'arn': 'string',
'createdBy': 'string',
'createdAt': datetime(2015, 1, 1),
'serviceNetworkId': 'string',
'serviceNetworkName': 'string',
'serviceNetworkArn': 'string',
'vpcId': 'string',
'securityGroupIds': [
'string',
],
'privateDnsEnabled': True|False,
'failureMessage': 'string',
'failureCode': 'string',
'lastUpdatedAt': datetime(2015, 1, 1),
'dnsOptions': {
'privateDnsPreference': 'VERIFIED_DOMAINS_ONLY'|'ALL_DOMAINS'|'VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS'|'SPECIFIED_DOMAINS_ONLY',
'privateDnsSpecifiedDomains': [
'string',
]
}
}
Response Structure
(dict) --
id (string) --
The ID of the association.
status (string) --
The status of the association.
arn (string) --
The Amazon Resource Name (ARN) of the association.
createdBy (string) --
The account that created the association.
createdAt (datetime) --
The date and time that the association was created, in ISO-8601 format.
serviceNetworkId (string) --
The ID of the service network.
serviceNetworkName (string) --
The name of the service network.
serviceNetworkArn (string) --
The Amazon Resource Name (ARN) of the service network.
vpcId (string) --
The ID of the VPC.
securityGroupIds (list) --
The IDs of the security groups.
(string) --
privateDnsEnabled (boolean) --
Indicates if private DNS is enabled in the VPC association.
failureMessage (string) --
The failure message.
failureCode (string) --
The failure code.
lastUpdatedAt (datetime) --
The date and time that the association was last updated, in ISO-8601 format.
dnsOptions (dict) --
DNS options for the service network VPC association.
privateDnsPreference (string) --
The preference for which private domains have a private hosted zone created for and associated with the specified VPC. Only supported when private DNS is enabled and when the VPC endpoint type is ServiceNetwork or Resource.
ALL_DOMAINS - VPC Lattice provisions private hosted zones for all custom domain names.
VERIFIED_DOMAINS_ONLY - VPC Lattice provisions a private hosted zone only if custom domain name has been verified by the provider.
VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS - VPC Lattice provisions private hosted zones for all verified custom domain names and other domain names that the resource consumer specifies. The resource consumer specifies the domain names in the privateDnsSpecifiedDomains parameter.
SPECIFIED_DOMAINS_ONLY - VPC Lattice provisions a private hosted zone for domain names specified by the resource consumer. The resource consumer specifies the domain names in the privateDnsSpecifiedDomains parameter.
privateDnsSpecifiedDomains (list) --
Indicates which of the private domains to create private hosted zones for and associate with the specified VPC. Only supported when private DNS is enabled and the private DNS preference is VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS or SPECIFIED_DOMAINS_ONLY.
(string) --
{'domainVerificationIdentifier': 'string'}
Response {'items': {'customDomainName': 'string',
'domainVerificationId': 'string',
'groupDomain': 'string'}}
Lists the resource configurations owned by or shared with this account.
See also: AWS API Documentation
Request Syntax
client.list_resource_configurations(
resourceGatewayIdentifier='string',
resourceConfigurationGroupIdentifier='string',
domainVerificationIdentifier='string',
maxResults=123,
nextToken='string'
)
string
The ID of the resource gateway for the resource configuration.
string
The ID of the resource configuration of type Group.
string
The domain verification ID.
integer
The maximum page size.
string
A pagination token for the next page of results.
dict
Response Syntax
{
'items': [
{
'id': 'string',
'name': 'string',
'arn': 'string',
'resourceGatewayId': 'string',
'resourceConfigurationGroupId': 'string',
'type': 'GROUP'|'CHILD'|'SINGLE'|'ARN',
'status': 'ACTIVE'|'CREATE_IN_PROGRESS'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'UPDATE_FAILED'|'DELETE_FAILED',
'amazonManaged': True|False,
'createdAt': datetime(2015, 1, 1),
'lastUpdatedAt': datetime(2015, 1, 1),
'customDomainName': 'string',
'domainVerificationId': 'string',
'groupDomain': 'string'
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the resource configurations.
