Amazon Elastic Compute Cloud

2026/07/01 - Amazon Elastic Compute Cloud - 2 new 4 updated api methods

Changes  Use declarative policies to enable VPC Encryption Controls across your organization or select accounts. Added AMD SEV-SNP support for EC2 Dedicated Hosts. Managed resource visibility settings control whether AWS-provisioned resources in your account appear in console views and API list operations.

DescribeAccountVpcEncryptionControl (new) Link ¶

Describes the account-level VPC Encryption Control configuration for your account. VPC Encryption Control enables you to enforce encryption for all data in transit within and between VPCs to meet compliance requirements.

For more information, see Enforce VPC encryption in transit in the Amazon VPC User Guide.

See also: AWS API Documentation

Request Syntax

client.describe_account_vpc_encryption_control(
    DryRun=True|False
)
type DryRun:

boolean

param DryRun:

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

rtype:

dict

returns:

Response Syntax

{
    'AccountVpcEncryptionControl': {
        'State': 'default-state'|'transitions-in-progress'|'transitions-partially-successful'|'transitions-successful'|'transitions-failed',
        'Mode': 'unmanaged'|'attempt-monitor'|'attempt-enforce',
        'Exclusions': {
            'InternetGateway': 'enabling'|'enabled'|'disabling'|'disabled',
            'EgressOnlyInternetGateway': 'enabling'|'enabled'|'disabling'|'disabled',
            'NatGateway': 'enabling'|'enabled'|'disabling'|'disabled',
            'VirtualPrivateGateway': 'enabling'|'enabled'|'disabling'|'disabled',
            'VpcPeering': 'enabling'|'enabled'|'disabling'|'disabled',
            'Lambda': 'enabling'|'enabled'|'disabling'|'disabled',
            'VpcLattice': 'enabling'|'enabled'|'disabling'|'disabled',
            'ElasticFileSystem': 'enabling'|'enabled'|'disabling'|'disabled'
        },
        'ManagedBy': 'account'|'declarative-policy',
        'LastUpdateTimestamp': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    • AccountVpcEncryptionControl (dict) --

      Information about the account-level VPC Encryption Control configuration.

      • State (string) --

        The current state of the account-level VPC Encryption Control configuration.

      • Mode (string) --

        The encryption mode for the account-level VPC Encryption Control configuration.

      • Exclusions (dict) --

        Information about the traffic exclusions for the account-level VPC Encryption Control configuration.

        • InternetGateway (string) --

          The exclusion configuration for internet gateway resource.

        • EgressOnlyInternetGateway (string) --

          The exclusion configuration for egress-only internet gateway resource.

        • NatGateway (string) --

          The exclusion configuration for NAT gateway resource.

        • VirtualPrivateGateway (string) --

          The exclusion configuration for virtual private gateway resource.

        • VpcPeering (string) --

          The exclusion configuration for VPC peering connection resource.

        • Lambda (string) --

          The exclusion configuration for Lambda service.

        • VpcLattice (string) --

          The exclusion configuration for VPC Lattice service.

        • ElasticFileSystem (string) --

          The exclusion configuration for Elastic File System service.

      • ManagedBy (string) --

        The entity that manages the account-level VPC Encryption Control configuration.

      • LastUpdateTimestamp (datetime) --

        The date and time when the account-level VPC Encryption Control configuration was last updated.

ModifyAccountVpcEncryptionControl (new) Link ¶

Modifies the account-level VPC Encryption Control configuration. This sets the encryption control mode and resource exclusions that apply to the VPCs in your account. VPC Encryption Control enables you to enforce encryption for all data in transit within and between VPCs to meet compliance requirements.

For more information, see Enforce VPC encryption in transit in the Amazon VPC User Guide.

