Class: Aws::EC2::Client

Inherits:
Seahorse::Client::Base
  • Object
show all
Includes:
ClientStubs
Defined in:
lib/aws-sdk-ec2/client.rb

Overview

An API client for EC2. To construct a client, you need to configure a ‘:region` and `:credentials`.

client = Aws::EC2::Client.new(
  region: region_name,
  credentials: credentials,
  # ...
)

For details on configuring region and credentials see the [developer guide](/sdk-for-ruby/v3/developer-guide/setup-config.html).

See #initialize for a full list of supported configuration options.

Class Attribute Summary collapse

API Operations collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(options) ⇒ Client

Returns a new instance of Client.

Parameters:

  • options (Hash)

Options Hash (options):

  • :credentials (required, Aws::CredentialProvider)

    Your AWS credentials. This can be an instance of any one of the following classes:

    • ‘Aws::Credentials` - Used for configuring static, non-refreshing credentials.

    • ‘Aws::SharedCredentials` - Used for loading static credentials from a shared file, such as `~/.aws/config`.

    • ‘Aws::AssumeRoleCredentials` - Used when you need to assume a role.

    • ‘Aws::AssumeRoleWebIdentityCredentials` - Used when you need to assume a role after providing credentials via the web.

    • ‘Aws::SSOCredentials` - Used for loading credentials from AWS SSO using an access token generated from `aws login`.

    • ‘Aws::ProcessCredentials` - Used for loading credentials from a process that outputs to stdout.

    • ‘Aws::InstanceProfileCredentials` - Used for loading credentials from an EC2 IMDS on an EC2 instance.

    • ‘Aws::ECSCredentials` - Used for loading credentials from instances running in ECS.

    • ‘Aws::CognitoIdentityCredentials` - Used for loading credentials from the Cognito Identity service.

    When ‘:credentials` are not configured directly, the following locations will be searched for credentials:

    • Aws.config`

    • The ‘:access_key_id`, `:secret_access_key`, and `:session_token` options.

    • ENV, ENV

    • ‘~/.aws/credentials`

    • ‘~/.aws/config`

    • EC2/ECS IMDS instance profile - When used by default, the timeouts are very aggressive. Construct and pass an instance of ‘Aws::InstanceProfileCredentails` or `Aws::ECSCredentials` to enable retries and extended timeouts. Instance profile credential fetching can be disabled by setting ENV to true.

  • :region (required, String)

    The AWS region to connect to. The configured ‘:region` is used to determine the service `:endpoint`. When not passed, a default `:region` is searched for in the following locations:

  • :access_key_id (String)
  • :active_endpoint_cache (Boolean) — default: false

    When set to ‘true`, a thread polling for endpoints will be running in the background every 60 secs (default). Defaults to `false`.

  • :adaptive_retry_wait_to_fill (Boolean) — default: true

    Used only in ‘adaptive` retry mode. When true, the request will sleep until there is sufficent client side capacity to retry the request. When false, the request will raise a `RetryCapacityNotAvailableError` and will not retry instead of sleeping.

  • :client_side_monitoring (Boolean) — default: false

    When ‘true`, client-side metrics will be collected for all API requests from this client.

  • :client_side_monitoring_client_id (String) — default: ""

    Allows you to provide an identifier for this client which will be attached to all generated client side metrics. Defaults to an empty string.

  • :client_side_monitoring_host (String) — default: "127.0.0.1"

    Allows you to specify the DNS hostname or IPv4 or IPv6 address that the client side monitoring agent is running on, where client metrics will be published via UDP.

  • :client_side_monitoring_port (Integer) — default: 31000

    Required for publishing client metrics. The port that the client side monitoring agent is running on, where client metrics will be published via UDP.

  • :client_side_monitoring_publisher (Aws::ClientSideMonitoring::Publisher) — default: Aws::ClientSideMonitoring::Publisher

    Allows you to provide a custom client-side monitoring publisher class. By default, will use the Client Side Monitoring Agent Publisher.

  • :convert_params (Boolean) — default: true

    When ‘true`, an attempt is made to coerce request parameters into the required types.

  • :correct_clock_skew (Boolean) — default: true

    Used only in ‘standard` and adaptive retry modes. Specifies whether to apply a clock skew correction and retry requests with skewed client clocks.

  • :defaults_mode (String) — default: "legacy"

    See DefaultsModeConfiguration for a list of the accepted modes and the configuration defaults that are included.

  • :disable_host_prefix_injection (Boolean) — default: false

    Set to true to disable SDK automatically adding host prefix to default service endpoint when available.

  • :disable_request_compression (Boolean) — default: false

    When set to ‘true’ the request body will not be compressed for supported operations.

  • :endpoint (String)

    The client endpoint is normally constructed from the ‘:region` option. You should only configure an `:endpoint` when connecting to test or custom endpoints. This should be a valid HTTP(S) URI.