(dict) --
Summary information about a resource configuration.
id (string) --
The ID of the resource configuration.
name (string) --
The name of the resource configuration.
arn (string) --
The Amazon Resource Name (ARN) of the resource configuration.
resourceGatewayId (string) --
The ID of the resource gateway.
resourceConfigurationGroupId (string) --
The ID of the group resource configuration.
type (string) --
The type of resource configuration.
SINGLE - A single resource.
GROUP - A group of resources. You must create a group resource configuration before you create a child resource configuration.
CHILD - A single resource that is part of a group resource configuration.
ARN - An Amazon Web Services resource.
status (string) --
The status of the resource configuration.
amazonManaged (boolean) --
Indicates whether the resource configuration was created and is managed by Amazon.
createdAt (datetime) --
The date and time that the resource configuration was created, in ISO-8601 format.
lastUpdatedAt (datetime) --
The most recent date and time that the resource configuration was updated, in ISO-8601 format.
customDomainName (string) --
The custom domain name.
domainVerificationId (string) --
The domain verification ID.
groupDomain (string) --
(GROUP) The group domain for a group resource configuration. Any domains that you create for the child resource are subdomains of the group domain. Child resources inherit the verification status of the domain.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
{'items': {'privateDnsEnabled': 'boolean'}}
Lists the associations between a service network and a resource configuration.
See also: AWS API Documentation
Request Syntax
client.list_service_network_resource_associations(
serviceNetworkIdentifier='string',
resourceConfigurationIdentifier='string',
maxResults=123,
nextToken='string',
includeChildren=True|False
)
string
The ID of the service network.
string
The ID of the resource configuration.
integer
The maximum page size.
string
If there are additional results, a pagination token for the next page of results.
boolean
Include service network resource associations of the child resource configuration with the grouped resource configuration.
The type is boolean and the default value is false.
dict
Response Syntax
{
'items': [
{
'id': 'string',
'arn': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'PARTIAL'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED',
'createdBy': 'string',
'createdAt': datetime(2015, 1, 1),
'resourceConfigurationId': 'string',
'resourceConfigurationArn': 'string',
'resourceConfigurationName': 'string',
'serviceNetworkId': 'string',
'serviceNetworkArn': 'string',
'serviceNetworkName': 'string',
'dnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'privateDnsEntry': {
'domainName': 'string',
'hostedZoneId': 'string'
},
'isManagedAssociation': True|False,
'failureCode': 'string',
'privateDnsEnabled': True|False
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the associations.
(dict) --
Summary information about an association between a service network and a resource configuration.
id (string) --
The ID of the association between the service network and resource configuration.
arn (string) --
The Amazon Resource Name (ARN) of the association.
status (string) --
The status of the service network’s association with the resource configuration. If the deletion fails, try to delete again.
createdBy (string) --
The account that created the association.
createdAt (datetime) --
The date and time that the association was created, in ISO-8601 format.
resourceConfigurationId (string) --
The ID of the resource configuration associated with the service network.
resourceConfigurationArn (string) --
The Amazon Resource Name (ARN) of the association.
resourceConfigurationName (string) --
The name of the resource configuration associated with the service network.
serviceNetworkId (string) --
The ID of the service network associated with the resource configuration.
serviceNetworkArn (string) --
The Amazon Resource Name (ARN) of the service network associated with the resource configuration.
serviceNetworkName (string) --
The name of the service network associated with the resource configuration.
dnsEntry (dict) --
The DNS entry for the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
privateDnsEntry (dict) --
The private DNS entry for the service.
domainName (string) --
The domain name of the service.
hostedZoneId (string) --
The ID of the hosted zone.
isManagedAssociation (boolean) --
Specifies whether the association is managed by Amazon.
failureCode (string) --
The failure code.
privateDnsEnabled (boolean) --
Indicates if private DNS is enabled for the service network resource association.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.