See also: AWS API Documentation

Request Syntax

client.modify_account_vpc_encryption_control(
    DryRun=True|False,
    Mode='unmanaged'|'attempt-monitor'|'attempt-enforce',
    InternetGateway='enable'|'disable',
    EgressOnlyInternetGateway='enable'|'disable',
    NatGateway='enable'|'disable',
    VirtualPrivateGateway='enable'|'disable',
    VpcPeering='enable'|'disable',
    Lambda='enable'|'disable',
    VpcLattice='enable'|'disable',
    ElasticFileSystem='enable'|'disable'
)
type DryRun:

boolean

param DryRun:

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

type Mode:

string

param Mode:

The encryption mode for the account encryption control configuration.

type InternetGateway:

string

param InternetGateway:

Specifies whether to exclude internet gateway resource from account-level encryption enforcement.

type EgressOnlyInternetGateway:

string

param EgressOnlyInternetGateway:

Specifies whether to exclude egress-only internet gateway resource from account-level encryption enforcement.

type NatGateway:

string

param NatGateway:

Specifies whether to exclude NAT gateway resource from account-level encryption enforcement.

type VirtualPrivateGateway:

string

param VirtualPrivateGateway:

Specifies whether to exclude virtual private gateway resource from account-level encryption enforcement.

type VpcPeering:

string

param VpcPeering:

Specifies whether to exclude VPC peering connection resource from account-level encryption enforcement.

type Lambda:

string

param Lambda:

Specifies whether to exclude Lambda service from account-level encryption enforcement.

type VpcLattice:

string

param VpcLattice:

Specifies whether to exclude VPC Lattice service from account-level encryption enforcement.

type ElasticFileSystem:

string

param ElasticFileSystem:

Specifies whether to exclude Elastic File System service from account-level encryption enforcement.

rtype:

dict

returns:

Response Syntax

{
    'AccountVpcEncryptionControl': {
        'State': 'default-state'|'transitions-in-progress'|'transitions-partially-successful'|'transitions-successful'|'transitions-failed',
        'Mode': 'unmanaged'|'attempt-monitor'|'attempt-enforce',
        'Exclusions': {
            'InternetGateway': 'enabling'|'enabled'|'disabling'|'disabled',
            'EgressOnlyInternetGateway': 'enabling'|'enabled'|'disabling'|'disabled',
            'NatGateway': 'enabling'|'enabled'|'disabling'|'disabled',
            'VirtualPrivateGateway': 'enabling'|'enabled'|'disabling'|'disabled',
            'VpcPeering': 'enabling'|'enabled'|'disabling'|'disabled',
            'Lambda': 'enabling'|'enabled'|'disabling'|'disabled',
            'VpcLattice': 'enabling'|'enabled'|'disabling'|'disabled',
            'ElasticFileSystem': 'enabling'|'enabled'|'disabling'|'disabled'
        },
        'ManagedBy': 'account'|'declarative-policy',
        'LastUpdateTimestamp': datetime(2015, 1, 1)
    }
}

Response Structure

  • (dict) --

    • AccountVpcEncryptionControl (dict) --

      Information about the account-level VPC Encryption Control configuration.

      • State (string) --

        The current state of the account-level VPC Encryption Control configuration.

      • Mode (string) --

        The encryption mode for the account-level VPC Encryption Control configuration.

      • Exclusions (dict) --

        Information about the traffic exclusions for the account-level VPC Encryption Control configuration.

        • InternetGateway (string) --

          The exclusion configuration for internet gateway resource.

        • EgressOnlyInternetGateway (string) --

          The exclusion configuration for egress-only internet gateway resource.

        • NatGateway (string) --

          The exclusion configuration for NAT gateway resource.

        • VirtualPrivateGateway (string) --

          The exclusion configuration for virtual private gateway resource.

        • VpcPeering (string) --

          The exclusion configuration for VPC peering connection resource.

        • Lambda (string) --

          The exclusion configuration for Lambda service.

        • VpcLattice (string) --

          The exclusion configuration for VPC Lattice service.

        • ElasticFileSystem (string) --

          The exclusion configuration for Elastic File System service.

      • ManagedBy (string) --

        The entity that manages the account-level VPC Encryption Control configuration.

      • LastUpdateTimestamp (datetime) --

        The date and time when the account-level VPC Encryption Control configuration was last updated.

AllocateHosts (updated) Link ¶
Changes (request)
{'CpuOptions': {'AmdSevSnp': 'enabled | disabled'}}

Allocates a Dedicated Host to your account. At a minimum, specify the supported instance type or instance family, the Availability Zone in which to allocate the host, and the number of hosts to allocate.

