Amazon Elastic Compute Cloud

2016/07/28 - Amazon Elastic Compute Cloud - 4 updated api methods

Changes  Enables resolution of DNS queries from a peered VPC to a private IP address.

AcceptVpcPeeringConnection (updated) Link ¶
Changes (response)
{'VpcPeeringConnection': {'AccepterVpcInfo': {'PeeringOptions': {'AllowDnsResolutionFromRemoteVpc': 'boolean'}},
                          'RequesterVpcInfo': {'PeeringOptions': {'AllowDnsResolutionFromRemoteVpc': 'boolean'}}}}

Accept a VPC peering connection request. To accept a request, the VPC peering connection must be in the pending-acceptance state, and you must be the owner of the peer VPC. Use the DescribeVpcPeeringConnections request to view your outstanding VPC peering connection requests.

Request Syntax

client.accept_vpc_peering_connection(
    DryRun=True|False,
    VpcPeeringConnectionId='string'
)
type DryRun

boolean

param DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .

type VpcPeeringConnectionId

string

param VpcPeeringConnectionId

The ID of the VPC peering connection.

rtype

dict

returns

Response Syntax

{
    'VpcPeeringConnection': {
        'AccepterVpcInfo': {
            'CidrBlock': 'string',
            'OwnerId': 'string',
            'VpcId': 'string',
            'PeeringOptions': {
                'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
                'AllowDnsResolutionFromRemoteVpc': True|False
            }
        },
        'ExpirationTime': datetime(2015, 1, 1),
        'RequesterVpcInfo': {
            'CidrBlock': 'string',
            'OwnerId': 'string',
            'VpcId': 'string',
            'PeeringOptions': {
                'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
                'AllowDnsResolutionFromRemoteVpc': True|False
            }
        },
        'Status': {
            'Code': 'initiating-request'|'pending-acceptance'|'active'|'deleted'|'rejected'|'failed'|'expired'|'provisioning'|'deleting',
            'Message': 'string'
        },
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'VpcPeeringConnectionId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of AcceptVpcPeeringConnection.

    • VpcPeeringConnection (dict) --

      Information about the VPC peering connection.

      • AccepterVpcInfo (dict) --

        Information about the accepter VPC. CIDR block information is not returned when creating a VPC peering connection, or when describing a VPC peering connection that's in the initiating-request or pending-acceptance state.

        • CidrBlock (string) --

          The CIDR block for the VPC.

        • OwnerId (string) --

          The AWS account ID of the VPC owner.

        • VpcId (string) --

          The ID of the VPC.

        • PeeringOptions (dict) --

          Information about the VPC peering connection options for the accepter or requester VPC.

          • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

            Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

          • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

            Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

          • AllowDnsResolutionFromRemoteVpc (boolean) --

            Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

      • ExpirationTime (datetime) --

        The time that an unaccepted VPC peering connection will expire.

      • RequesterVpcInfo (dict) --

        Information about the requester VPC.

        • CidrBlock (string) --

          The CIDR block for the VPC.

        • OwnerId (string) --

          The AWS account ID of the VPC owner.

        • VpcId (string) --

          The ID of the VPC.

        • PeeringOptions (dict) --

          Information about the VPC peering connection options for the accepter or requester VPC.

          • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

            Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

          • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

            Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

          • AllowDnsResolutionFromRemoteVpc (boolean) --

            Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

      • Status (dict) --

        The status of the VPC peering connection.

        • Code (string) --

          The status of the VPC peering connection.

        • Message (string) --

          A message that provides more information about the status, if applicable.

      • Tags (list) --

        Any tags assigned to the resource.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

      • VpcPeeringConnectionId (string) --

        The ID of the VPC peering connection.

CreateVpcPeeringConnection (updated) Link ¶
Changes (response)
{'VpcPeeringConnection': {'AccepterVpcInfo': {'PeeringOptions': {'AllowDnsResolutionFromRemoteVpc': 'boolean'}},
                          'RequesterVpcInfo': {'PeeringOptions': {'AllowDnsResolutionFromRemoteVpc': 'boolean'}}}}

Requests a VPC peering connection between two VPCs: a requester VPC that you own and a peer VPC with which to create the connection. The peer VPC can belong to another AWS account. The requester VPC and peer VPC cannot have overlapping CIDR blocks.

The owner of the peer VPC must accept the peering request to activate the peering connection. The VPC peering connection request expires after 7 days, after which it cannot be accepted or rejected.