{'items': {'dnsOptions': {'privateDnsPreference': 'VERIFIED_DOMAINS_ONLY | '
'ALL_DOMAINS | '
'VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS '
'| SPECIFIED_DOMAINS_ONLY',
'privateDnsSpecifiedDomains': ['string']},
'privateDnsEnabled': 'boolean'}}
Lists the associations between a service network and a VPC. You can filter the list either by VPC or service network. You must provide either the ID of the service network identifier or the ID of the VPC.
See also: AWS API Documentation
Request Syntax
client.list_service_network_vpc_associations(
serviceNetworkIdentifier='string',
vpcIdentifier='string',
maxResults=123,
nextToken='string'
)
string
The ID or ARN of the service network.
string
The ID or ARN of the VPC.
integer
The maximum number of results to return.
string
A pagination token for the next page of results.
dict
Response Syntax
{
'items': [
{
'id': 'string',
'arn': 'string',
'status': 'CREATE_IN_PROGRESS'|'ACTIVE'|'UPDATE_IN_PROGRESS'|'DELETE_IN_PROGRESS'|'CREATE_FAILED'|'DELETE_FAILED'|'UPDATE_FAILED',
'createdBy': 'string',
'createdAt': datetime(2015, 1, 1),
'serviceNetworkId': 'string',
'serviceNetworkName': 'string',
'serviceNetworkArn': 'string',
'privateDnsEnabled': True|False,
'dnsOptions': {
'privateDnsPreference': 'VERIFIED_DOMAINS_ONLY'|'ALL_DOMAINS'|'VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS'|'SPECIFIED_DOMAINS_ONLY',
'privateDnsSpecifiedDomains': [
'string',
]
},
'vpcId': 'string',
'lastUpdatedAt': datetime(2015, 1, 1)
},
],
'nextToken': 'string'
}
Response Structure
(dict) --
items (list) --
Information about the associations.
(dict) --
Summary information about an association between a service network and a VPC.
id (string) --
The ID of the association.
arn (string) --
The Amazon Resource Name (ARN) of the association.
status (string) --
The status.
createdBy (string) --
The account that created the association.
createdAt (datetime) --
The date and time that the association was created, in ISO-8601 format.
serviceNetworkId (string) --
The ID of the service network.
serviceNetworkName (string) --
The name of the service network.
serviceNetworkArn (string) --
The Amazon Resource Name (ARN) of the service network.
privateDnsEnabled (boolean) --
Indicates if private DNS is enabled for the service network VPC association.
dnsOptions (dict) --
The DNS options for the service network VPC association.
privateDnsPreference (string) --
The preference for which private domains have a private hosted zone created for and associated with the specified VPC. Only supported when private DNS is enabled and when the VPC endpoint type is ServiceNetwork or Resource.
ALL_DOMAINS - VPC Lattice provisions private hosted zones for all custom domain names.
VERIFIED_DOMAINS_ONLY - VPC Lattice provisions a private hosted zone only if custom domain name has been verified by the provider.
VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS - VPC Lattice provisions private hosted zones for all verified custom domain names and other domain names that the resource consumer specifies. The resource consumer specifies the domain names in the privateDnsSpecifiedDomains parameter.
SPECIFIED_DOMAINS_ONLY - VPC Lattice provisions a private hosted zone for domain names specified by the resource consumer. The resource consumer specifies the domain names in the privateDnsSpecifiedDomains parameter.
privateDnsSpecifiedDomains (list) --
Indicates which of the private domains to create private hosted zones for and associate with the specified VPC. Only supported when private DNS is enabled and the private DNS preference is VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS or SPECIFIED_DOMAINS_ONLY.
(string) --
vpcId (string) --
The ID of the VPC.
lastUpdatedAt (datetime) --
The date and time that the association was last updated, in ISO-8601 format.
nextToken (string) --
If there are additional results, a pagination token for the next page of results.