2024/01/24 - Amazon Elastic Compute Cloud - 6 updated api methods
Changes Introduced a new clientToken request parameter on CreateNetworkAcl and CreateRouteTable APIs. The clientToken parameter allows idempotent operations on the APIs.
{'Subnet': {'State': {'unavailable'}}}
Creates a default subnet with a size /20 IPv4 CIDR block in the specified Availability Zone in your default VPC. You can have only one default subnet per Availability Zone. For more information, see Create a default subnet in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.create_default_subnet( AvailabilityZone='string', DryRun=True|False, Ipv6Native=True|False )
string
[REQUIRED]
The Availability Zone in which to create the default subnet.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
boolean
Indicates whether to create an IPv6 only subnet. If you already have a default subnet for this Availability Zone, you must delete it before you can create an IPv6 only subnet.
dict
Response Syntax
{ 'Subnet': { 'AvailabilityZone': 'string', 'AvailabilityZoneId': 'string', 'AvailableIpAddressCount': 123, 'CidrBlock': 'string', 'DefaultForAz': True|False, 'EnableLniAtDeviceIndex': 123, 'MapPublicIpOnLaunch': True|False, 'MapCustomerOwnedIpOnLaunch': True|False, 'CustomerOwnedIpv4Pool': 'string', 'State': 'pending'|'available'|'unavailable', 'SubnetId': 'string', 'VpcId': 'string', 'OwnerId': 'string', 'AssignIpv6AddressOnCreation': True|False, 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' } }, ], 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'SubnetArn': 'string', 'OutpostArn': 'string', 'EnableDns64': True|False, 'Ipv6Native': True|False, 'PrivateDnsNameOptionsOnLaunch': { 'HostnameType': 'ip-name'|'resource-name', 'EnableResourceNameDnsARecord': True|False, 'EnableResourceNameDnsAAAARecord': True|False } } }
Response Structure
(dict) --
Subnet (dict) --
Information about the subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
EnableLniAtDeviceIndex (integer) --
Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
Starting on February 1, 2024, Amazon Web Services will charge for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page .
MapCustomerOwnedIpOnLaunch (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives a customer-owned IPv4 address.
CustomerOwnedIpv4Pool (string) --
The customer-owned IPv4 address pool associated with the subnet.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an association between a subnet and an IPv6 CIDR block.
AssociationId (string) --
The ID of the association.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
The state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
OutpostArn (string) --
The Amazon Resource Name (ARN) of the Outpost.
EnableDns64 (boolean) --
Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
Ipv6Native (boolean) --
Indicates whether this is an IPv6 only subnet.
PrivateDnsNameOptionsOnLaunch (dict) --
The type of hostnames to assign to instances in the subnet at launch. An instance hostname is based on the IPv4 address or ID of the instance.
HostnameType (string) --
The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.
EnableResourceNameDnsARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
EnableResourceNameDnsAAAARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.
{'ClientToken': 'string'}
Creates a network ACL in a VPC. Network ACLs provide an optional layer of security (in addition to security groups) for the instances in your VPC.
For more information, see Network ACLs in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.create_network_acl( DryRun=True|False, VpcId='string', TagSpecifications=[ { 'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, ], ClientToken='string' )
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the VPC.
list
The tags to assign to the network ACL.
(dict) --
The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.
Note
The Valid Values lists all the resource types that can be tagged. However, the action you're using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you're using, you'll get an error.
ResourceType (string) --
The type of resource to tag on creation.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
string
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring idempotency .
This field is autopopulated if not provided.
dict
Response Syntax
{ 'NetworkAcl': { 'Associations': [ { 'NetworkAclAssociationId': 'string', 'NetworkAclId': 'string', 'SubnetId': 'string' }, ], 'Entries': [ { 'CidrBlock': 'string', 'Egress': True|False, 'IcmpTypeCode': { 'Code': 123, 'Type': 123 }, 'Ipv6CidrBlock': 'string', 'PortRange': { 'From': 123, 'To': 123 }, 'Protocol': 'string', 'RuleAction': 'allow'|'deny', 'RuleNumber': 123 }, ], 'IsDefault': True|False, 'NetworkAclId': 'string', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'VpcId': 'string', 'OwnerId': 'string' }, 'ClientToken': 'string' }
Response Structure
(dict) --
NetworkAcl (dict) --
Information about the network ACL.