See also: AWS API Documentation

Request Syntax

client.allocate_hosts(
    InstanceFamily='string',
    TagSpecifications=[
        {
            'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'declarative-policies-report'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'image-usage-report'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'outpost-lag'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'service-link-virtual-interface'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-metering-policy'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'vpc-encryption-control'|'route-server'|'route-server-endpoint'|'route-server-peer'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint'|'verified-access-endpoint-target'|'ipam-external-resource-verification-token'|'capacity-block'|'mac-modification-task'|'ipam-prefix-list-resolver'|'ipam-policy'|'ipam-prefix-list-resolver-target'|'secondary-interface'|'secondary-network'|'secondary-subnet'|'capacity-manager-data-export'|'vpn-concentrator'|'ipam-pool-allocation'|'capacity-reservation-cancellation-quote',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ],
    HostRecovery='on'|'off',
    OutpostArn='string',
    HostMaintenance='on'|'off',
    AssetIds=[
        'string',
    ],
    AvailabilityZoneId='string',
    CpuOptions={
        'AmdSevSnp': 'enabled'|'disabled'
    },
    AutoPlacement='on'|'off',
    ClientToken='string',
    InstanceType='string',
    Quantity=123,
    AvailabilityZone='string'
)
type InstanceFamily:

string

param InstanceFamily:

Specifies the instance family to be supported by the Dedicated Hosts. If you specify an instance family, the Dedicated Hosts support multiple instance types within that instance family.

If you want the Dedicated Hosts to support a specific instance type only, omit this parameter and specify InstanceType instead. You cannot specify InstanceFamily and InstanceType in the same request.

type TagSpecifications:

list

param TagSpecifications:

The tags to apply to the Dedicated Host during creation.

  • (dict) --

    The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.

    • ResourceType (string) --

      The type of resource to tag on creation.

    • Tags (list) --

      The tags to apply to the resource.

      • (dict) --

        Describes a tag.

        • Key (string) --

          The key of the tag.

          Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:.

        • Value (string) --

          The value of the tag.

          Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

type HostRecovery:

string

param HostRecovery:

Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see Host recovery in the Amazon EC2 User Guide.

Default: off

type OutpostArn:

string

param OutpostArn:

The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which to allocate the Dedicated Host. If you specify OutpostArn, you can optionally specify AssetIds.

If you are allocating the Dedicated Host in a Region, omit this parameter.

type HostMaintenance:

string

param HostMaintenance:

Indicates whether to enable or disable host maintenance for the Dedicated Host. For more information, see Host maintenance in the Amazon EC2 User Guide.

type AssetIds:

list

param AssetIds:

The IDs of the Outpost hardware assets on which to allocate the Dedicated Hosts. Targeting specific hardware assets on an Outpost can help to minimize latency between your workloads. This parameter is supported only if you specify OutpostArn. If you are allocating the Dedicated Hosts in a Region, omit this parameter.

  • If you specify this parameter, you can omit Quantity. In this case, Amazon EC2 allocates a Dedicated Host on each specified hardware asset.

  • If you specify both AssetIds and Quantity, then the value for Quantity must be equal to the number of asset IDs specified.

  • (string) --

type AvailabilityZoneId:

string

param AvailabilityZoneId:

The ID of the Availability Zone.

type CpuOptions:

dict

param CpuOptions:

The CPU configuration options to apply to the Dedicated Host.

  • AmdSevSnp (string) --

    Specifies whether AMD Secure Encrypted Virtualization-Secure Nested Paging (AMD SEV-SNP) is enabled or disabled for the Dedicated Host. If you don't specify a value, AMD SEV-SNP is disabled.

type AutoPlacement:

string

param AutoPlacement:

Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see Understanding auto-placement and affinity in the Amazon EC2 User Guide.

Default: off

type ClientToken:

string

param ClientToken:

Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.

type InstanceType:

string

param InstanceType:

Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.