A CreateVpcPeeringConnection request between VPCs with overlapping CIDR blocks results in the VPC peering connection having a status of failed .

Request Syntax

client.create_vpc_peering_connection(
    DryRun=True|False,
    VpcId='string',
    PeerVpcId='string',
    PeerOwnerId='string'
)
type DryRun

boolean

param DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .

type VpcId

string

param VpcId

The ID of the requester VPC.

type PeerVpcId

string

param PeerVpcId

The ID of the VPC with which you are creating the VPC peering connection.

type PeerOwnerId

string

param PeerOwnerId

The AWS account ID of the owner of the peer VPC.

Default: Your AWS account ID

rtype

dict

returns

Response Syntax

{
    'VpcPeeringConnection': {
        'AccepterVpcInfo': {
            'CidrBlock': 'string',
            'OwnerId': 'string',
            'VpcId': 'string',
            'PeeringOptions': {
                'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
                'AllowDnsResolutionFromRemoteVpc': True|False
            }
        },
        'ExpirationTime': datetime(2015, 1, 1),
        'RequesterVpcInfo': {
            'CidrBlock': 'string',
            'OwnerId': 'string',
            'VpcId': 'string',
            'PeeringOptions': {
                'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
                'AllowDnsResolutionFromRemoteVpc': True|False
            }
        },
        'Status': {
            'Code': 'initiating-request'|'pending-acceptance'|'active'|'deleted'|'rejected'|'failed'|'expired'|'provisioning'|'deleting',
            'Message': 'string'
        },
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'VpcPeeringConnectionId': 'string'
    }
}

Response Structure

  • (dict) --

    Contains the output of CreateVpcPeeringConnection.

    • VpcPeeringConnection (dict) --

      Information about the VPC peering connection.

      • AccepterVpcInfo (dict) --

        Information about the accepter VPC. CIDR block information is not returned when creating a VPC peering connection, or when describing a VPC peering connection that's in the initiating-request or pending-acceptance state.

        • CidrBlock (string) --

          The CIDR block for the VPC.

        • OwnerId (string) --

          The AWS account ID of the VPC owner.

        • VpcId (string) --

          The ID of the VPC.

        • PeeringOptions (dict) --

          Information about the VPC peering connection options for the accepter or requester VPC.

          • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

            Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

          • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

            Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

          • AllowDnsResolutionFromRemoteVpc (boolean) --

            Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

      • ExpirationTime (datetime) --

        The time that an unaccepted VPC peering connection will expire.

      • RequesterVpcInfo (dict) --

        Information about the requester VPC.

        • CidrBlock (string) --

          The CIDR block for the VPC.

        • OwnerId (string) --

          The AWS account ID of the VPC owner.

        • VpcId (string) --

          The ID of the VPC.

        • PeeringOptions (dict) --

          Information about the VPC peering connection options for the accepter or requester VPC.

          • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

            Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

          • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

            Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

          • AllowDnsResolutionFromRemoteVpc (boolean) --

            Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

      • Status (dict) --

        The status of the VPC peering connection.

        • Code (string) --

          The status of the VPC peering connection.

        • Message (string) --

          A message that provides more information about the status, if applicable.

      • Tags (list) --

        Any tags assigned to the resource.

        • (dict) --

          Describes a tag.

          • Key (string) --

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

          • Value (string) --

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

      • VpcPeeringConnectionId (string) --

        The ID of the VPC peering connection.

DescribeVpcPeeringConnections (updated) Link ¶
Changes (response)
{'VpcPeeringConnections': {'AccepterVpcInfo': {'PeeringOptions': {'AllowDnsResolutionFromRemoteVpc': 'boolean'}},
                           'RequesterVpcInfo': {'PeeringOptions': {'AllowDnsResolutionFromRemoteVpc': 'boolean'}}}}

Describes one or more of your VPC peering connections.

Request Syntax

client.describe_vpc_peering_connections(
    DryRun=True|False,
    VpcPeeringConnectionIds=[
        'string',
    ],
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ]
)
type DryRun

boolean

param DryRun

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .

type VpcPeeringConnectionIds

list

param VpcPeeringConnectionIds

One or more VPC peering connection IDs.

Default: Describes all your VPC peering connections.

  • (string) --

type Filters

list

param Filters

One or more filters.

  • accepter-vpc-info.cidr-block - The CIDR block of the peer VPC.

  • accepter-vpc-info.owner-id - The AWS account ID of the owner of the peer VPC.