Associations (list) --
Any associations between the network ACL and one or more subnets
(dict) --
Describes an association between a network ACL and a subnet.
NetworkAclAssociationId (string) --
The ID of the association between a network ACL and a subnet.
NetworkAclId (string) --
The ID of the network ACL.
SubnetId (string) --
The ID of the subnet.
Entries (list) --
The entries (rules) in the network ACL.
(dict) --
Describes an entry in a network ACL.
CidrBlock (string) --
The IPv4 network range to allow or deny, in CIDR notation.
Egress (boolean) --
Indicates whether the rule is an egress rule (applied to traffic leaving the subnet).
IcmpTypeCode (dict) --
ICMP protocol: The ICMP type and code.
Code (integer) --
The ICMP code. A value of -1 means all codes for the specified ICMP type.
Type (integer) --
The ICMP type. A value of -1 means all types.
Ipv6CidrBlock (string) --
The IPv6 network range to allow or deny, in CIDR notation.
PortRange (dict) --
TCP or UDP protocols: The range of ports the rule applies to.
From (integer) --
The first port in the range.
To (integer) --
The last port in the range.
Protocol (string) --
The protocol number. A value of "-1" means all protocols.
RuleAction (string) --
Indicates whether to allow or deny the traffic that matches the rule.
RuleNumber (integer) --
The rule number for the entry. ACL entries are processed in ascending order by rule number.
IsDefault (boolean) --
Indicates whether this is the default network ACL for the VPC.
NetworkAclId (string) --
The ID of the network ACL.
Tags (list) --
Any tags assigned to the network ACL.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
VpcId (string) --
The ID of the VPC for the network ACL.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the network ACL.
ClientToken (string) --
Unique, case-sensitive identifier to ensure the idempotency of the request. Only returned if a client token was provided in the request.
{'ClientToken': 'string'}
Creates a route table for the specified VPC. After you create a route table, you can add routes and associate the table with a subnet.
For more information, see Route tables in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.create_route_table( DryRun=True|False, VpcId='string', TagSpecifications=[ { 'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, ], ClientToken='string' )
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
[REQUIRED]
The ID of the VPC.
list
The tags to assign to the route table.
(dict) --
The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.
Note
The Valid Values lists all the resource types that can be tagged. However, the action you're using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you're using, you'll get an error.
ResourceType (string) --
The type of resource to tag on creation.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
string
Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring idempotency .
This field is autopopulated if not provided.
dict
Response Syntax
{ 'RouteTable': { 'Associations': [ { 'Main': True|False, 'RouteTableAssociationId': 'string', 'RouteTableId': 'string', 'SubnetId': 'string', 'GatewayId': 'string', 'AssociationState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failed', 'StatusMessage': 'string' } }, ], 'PropagatingVgws': [ { 'GatewayId': 'string' }, ], 'RouteTableId': 'string', 'Routes': [ { 'DestinationCidrBlock': 'string', 'DestinationIpv6CidrBlock': 'string', 'DestinationPrefixListId': 'string', 'EgressOnlyInternetGatewayId': 'string', 'GatewayId': 'string', 'InstanceId': 'string', 'InstanceOwnerId': 'string', 'NatGatewayId': 'string', 'TransitGatewayId': 'string', 'LocalGatewayId': 'string', 'CarrierGatewayId': 'string', 'NetworkInterfaceId': 'string', 'Origin': 'CreateRouteTable'|'CreateRoute'|'EnableVgwRoutePropagation', 'State': 'active'|'blackhole', 'VpcPeeringConnectionId': 'string', 'CoreNetworkArn': 'string' }, ], 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'VpcId': 'string', 'OwnerId': 'string' }, 'ClientToken': 'string' }
Response Structure
(dict) --
RouteTable (dict) --
Information about the route table.