If you want the Dedicated Hosts to support multiple instance types in a specific instance family, omit this parameter and specify InstanceFamily instead. You cannot specify InstanceType and InstanceFamily in the same request.

type Quantity:

integer

param Quantity:

The number of Dedicated Hosts to allocate to your account with these parameters. If you are allocating the Dedicated Hosts on an Outpost, and you specify AssetIds, you can omit this parameter. In this case, Amazon EC2 allocates a Dedicated Host on each specified hardware asset. If you specify both AssetIds and Quantity, then the value that you specify for Quantity must be equal to the number of asset IDs specified.

type AvailabilityZone:

string

param AvailabilityZone:

The Availability Zone in which to allocate the Dedicated Host.

rtype:

dict

returns:

Response Syntax

{
    'HostIds': [
        'string',
    ]
}

Response Structure

  • (dict) --

    Contains the output of AllocateHosts.

    • HostIds (list) --

      The ID of the allocated Dedicated Host. This is used to launch an instance onto a specific host.

      • (string) --

DescribeHosts (updated) Link ¶
Changes (response)
{'Hosts': {'CpuOptions': {'AmdSevSnp': 'enabled | disabled'},
           'State': {'configuring'}}}

Describes the specified Dedicated Hosts or all your Dedicated Hosts.

The results describe only the Dedicated Hosts in the Region you're currently using. All listed instances consume capacity on your Dedicated Host. Dedicated Hosts that have recently been released are listed with the state released.

See also: AWS API Documentation

Request Syntax

client.describe_hosts(
    HostIds=[
        'string',
    ],
    NextToken='string',
    MaxResults=123,
    Filter=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ]
)
type HostIds:

list

param HostIds:

The IDs of the Dedicated Hosts. The IDs are used for targeted instance launches.

  • (string) --

type NextToken:

string

param NextToken:

The token to use to retrieve the next page of results.

type MaxResults:

integer

param MaxResults:

The maximum number of results to return for the request in a single page. The remaining results can be seen by sending another request with the returned nextToken value. This value can be between 5 and 500. If maxResults is given a larger value than 500, you receive an error.

You cannot specify this parameter and the host IDs parameter in the same request.

type Filter:

list

param Filter:

The filters.

  • auto-placement - Whether auto-placement is enabled or disabled ( on | off).

  • availability-zone - The Availability Zone of the host.

  • client-token - The idempotency token that you provided when you allocated the host.

  • host-reservation-id - The ID of the reservation assigned to this host.

  • instance-type - The instance type size that the Dedicated Host is configured to support.

  • state - The allocation state of the Dedicated Host ( available | under-assessment | permanent-failure | released | released-permanent-failure).

  • tag-key - The key of a tag assigned to the resource. Use this filter to find all resources assigned a tag with a specific key, regardless of the tag value.

  • (dict) --

    A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.

    If you specify multiple filters, the filters are joined with an AND, and the request returns only results that match all of the specified filters.

    For more information, see List and filter using the CLI and API in the Amazon EC2 User Guide.

    • Name (string) --

      The name of the filter. Filter names are case-sensitive.

    • Values (list) --

      The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR, and the request returns all results that match any of the specified values.

      • (string) --

rtype:

dict

returns:

Response Syntax

{
    'Hosts': [
        {
            'AutoPlacement': 'on'|'off',
            'AvailabilityZone': 'string',
            'AvailableCapacity': {
                'AvailableInstanceCapacity': [
                    {
                        'AvailableCapacity': 123,
                        'InstanceType': 'string',
                        'TotalCapacity': 123
                    },
                ],
                'AvailableVCpus': 123
            },
            'ClientToken': 'string',
            'HostId': 'string',
            'HostProperties': {
                'Cores': 123,
                'InstanceType': 'string',
                'InstanceFamily': 'string',
                'Sockets': 123,
                'TotalVCpus': 123
            },
            'HostReservationId': 'string',
            'Instances': [
                {
                    'InstanceId': 'string',
                    'InstanceType': 'string',
                    'OwnerId': 'string'
                },
            ],
            'State': 'available'|'under-assessment'|'permanent-failure'|'released'|'released-permanent-failure'|'pending'|'configuring',
            'AllocationTime': datetime(2015, 1, 1),
            'ReleaseTime': datetime(2015, 1, 1),
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ],
            'HostRecovery': 'on'|'off',
            'AllowsMultipleInstanceTypes': 'on'|'off',
            'OwnerId': 'string',
            'AvailabilityZoneId': 'string',
            'MemberOfServiceLinkedResourceGroup': True|False,
            'OutpostArn': 'string',
            'HostMaintenance': 'on'|'off',
            'AssetId': 'string',
            'CpuOptions': {
                'AmdSevSnp': 'enabled'|'disabled'
            }
        },
    ],
    'NextToken': 'string'
}

Response Structure

  • (dict) --

    • Hosts (list) --

      Information about the Dedicated Hosts.