  • accepter-vpc-info.vpc-id - The ID of the peer VPC.

  • expiration-time - The expiration date and time for the VPC peering connection.

  • requester-vpc-info.cidr-block - The CIDR block of the requester's VPC.

  • requester-vpc-info.owner-id - The AWS account ID of the owner of the requester VPC.

  • requester-vpc-info.vpc-id - The ID of the requester VPC.

  • status-code - The status of the VPC peering connection (pending-acceptance | failed | expired | provisioning | active | deleted | rejected ).

  • status-message - A message that provides more information about the status of the VPC peering connection, if applicable.

  • tag :key =*value* - The key/value combination of a tag assigned to the resource.

  • tag-key - The key of a tag assigned to the resource. This filter is independent of the tag-value filter. For example, if you use both the filter "tag-key=Purpose" and the filter "tag-value=X", you get any resources assigned both the tag key Purpose (regardless of what the tag's value is), and the tag value X (regardless of what the tag's key is). If you want to list only resources where Purpose is X, see the tag :key =*value* filter.

  • tag-value - The value of a tag assigned to the resource. This filter is independent of the tag-key filter.

  • vpc-peering-connection-id - The ID of the VPC peering connection.

  • (dict) --

    A filter name and value pair that is used to return a more specific list of results. Filters can be used to match a set of resources by various criteria, such as tags, attributes, or IDs.

    • Name (string) --

      The name of the filter. Filter names are case-sensitive.

    • Values (list) --

      One or more filter values. Filter values are case-sensitive.

      • (string) --

rtype

dict

returns

Response Syntax

{
    'VpcPeeringConnections': [
        {
            'AccepterVpcInfo': {
                'CidrBlock': 'string',
                'OwnerId': 'string',
                'VpcId': 'string',
                'PeeringOptions': {
                    'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                    'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
                    'AllowDnsResolutionFromRemoteVpc': True|False
                }
            },
            'ExpirationTime': datetime(2015, 1, 1),
            'RequesterVpcInfo': {
                'CidrBlock': 'string',
                'OwnerId': 'string',
                'VpcId': 'string',
                'PeeringOptions': {
                    'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
                    'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
                    'AllowDnsResolutionFromRemoteVpc': True|False
                }
            },
            'Status': {
                'Code': 'initiating-request'|'pending-acceptance'|'active'|'deleted'|'rejected'|'failed'|'expired'|'provisioning'|'deleting',
                'Message': 'string'
            },
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'VpcPeeringConnectionId': 'string'
        },
    ]
}

Response Structure

  • (dict) --

    Contains the output of DescribeVpcPeeringConnections.

    • VpcPeeringConnections (list) --

      Information about the VPC peering connections.

      • (dict) --

        Describes a VPC peering connection.

        • AccepterVpcInfo (dict) --

          Information about the accepter VPC. CIDR block information is not returned when creating a VPC peering connection, or when describing a VPC peering connection that's in the initiating-request or pending-acceptance state.

          • CidrBlock (string) --

            The CIDR block for the VPC.

          • OwnerId (string) --

            The AWS account ID of the VPC owner.

          • VpcId (string) --

            The ID of the VPC.

          • PeeringOptions (dict) --

            Information about the VPC peering connection options for the accepter or requester VPC.

            • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

              Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

            • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

              Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

            • AllowDnsResolutionFromRemoteVpc (boolean) --

              Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

        • ExpirationTime (datetime) --

          The time that an unaccepted VPC peering connection will expire.

        • RequesterVpcInfo (dict) --

          Information about the requester VPC.

          • CidrBlock (string) --

            The CIDR block for the VPC.

          • OwnerId (string) --

            The AWS account ID of the VPC owner.

          • VpcId (string) --

            The ID of the VPC.

          • PeeringOptions (dict) --

            Information about the VPC peering connection options for the accepter or requester VPC.

            • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

              Indicates whether a local ClassicLink connection can communicate with the peer VPC over the VPC peering connection.

            • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

              Indicates whether a local VPC can communicate with a ClassicLink connection in the peer VPC over the VPC peering connection.

            • AllowDnsResolutionFromRemoteVpc (boolean) --

              Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.

        • Status (dict) --

          The status of the VPC peering connection.

          • Code (string) --

            The status of the VPC peering connection.

          • Message (string) --

            A message that provides more information about the status, if applicable.

        • Tags (list) --

          Any tags assigned to the resource.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 255 Unicode characters.