Associations (list) --
The associations between the route table and one or more subnets or a gateway.
(dict) --
Describes an association between a route table and a subnet or gateway.
Main (boolean) --
Indicates whether this is the main route table.
RouteTableAssociationId (string) --
The ID of the association.
RouteTableId (string) --
The ID of the route table.
SubnetId (string) --
The ID of the subnet. A subnet ID is not returned for an implicit association.
GatewayId (string) --
The ID of the internet gateway or virtual private gateway.
AssociationState (dict) --
The state of the association.
State (string) --
The state of the association.
StatusMessage (string) --
The status message, if applicable.
PropagatingVgws (list) --
Any virtual private gateway (VGW) propagating routes.
(dict) --
Describes a virtual private gateway propagating route.
GatewayId (string) --
The ID of the virtual private gateway.
RouteTableId (string) --
The ID of the route table.
Routes (list) --
The routes in the route table.
(dict) --
Describes a route in a route table.
DestinationCidrBlock (string) --
The IPv4 CIDR block used for the destination match.
DestinationIpv6CidrBlock (string) --
The IPv6 CIDR block used for the destination match.
DestinationPrefixListId (string) --
The prefix of the Amazon Web Service.
EgressOnlyInternetGatewayId (string) --
The ID of the egress-only internet gateway.
GatewayId (string) --
The ID of a gateway attached to your VPC.
InstanceId (string) --
The ID of a NAT instance in your VPC.
InstanceOwnerId (string) --
The ID of Amazon Web Services account that owns the instance.
NatGatewayId (string) --
The ID of a NAT gateway.
TransitGatewayId (string) --
The ID of a transit gateway.
LocalGatewayId (string) --
The ID of the local gateway.
CarrierGatewayId (string) --
The ID of the carrier gateway.
NetworkInterfaceId (string) --
The ID of the network interface.
Origin (string) --
Describes how the route was created.
CreateRouteTable - The route was automatically created when the route table was created.
CreateRoute - The route was manually added to the route table.
EnableVgwRoutePropagation - The route was propagated by route propagation.
State (string) --
The state of the route. The blackhole state indicates that the route's target isn't available (for example, the specified gateway isn't attached to the VPC, or the specified NAT instance has been terminated).
VpcPeeringConnectionId (string) --
The ID of a VPC peering connection.
CoreNetworkArn (string) --
The Amazon Resource Name (ARN) of the core network.
Tags (list) --
Any tags assigned to the route table.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
VpcId (string) --
The ID of the VPC.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the route table.
ClientToken (string) --
Unique, case-sensitive identifier to ensure the idempotency of the request. Only returned if a client token was provided in the request.
{'Subnet': {'State': {'unavailable'}}}
Creates a subnet in the specified VPC. For an IPv4 only subnet, specify an IPv4 CIDR block. If the VPC has an IPv6 CIDR block, you can create an IPv6 only subnet or a dual stack subnet instead. For an IPv6 only subnet, specify an IPv6 CIDR block. For a dual stack subnet, specify both an IPv4 CIDR block and an IPv6 CIDR block.
A subnet CIDR block must not overlap the CIDR block of an existing subnet in the VPC. After you create a subnet, you can't change its CIDR block.
The allowed size for an IPv4 subnet is between a /28 netmask (16 IP addresses) and a /16 netmask (65,536 IP addresses). Amazon Web Services reserves both the first four and the last IPv4 address in each subnet's CIDR block. They're not available for your use.
If you've associated an IPv6 CIDR block with your VPC, you can associate an IPv6 CIDR block with a subnet when you create it.
If you add more than one subnet to a VPC, they're set up in a star topology with a logical router in the middle.
When you stop an instance in a subnet, it retains its private IPv4 address. It's therefore possible to have a subnet with no running instances (they're all stopped), but no remaining IP addresses available.