      • (dict) --

        Describes the properties of the Dedicated Host.

        • AutoPlacement (string) --

          Whether auto-placement is on or off.

        • AvailabilityZone (string) --

          The Availability Zone of the Dedicated Host.

        • AvailableCapacity (dict) --

          Information about the instances running on the Dedicated Host.

          • AvailableInstanceCapacity (list) --

            The number of instances that can be launched onto the Dedicated Host depending on the host's available capacity. For Dedicated Hosts that support multiple instance types, this parameter represents the number of instances for each instance size that is supported on the host.

            • (dict) --

              Information about the number of instances that can be launched onto the Dedicated Host.

              • AvailableCapacity (integer) --

                The number of instances that can be launched onto the Dedicated Host based on the host's available capacity.

              • InstanceType (string) --

                The instance type supported by the Dedicated Host.

              • TotalCapacity (integer) --

                The total number of instances that can be launched onto the Dedicated Host if there are no instances running on it.

          • AvailableVCpus (integer) --

            The number of vCPUs available for launching instances onto the Dedicated Host.

        • ClientToken (string) --

          Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see Ensuring Idempotency.

        • HostId (string) --

          The ID of the Dedicated Host.

        • HostProperties (dict) --

          The hardware specifications of the Dedicated Host.

          • Cores (integer) --

            The number of cores on the Dedicated Host.

          • InstanceType (string) --

            The instance type supported by the Dedicated Host. For example, m5.large. If the host supports multiple instance types, no instanceType is returned.

          • InstanceFamily (string) --

            The instance family supported by the Dedicated Host. For example, m5.

          • Sockets (integer) --

            The number of sockets on the Dedicated Host.

          • TotalVCpus (integer) --

            The total number of vCPUs on the Dedicated Host.

        • HostReservationId (string) --

          The reservation ID of the Dedicated Host. This returns a null response if the Dedicated Host doesn't have an associated reservation.

        • Instances (list) --

          The IDs and instance type that are currently running on the Dedicated Host.

          • (dict) --

            Describes an instance running on a Dedicated Host.

            • InstanceId (string) --

              The ID of instance that is running on the Dedicated Host.

            • InstanceType (string) --

              The instance type (for example, m3.medium) of the running instance.

            • OwnerId (string) --

              The ID of the Amazon Web Services account that owns the instance.

        • State (string) --

          The Dedicated Host's state.

        • AllocationTime (datetime) --

          The time that the Dedicated Host was allocated.

        • ReleaseTime (datetime) --

          The time that the Dedicated Host was released.

        • Tags (list) --

          Any tags assigned to the Dedicated Host.

          • (dict) --

            Describes a tag.

            • Key (string) --

              The key of the tag.

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:.

            • Value (string) --

              The value of the tag.

              Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

        • HostRecovery (string) --

          Indicates whether host recovery is enabled or disabled for the Dedicated Host.

        • AllowsMultipleInstanceTypes (string) --

          Indicates whether the Dedicated Host supports multiple instance types of the same instance family. If the value is on, the Dedicated Host supports multiple instance types in the instance family. If the value is off, the Dedicated Host supports a single instance type only.

        • OwnerId (string) --

          The ID of the Amazon Web Services account that owns the Dedicated Host.

        • AvailabilityZoneId (string) --

          The ID of the Availability Zone in which the Dedicated Host is allocated.

        • MemberOfServiceLinkedResourceGroup (boolean) --

          Indicates whether the Dedicated Host is in a host resource group. If memberOfServiceLinkedResourceGroup is true, the host is in a host resource group; otherwise, it is not.