        • VpcPeeringConnectionId (string) --

          The ID of the VPC peering connection.

ModifyVpcPeeringConnectionOptions (updated) Link ¶
Changes (both)
{'AccepterPeeringConnectionOptions': {'AllowDnsResolutionFromRemoteVpc': 'boolean'},
 'RequesterPeeringConnectionOptions': {'AllowDnsResolutionFromRemoteVpc': 'boolean'}}

Modifies the VPC peering connection options on one side of a VPC peering connection. You can do the following:

  • Enable/disable communication over the peering connection between an EC2-Classic instance that's linked to your VPC (using ClassicLink) and instances in the peer VPC.

  • Enable/disable communication over the peering connection between instances in your VPC and an EC2-Classic instance that's linked to the peer VPC.

  • Enable/disable a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.

If the peered VPCs are in different accounts, each owner must initiate a separate request to modify the peering connection options, depending on whether their VPC was the requester or accepter for the VPC peering connection. If the peered VPCs are in the same account, you can modify the requester and accepter options in the same request. To confirm which VPC is the accepter and requester for a VPC peering connection, use the DescribeVpcPeeringConnections command.

Request Syntax

client.modify_vpc_peering_connection_options(
    DryRun=True|False,
    VpcPeeringConnectionId='string',
    RequesterPeeringConnectionOptions={
        'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
        'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
        'AllowDnsResolutionFromRemoteVpc': True|False
    },
    AccepterPeeringConnectionOptions={
        'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
        'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
        'AllowDnsResolutionFromRemoteVpc': True|False
    }
)
type DryRun

boolean

param DryRun

Checks whether you have the required permissions for the operation, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .

type VpcPeeringConnectionId

string

param VpcPeeringConnectionId

[REQUIRED]

The ID of the VPC peering connection.

type RequesterPeeringConnectionOptions

dict

param RequesterPeeringConnectionOptions

The VPC peering connection options for the requester VPC.

  • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

    If true, enables outbound communication from an EC2-Classic instance that's linked to a local VPC via ClassicLink to instances in a peer VPC.

  • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

    If true, enables outbound communication from instances in a local VPC to an EC2-Classic instance that's linked to a peer VPC via ClassicLink.

  • AllowDnsResolutionFromRemoteVpc (boolean) --

    If true, enables a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.

type AccepterPeeringConnectionOptions

dict

param AccepterPeeringConnectionOptions

The VPC peering connection options for the accepter VPC.

  • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

    If true, enables outbound communication from an EC2-Classic instance that's linked to a local VPC via ClassicLink to instances in a peer VPC.

  • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

    If true, enables outbound communication from instances in a local VPC to an EC2-Classic instance that's linked to a peer VPC via ClassicLink.

  • AllowDnsResolutionFromRemoteVpc (boolean) --

    If true, enables a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.

rtype

dict

returns

Response Syntax

{
    'RequesterPeeringConnectionOptions': {
        'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
        'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
        'AllowDnsResolutionFromRemoteVpc': True|False
    },
    'AccepterPeeringConnectionOptions': {
        'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False,
        'AllowEgressFromLocalVpcToRemoteClassicLink': True|False,
        'AllowDnsResolutionFromRemoteVpc': True|False
    }
}

Response Structure

  • (dict) --

    • RequesterPeeringConnectionOptions (dict) --

      Information about the VPC peering connection options for the requester VPC.

      • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

        If true, enables outbound communication from an EC2-Classic instance that's linked to a local VPC via ClassicLink to instances in a peer VPC.

      • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

        If true, enables outbound communication from instances in a local VPC to an EC2-Classic instance that's linked to a peer VPC via ClassicLink.

      • AllowDnsResolutionFromRemoteVpc (boolean) --

        If true, enables a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.

    • AccepterPeeringConnectionOptions (dict) --

      Information about the VPC peering connection options for the accepter VPC.

      • AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) --

        If true, enables outbound communication from an EC2-Classic instance that's linked to a local VPC via ClassicLink to instances in a peer VPC.

      • AllowEgressFromLocalVpcToRemoteClassicLink (boolean) --

        If true, enables outbound communication from instances in a local VPC to an EC2-Classic instance that's linked to a peer VPC via ClassicLink.

      • AllowDnsResolutionFromRemoteVpc (boolean) --

        If true, enables a local VPC to resolve public DNS hostnames to private IP addresses when queried from instances in the peer VPC.