For more information, see Subnets in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.create_subnet( TagSpecifications=[ { 'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, ], AvailabilityZone='string', AvailabilityZoneId='string', CidrBlock='string', Ipv6CidrBlock='string', OutpostArn='string', VpcId='string', DryRun=True|False, Ipv6Native=True|False, Ipv4IpamPoolId='string', Ipv4NetmaskLength=123, Ipv6IpamPoolId='string', Ipv6NetmaskLength=123 )
list
The tags to assign to the subnet.
(dict) --
The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.
Note
The Valid Values lists all the resource types that can be tagged. However, the action you're using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you're using, you'll get an error.
ResourceType (string) --
The type of resource to tag on creation.
Tags (list) --
The tags to apply to the resource.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
string
The Availability Zone or Local Zone for the subnet.
Default: Amazon Web Services selects one for you. If you create more than one subnet in your VPC, we do not necessarily select a different zone for each subnet.
To create a subnet in a Local Zone, set this value to the Local Zone ID, for example us-west-2-lax-1a . For information about the Regions that support Local Zones, see Local Zones locations .
To create a subnet in an Outpost, set this value to the Availability Zone for the Outpost and specify the Outpost ARN.
string
The AZ ID or the Local Zone ID of the subnet.
string
The IPv4 network range for the subnet, in CIDR notation. For example, 10.0.0.0/24 . We modify the specified CIDR block to its canonical form; for example, if you specify 100.68.0.18/18 , we modify it to 100.68.0.0/18 .
This parameter is not supported for an IPv6 only subnet.
string
The IPv6 network range for the subnet, in CIDR notation. This parameter is required for an IPv6 only subnet.
string
The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost ARN, you must also specify the Availability Zone of the Outpost subnet.
string
[REQUIRED]
The ID of the VPC.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
boolean
Indicates whether to create an IPv6 only subnet.
string
An IPv4 IPAM pool ID for the subnet.
integer
An IPv4 netmask length for the subnet.
string
An IPv6 IPAM pool ID for the subnet.
integer
An IPv6 netmask length for the subnet.
dict
Response Syntax
{ 'Subnet': { 'AvailabilityZone': 'string', 'AvailabilityZoneId': 'string', 'AvailableIpAddressCount': 123, 'CidrBlock': 'string', 'DefaultForAz': True|False, 'EnableLniAtDeviceIndex': 123, 'MapPublicIpOnLaunch': True|False, 'MapCustomerOwnedIpOnLaunch': True|False, 'CustomerOwnedIpv4Pool': 'string', 'State': 'pending'|'available'|'unavailable', 'SubnetId': 'string', 'VpcId': 'string', 'OwnerId': 'string', 'AssignIpv6AddressOnCreation': True|False, 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' } }, ], 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'SubnetArn': 'string', 'OutpostArn': 'string', 'EnableDns64': True|False, 'Ipv6Native': True|False, 'PrivateDnsNameOptionsOnLaunch': { 'HostnameType': 'ip-name'|'resource-name', 'EnableResourceNameDnsARecord': True|False, 'EnableResourceNameDnsAAAARecord': True|False } } }
Response Structure
(dict) --
Subnet (dict) --
Information about the subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
EnableLniAtDeviceIndex (integer) --
Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
Starting on February 1, 2024, Amazon Web Services will charge for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page .
MapCustomerOwnedIpOnLaunch (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives a customer-owned IPv4 address.
CustomerOwnedIpv4Pool (string) --
The customer-owned IPv4 address pool associated with the subnet.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an association between a subnet and an IPv6 CIDR block.
AssociationId (string) --
The ID of the association.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
The state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
OutpostArn (string) --
The Amazon Resource Name (ARN) of the Outpost.
EnableDns64 (boolean) --
Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
Ipv6Native (boolean) --
Indicates whether this is an IPv6 only subnet.
PrivateDnsNameOptionsOnLaunch (dict) --
The type of hostnames to assign to instances in the subnet at launch. An instance hostname is based on the IPv4 address or ID of the instance.
HostnameType (string) --
The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.
EnableResourceNameDnsARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
EnableResourceNameDnsAAAARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.