        • OutpostArn (string) --

          The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which the Dedicated Host is allocated.

        • HostMaintenance (string) --

          Indicates whether host maintenance is enabled or disabled for the Dedicated Host.

        • AssetId (string) --

          The ID of the Outpost hardware asset on which the Dedicated Host is allocated.

        • CpuOptions (dict) --

          The CPU options for the Dedicated Host, including AMD Secure Encrypted Virtualization-Secure Nested Paging (AMD SEV-SNP) settings.

          • AmdSevSnp (string) --

            Specifies whether AMD Secure Encrypted Virtualization-Secure Nested Paging (AMD SEV-SNP) is enabled or disabled for the Dedicated Host. If you don't specify a value, AMD SEV-SNP is disabled.

    • NextToken (string) --

      The token to use to retrieve the next page of results. This value is null when there are no more results to return.

DescribeVolumesModifications (updated) Link ¶
Changes (request, response)
Request
{'IncludeManagedResources': 'boolean'}
Response
{'VolumesModifications': {'Operator': {'HiddenByDefault': 'boolean',
                                       'Managed': 'boolean',
                                       'Principal': 'string'}}}

Describes the most recent volume modification request for the specified EBS volumes.

For more information, see Monitor the progress of volume modifications in the Amazon EBS User Guide.

See also: AWS API Documentation

Request Syntax

client.describe_volumes_modifications(
    DryRun=True|False,
    VolumeIds=[
        'string',
    ],
    Filters=[
        {
            'Name': 'string',
            'Values': [
                'string',
            ]
        },
    ],
    NextToken='string',
    MaxResults=123,
    IncludeManagedResources=True|False
)
type DryRun:

boolean

param DryRun:

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

type VolumeIds:

list

param VolumeIds:

The IDs of the volumes.

  • (string) --

type Filters:

list

param Filters:

The filters.

  • modification-state - The current modification state (modifying | optimizing | completed | failed).

  • original-iops - The original IOPS rate of the volume.

  • original-size - The original size of the volume, in GiB.

  • original-volume-type - The original volume type of the volume (standard | io1 | io2 | gp2 | sc1 | st1).

  • originalMultiAttachEnabled - Indicates whether Multi-Attach support was enabled (true | false).

  • start-time - The modification start time.

  • target-iops - The target IOPS rate of the volume.

  • target-size - The target size of the volume, in GiB.

  • target-volume-type - The target volume type of the volume (standard | io1 | io2 | gp2 | sc1 | st1).

  • targetMultiAttachEnabled - Indicates whether Multi-Attach support is to be enabled (true | false).

  • volume-id - The ID of the volume.

  • (dict) --

    A filter name and value pair that is used to return a more specific list of results from a describe operation. Filters can be used to match a set of resources by specific criteria, such as tags, attributes, or IDs.

    If you specify multiple filters, the filters are joined with an AND, and the request returns only results that match all of the specified filters.

    For more information, see List and filter using the CLI and API in the Amazon EC2 User Guide.

    • Name (string) --

      The name of the filter. Filter names are case-sensitive.

    • Values (list) --

      The filter values. Filter values are case-sensitive. If you specify multiple values for a filter, the values are joined with an OR, and the request returns all results that match any of the specified values.

      • (string) --

type NextToken:

string

param NextToken:

The token returned from a previous paginated request. Pagination continues from the end of the items returned by the previous request.

type MaxResults:

integer

param MaxResults:

The maximum number of results (up to a limit of 500) to be returned in a paginated request. For more information, see Pagination.

type IncludeManagedResources:

boolean

param IncludeManagedResources:

Indicates whether to include managed resources in the output. If this parameter is set to true, the output includes resources that are managed by Amazon Web Services services, even if managed resource visibility is set to hidden.

rtype:

dict

returns:

Response Syntax

{
    'NextToken': 'string',
    'VolumesModifications': [
        {
            'VolumeId': 'string',
            'ModificationState': 'modifying'|'optimizing'|'completed'|'failed',
            'StatusMessage': 'string',
            'TargetSize': 123,
            'TargetIops': 123,
            'TargetVolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
            'TargetThroughput': 123,
            'TargetMultiAttachEnabled': True|False,
            'OriginalSize': 123,
            'OriginalIops': 123,
            'OriginalVolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
            'OriginalThroughput': 123,
            'OriginalMultiAttachEnabled': True|False,
            'Progress': 123,
            'StartTime': datetime(2015, 1, 1),
            'EndTime': datetime(2015, 1, 1),
            'Operator': {
                'Managed': True|False,
                'Principal': 'string',
                'HiddenByDefault': True|False
            }
        },
    ]
}

Response Structure

  • (dict) --

    • NextToken (string) --

      The token to include in another request to get the next page of items. This value is null when there are no more items to return.

    • VolumesModifications (list) --

      Information about the volume modifications.

      • (dict) --

        Describes the modification status of an EBS volume.

        • VolumeId (string) --

          The ID of the volume.

        • ModificationState (string) --

          The current modification state.

        • StatusMessage (string) --

          A status message about the modification progress or failure.

        • TargetSize (integer) --

          The target size of the volume, in GiB.

        • TargetIops (integer) --

          The target IOPS rate of the volume.

        • TargetVolumeType (string) --

          The target EBS volume type of the volume.

        • TargetThroughput (integer) --

          The target throughput of the volume, in MiB/s.

        • TargetMultiAttachEnabled (boolean) --

          The target setting for Amazon EBS Multi-Attach.

        • OriginalSize (integer) --

          The original size of the volume, in GiB.

        • OriginalIops (integer) --

          The original IOPS rate of the volume.

        • OriginalVolumeType (string) --

          The original EBS volume type of the volume.

        • OriginalThroughput (integer) --

          The original throughput of the volume, in MiB/s.

        • OriginalMultiAttachEnabled (boolean) --

          The original setting for Amazon EBS Multi-Attach.

        • Progress (integer) --

          The modification progress, from 0 to 100 percent complete.

        • StartTime (datetime) --

          The modification start time.

        • EndTime (datetime) --

          The modification completion or failure time.

        • Operator (dict) --

          The service provider that manages the resource.

          • Managed (boolean) --

            If true, the resource is managed by a service provider.

          • Principal (string) --

            If managed is true, then the principal is returned. The principal is the service provider that manages the resource.

          • HiddenByDefault (boolean) --

            If true, the resource is hidden by default based on the managed resource visibility settings for the account.

ModifyVolume (updated) Link ¶
Changes (response)
{'VolumeModification': {'Operator': {'HiddenByDefault': 'boolean',
                                     'Managed': 'boolean',
                                     'Principal': 'string'}}}

You can modify several parameters of an existing EBS volume, including volume size, volume type, and IOPS capacity. If your EBS volume is attached to a current-generation EC2 instance type, you might be able to apply these changes without stopping the instance or detaching the volume from it. For more information about modifying EBS volumes, see Amazon EBS Elastic Volumes in the Amazon EBS User Guide.

When you complete a resize operation on your volume, you need to extend the volume's file-system size to take advantage of the new storage capacity. For more information, see Extend the file system.

For more information, see Monitor the progress of volume modifications in the Amazon EBS User Guide.

With previous-generation instance types, resizing an EBS volume might require detaching and reattaching the volume or stopping and restarting the instance.

After you initiate a volume modification, you must wait for that modification to reach the completed state before you can initiate another modification for the same volume. You can modify a volume up to four times within a rolling 24-hour period, as long as the volume is in the in-use or available state, and all previous modifications for that volume are completed. If you exceed this limit, you get an error message that indicates when you can perform your next modification.

See also: AWS API Documentation

Request Syntax

client.modify_volume(
    DryRun=True|False,
    VolumeId='string',
    Size=123,
    VolumeType='standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
    Iops=123,
    Throughput=123,
    MultiAttachEnabled=True|False
)
type DryRun:

boolean

param DryRun:

Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

type VolumeId:

string

param VolumeId:

[REQUIRED]

The ID of the volume.

type Size:

integer

param Size:

The target size of the volume, in GiB. The target volume size must be greater than or equal to the existing size of the volume.