{'AvailabilityZones': {'State': {'constrained'}}}
Describes the Availability Zones, Local Zones, and Wavelength Zones that are available to you. If there is an event impacting a zone, you can use this request to view the state and any provided messages for that zone.
For more information about Availability Zones, Local Zones, and Wavelength Zones, see Regions and zones in the Amazon Elastic Compute Cloud User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_availability_zones( Filters=[ { 'Name': 'string', 'Values': [ 'string', ] }, ], ZoneNames=[ 'string', ], ZoneIds=[ 'string', ], AllAvailabilityZones=True|False, DryRun=True|False )
list
The filters.
group-name - For Availability Zones, use the Region name. For Local Zones, use the name of the group associated with the Local Zone (for example, us-west-2-lax-1 ) For Wavelength Zones, use the name of the group associated with the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1 ).
message - The Zone message.
opt-in-status - The opt-in status (opted-in | not-opted-in | opt-in-not-required ).
parent-zone-id - The ID of the zone that handles some of the Local Zone and Wavelength Zone control plane operations, such as API calls.
parent-zone-name - The ID of the zone that handles some of the Local Zone and Wavelength Zone control plane operations, such as API calls.
region-name - The name of the Region for the Zone (for example, us-east-1 ).
state - The state of the Availability Zone, the Local Zone, or the Wavelength Zone (available ).
zone-id - The ID of the Availability Zone (for example, use1-az1 ), the Local Zone (for example, usw2-lax1-az1 ), or the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1 ).
zone-name - The name of the Availability Zone (for example, us-east-1a ), the Local Zone (for example, us-west-2-lax-1a ), or the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1 ).
zone-type - The type of zone (availability-zone | local-zone | wavelength-zone ).
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.
(string) --
list
The names of the Availability Zones, Local Zones, and Wavelength Zones.
(string) --
list
The IDs of the Availability Zones, Local Zones, and Wavelength Zones.
(string) --
boolean
Include all Availability Zones, Local Zones, and Wavelength Zones regardless of your opt-in status.
If you do not use this parameter, the results include only the zones for the Regions where you have chosen the option to opt in.
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
dict
Response Syntax
{ 'AvailabilityZones': [ { 'State': 'available'|'information'|'impaired'|'unavailable'|'constrained', 'OptInStatus': 'opt-in-not-required'|'opted-in'|'not-opted-in', 'Messages': [ { 'Message': 'string' }, ], 'RegionName': 'string', 'ZoneName': 'string', 'ZoneId': 'string', 'GroupName': 'string', 'NetworkBorderGroup': 'string', 'ZoneType': 'string', 'ParentZoneName': 'string', 'ParentZoneId': 'string' }, ] }
Response Structure
(dict) --
AvailabilityZones (list) --
Information about the Availability Zones, Local Zones, and Wavelength Zones.
(dict) --
Describes Availability Zones, Local Zones, and Wavelength Zones.
State (string) --
The state of the Availability Zone, Local Zone, or Wavelength Zone. This value is always available .
OptInStatus (string) --
For Availability Zones, this parameter always has the value of opt-in-not-required .
For Local Zones and Wavelength Zones, this parameter is the opt-in status. The possible values are opted-in , and not-opted-in .
Messages (list) --
Any messages about the Availability Zone, Local Zone, or Wavelength Zone.
(dict) --
Describes a message about an Availability Zone, Local Zone, or Wavelength Zone.
Message (string) --
The message about the Availability Zone, Local Zone, or Wavelength Zone.
RegionName (string) --
The name of the Region.
ZoneName (string) --
The name of the Availability Zone, Local Zone, or Wavelength Zone.
ZoneId (string) --
The ID of the Availability Zone, Local Zone, or Wavelength Zone.
GroupName (string) --
For Availability Zones, this parameter has the same value as the Region name.
For Local Zones, the name of the associated group, for example us-west-2-lax-1 .
For Wavelength Zones, the name of the associated group, for example us-east-1-wl1-bos-wlz-1 .
NetworkBorderGroup (string) --
The name of the network border group.
ZoneType (string) --
The type of zone. The valid values are availability-zone , local-zone , and wavelength-zone .
ParentZoneName (string) --
The name of the zone that handles some of the Local Zone or Wavelength Zone control plane operations, such as API calls.
ParentZoneId (string) --
The ID of the zone that handles some of the Local Zone or Wavelength Zone control plane operations, such as API calls.
{'Subnets': {'State': {'unavailable'}}}
Describes one or more of your subnets.
For more information, see Subnets in the Amazon VPC User Guide .
See also: AWS API Documentation
Request Syntax
client.describe_subnets( Filters=[ { 'Name': 'string', 'Values': [ 'string', ] }, ], SubnetIds=[ 'string', ], DryRun=True|False, NextToken='string', MaxResults=123 )
list
The filters.
availability-zone - The Availability Zone for the subnet. You can also use availabilityZone as the filter name.
availability-zone-id - The ID of the Availability Zone for the subnet. You can also use availabilityZoneId as the filter name.
available-ip-address-count - The number of IPv4 addresses in the subnet that are available.
cidr-block - The IPv4 CIDR block of the subnet. The CIDR block you specify must exactly match the subnet's CIDR block for information to be returned for the subnet. You can also use cidr or cidrBlock as the filter names.
customer-owned-ipv4-pool - The customer-owned IPv4 address pool associated with the subnet.
default-for-az - Indicates whether this is the default subnet for the Availability Zone (true | false ). You can also use defaultForAz as the filter name.
enable-dns64 - Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
enable-lni-at-device-index - Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).
ipv6-cidr-block-association.ipv6-cidr-block - An IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.association-id - An association ID for an IPv6 CIDR block associated with the subnet.
ipv6-cidr-block-association.state - The state of an IPv6 CIDR block associated with the subnet.
ipv6-native - Indicates whether this is an IPv6 only subnet (true | false ).
map-customer-owned-ip-on-launch - Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives a customer-owned IPv4 address.
map-public-ip-on-launch - Indicates whether instances launched in this subnet receive a public IPv4 address.
outpost-arn - The Amazon Resource Name (ARN) of the Outpost.
owner-id - The ID of the Amazon Web Services account that owns the subnet.
private-dns-name-options-on-launch.hostname-type - The type of hostname to assign to instances in the subnet at launch. For IPv4-only and dual-stack (IPv4 and IPv6) subnets, an instance DNS name can be based on the instance IPv4 address (ip-name) or the instance ID (resource-name). For IPv6 only subnets, an instance DNS name must be based on the instance ID (resource-name).
private-dns-name-options-on-launch.enable-resource-name-dns-a-record - Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
private-dns-name-options-on-launch.enable-resource-name-dns-aaaa-record - Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records.
state - The state of the subnet (pending | available ).
subnet-arn - The Amazon Resource Name (ARN) of the subnet.
subnet-id - The ID of the subnet.
tag :<key> - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key Owner and the value TeamA , specify tag:Owner for the filter name and TeamA for the filter value.
tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.
vpc-id - The ID of the VPC for the subnet.
(dict) --
A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.
If you specify multiple filters, the filters are joined with an AND , and the request returns only results that match all of the specified filters.
Name (string) --
The name of the filter. Filter names are case-sensitive.
Values (list) --
The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR , and the request returns all results that match any of the specified values.
(string) --
list
The IDs of the subnets.
Default: Describes all your subnets.