The following are the supported volumes sizes for each volume type:

  • gp2: 1 - 16,384 GiB

  • gp3: 1 - 65,536 GiB

  • io1: 4 - 16,384 GiB

  • io2: 4 - 65,536 GiB

  • st1 and sc1: 125 - 16,384 GiB

  • standard: 1 - 1024 GiB

Default: The existing size is retained.

type VolumeType:

string

param VolumeType:

The target EBS volume type of the volume. For more information, see Amazon EBS volume types in the Amazon EBS User Guide.

Default: The existing type is retained.

type Iops:

integer

param Iops:

The target IOPS rate of the volume. This parameter is valid only for gp3, io1, and io2 volumes.

The following are the supported values for each volume type:

  • gp3: 3,000 - 80,000 IOPS

  • io1: 100 - 64,000 IOPS

  • io2: 100 - 256,000 IOPS

Default: The existing value is retained if you keep the same volume type. If you change the volume type to io1, io2, or gp3, the default is 3,000.

type Throughput:

integer

param Throughput:

The target throughput of the volume, in MiB/s. This parameter is valid only for gp3 volumes. The maximum value is 2,000.

Default: The existing value is retained if the source and target volume type is gp3. Otherwise, the default value is 125.

Valid Range: Minimum value of 125. Maximum value of 2,000.

type MultiAttachEnabled:

boolean

param MultiAttachEnabled:

Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, you can attach the volume to up to 16 Nitro-based instances in the same Availability Zone. This parameter is supported with io1 and io2 volumes only. For more information, see Amazon EBS Multi-Attach in the Amazon EBS User Guide.

rtype:

dict

returns:

Response Syntax

{
    'VolumeModification': {
        'VolumeId': 'string',
        'ModificationState': 'modifying'|'optimizing'|'completed'|'failed',
        'StatusMessage': 'string',
        'TargetSize': 123,
        'TargetIops': 123,
        'TargetVolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
        'TargetThroughput': 123,
        'TargetMultiAttachEnabled': True|False,
        'OriginalSize': 123,
        'OriginalIops': 123,
        'OriginalVolumeType': 'standard'|'io1'|'io2'|'gp2'|'sc1'|'st1'|'gp3',
        'OriginalThroughput': 123,
        'OriginalMultiAttachEnabled': True|False,
        'Progress': 123,
        'StartTime': datetime(2015, 1, 1),
        'EndTime': datetime(2015, 1, 1),
        'Operator': {
            'Managed': True|False,
            'Principal': 'string',
            'HiddenByDefault': True|False
        }
    }
}

Response Structure

  • (dict) --

    • VolumeModification (dict) --

      Information about the volume modification.

      • VolumeId (string) --

        The ID of the volume.

      • ModificationState (string) --

        The current modification state.

      • StatusMessage (string) --

        A status message about the modification progress or failure.

      • TargetSize (integer) --

        The target size of the volume, in GiB.

      • TargetIops (integer) --

        The target IOPS rate of the volume.

      • TargetVolumeType (string) --

        The target EBS volume type of the volume.

      • TargetThroughput (integer) --

        The target throughput of the volume, in MiB/s.

      • TargetMultiAttachEnabled (boolean) --

        The target setting for Amazon EBS Multi-Attach.

      • OriginalSize (integer) --

        The original size of the volume, in GiB.

      • OriginalIops (integer) --

        The original IOPS rate of the volume.

      • OriginalVolumeType (string) --

        The original EBS volume type of the volume.

      • OriginalThroughput (integer) --

        The original throughput of the volume, in MiB/s.

      • OriginalMultiAttachEnabled (boolean) --

        The original setting for Amazon EBS Multi-Attach.

      • Progress (integer) --

        The modification progress, from 0 to 100 percent complete.

      • StartTime (datetime) --

        The modification start time.

      • EndTime (datetime) --

        The modification completion or failure time.

      • Operator (dict) --

        The service provider that manages the resource.

        • Managed (boolean) --

          If true, the resource is managed by a service provider.

        • Principal (string) --

          If managed is true, then the principal is returned. The principal is the service provider that manages the resource.

        • HiddenByDefault (boolean) --

          If true, the resource is hidden by default based on the managed resource visibility settings for the account.