(string) --
boolean
Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation . Otherwise, it is UnauthorizedOperation .
string
The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.
integer
The maximum number of items to return for this request. To get the next page of items, make another request with the token returned in the output. For more information, see Pagination .
dict
Response Syntax
{ 'Subnets': [ { 'AvailabilityZone': 'string', 'AvailabilityZoneId': 'string', 'AvailableIpAddressCount': 123, 'CidrBlock': 'string', 'DefaultForAz': True|False, 'EnableLniAtDeviceIndex': 123, 'MapPublicIpOnLaunch': True|False, 'MapCustomerOwnedIpOnLaunch': True|False, 'CustomerOwnedIpv4Pool': 'string', 'State': 'pending'|'available'|'unavailable', 'SubnetId': 'string', 'VpcId': 'string', 'OwnerId': 'string', 'AssignIpv6AddressOnCreation': True|False, 'Ipv6CidrBlockAssociationSet': [ { 'AssociationId': 'string', 'Ipv6CidrBlock': 'string', 'Ipv6CidrBlockState': { 'State': 'associating'|'associated'|'disassociating'|'disassociated'|'failing'|'failed', 'StatusMessage': 'string' } }, ], 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'SubnetArn': 'string', 'OutpostArn': 'string', 'EnableDns64': True|False, 'Ipv6Native': True|False, 'PrivateDnsNameOptionsOnLaunch': { 'HostnameType': 'ip-name'|'resource-name', 'EnableResourceNameDnsARecord': True|False, 'EnableResourceNameDnsAAAARecord': True|False } }, ], 'NextToken': 'string' }
Response Structure
(dict) --
Subnets (list) --
Information about one or more subnets.
(dict) --
Describes a subnet.
AvailabilityZone (string) --
The Availability Zone of the subnet.
AvailabilityZoneId (string) --
The AZ ID of the subnet.
AvailableIpAddressCount (integer) --
The number of unused private IPv4 addresses in the subnet. The IPv4 addresses for any stopped instances are considered unavailable.
CidrBlock (string) --
The IPv4 CIDR block assigned to the subnet.
DefaultForAz (boolean) --
Indicates whether this is the default subnet for the Availability Zone.
EnableLniAtDeviceIndex (integer) --
Indicates the device position for local network interfaces in this subnet. For example, 1 indicates local network interfaces in this subnet are the secondary network interface (eth1).
MapPublicIpOnLaunch (boolean) --
Indicates whether instances launched in this subnet receive a public IPv4 address.
Starting on February 1, 2024, Amazon Web Services will charge for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the Public IPv4 Address tab on the Amazon VPC pricing page .
MapCustomerOwnedIpOnLaunch (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives a customer-owned IPv4 address.
CustomerOwnedIpv4Pool (string) --
The customer-owned IPv4 address pool associated with the subnet.
State (string) --
The current state of the subnet.
SubnetId (string) --
The ID of the subnet.
VpcId (string) --
The ID of the VPC the subnet is in.
OwnerId (string) --
The ID of the Amazon Web Services account that owns the subnet.
AssignIpv6AddressOnCreation (boolean) --
Indicates whether a network interface created in this subnet (including a network interface created by RunInstances ) receives an IPv6 address.
Ipv6CidrBlockAssociationSet (list) --
Information about the IPv6 CIDR blocks associated with the subnet.
(dict) --
Describes an association between a subnet and an IPv6 CIDR block.
AssociationId (string) --
The ID of the association.
Ipv6CidrBlock (string) --
The IPv6 CIDR block.
Ipv6CidrBlockState (dict) --
The state of the CIDR block.
State (string) --
The state of a CIDR block.
StatusMessage (string) --
A message about the status of the CIDR block, if applicable.
Tags (list) --
Any tags assigned to the subnet.
(dict) --
Describes a tag.
Key (string) --
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws: .
Value (string) --
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
SubnetArn (string) --
The Amazon Resource Name (ARN) of the subnet.
OutpostArn (string) --
The Amazon Resource Name (ARN) of the Outpost.
EnableDns64 (boolean) --
Indicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.
Ipv6Native (boolean) --
Indicates whether this is an IPv6 only subnet.
PrivateDnsNameOptionsOnLaunch (dict) --
The type of hostnames to assign to instances in the subnet at launch. An instance hostname is based on the IPv4 address or ID of the instance.
HostnameType (string) --
The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID.
EnableResourceNameDnsARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostnames with DNS A records.
EnableResourceNameDnsAAAARecord (boolean) --
Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records.
NextToken (string) --
The token to include in another request to get the next page of items. This value is null when there are no more items to return.