  • :endpoint_cache_max_entries (Integer) — default: 1000

    Used for the maximum size limit of the LRU cache storing endpoints data for endpoint discovery enabled operations. Defaults to 1000.

  • :endpoint_cache_max_threads (Integer) — default: 10

    Used for the maximum threads in use for polling endpoints to be cached, defaults to 10.

  • :endpoint_cache_poll_interval (Integer) — default: 60

    When :endpoint_discovery and :active_endpoint_cache is enabled, Use this option to config the time interval in seconds for making requests fetching endpoints information. Defaults to 60 sec.

  • :endpoint_discovery (Boolean) — default: false

    When set to ‘true`, endpoint discovery will be enabled for operations when available.

  • :ignore_configured_endpoint_urls (Boolean)

    Setting to true disables use of endpoint URLs provided via environment variables and the shared configuration file.

  • :log_formatter (Aws::Log::Formatter) — default: Aws::Log::Formatter.default

    The log formatter.

  • :log_level (Symbol) — default: :info

    The log level to send messages to the ‘:logger` at.

  • :logger (Logger)

    The Logger instance to send log messages to. If this option is not set, logging will be disabled.

  • :max_attempts (Integer) — default: 3

    An integer representing the maximum number attempts that will be made for a single request, including the initial attempt. For example, setting this value to 5 will result in a request being retried up to 4 times. Used in ‘standard` and `adaptive` retry modes.

  • :profile (String) — default: "default"

    Used when loading credentials from the shared credentials file at HOME/.aws/credentials. When not specified, ‘default’ is used.

  • :request_min_compression_size_bytes (Integer) — default: 10240

    The minimum size in bytes that triggers compression for request bodies. The value must be non-negative integer value between 0 and 10485780 bytes inclusive.

  • :retry_backoff (Proc)

    A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay. This option is only used in the ‘legacy` retry mode.

  • :retry_base_delay (Float) — default: 0.3

    The base delay in seconds used by the default backoff function. This option is only used in the ‘legacy` retry mode.

  • :retry_jitter (Symbol) — default: :none

    A delay randomiser function used by the default backoff function. Some predefined functions can be referenced by name - :none, :equal, :full, otherwise a Proc that takes and returns a number. This option is only used in the ‘legacy` retry mode.

    @see www.awsarchitectureblog.com/2015/03/backoff.html

  • :retry_limit (Integer) — default: 3

    The maximum number of times to retry failed requests. Only ~ 500 level server errors and certain ~ 400 level client errors are retried. Generally, these are throttling errors, data checksum errors, networking errors, timeout errors, auth errors, endpoint discovery, and errors from expired credentials. This option is only used in the ‘legacy` retry mode.

  • :retry_max_delay (Integer) — default: 0

    The maximum number of seconds to delay between retries (0 for no limit) used by the default backoff function. This option is only used in the ‘legacy` retry mode.

  • :retry_mode (String) — default: "legacy"

    Specifies which retry algorithm to use. Values are:

    • ‘legacy` - The pre-existing retry behavior. This is default value if no retry mode is provided.

    • ‘standard` - A standardized set of retry rules across the AWS SDKs. This includes support for retry quotas, which limit the number of unsuccessful retries a client can make.

    • ‘adaptive` - An experimental retry mode that includes all the functionality of `standard` mode along with automatic client side throttling. This is a provisional mode that may change behavior in the future.

  • :sdk_ua_app_id (String)

    A unique and opaque application ID that is appended to the User-Agent header as app/<sdk_ua_app_id>. It should have a maximum length of 50.

  • :secret_access_key (String)
  • :session_token (String)
  • :stub_responses (Boolean) — default: false

    Causes the client to return stubbed responses. By default fake responses are generated and returned. You can specify the response data to return or errors to raise by calling ClientStubs#stub_responses. See ClientStubs for more information.

    ** Please note ** When response stubbing is enabled, no HTTP requests are made, and retries are disabled.

  • :token_provider (Aws::TokenProvider)

    A Bearer Token Provider. This can be an instance of any one of the following classes:

    • ‘Aws::StaticTokenProvider` - Used for configuring static, non-refreshing tokens.

    • ‘Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an access token generated from `aws login`.

    When ‘:token_provider` is not configured directly, the `Aws::TokenProviderChain` will be used to search for tokens configured for your profile in shared configuration files.

  • :use_dualstack_endpoint (Boolean)

    When set to ‘true`, dualstack enabled endpoints (with `.aws` TLD) will be used if available.

  • :use_fips_endpoint (Boolean)

    When set to ‘true`, fips compatible endpoints will be used if available. When a `fips` region is used, the region is normalized and this config is set to `true`.

  • :validate_params (Boolean) — default: true

    When ‘true`, request parameters are validated before sending the request.

  • :endpoint_provider (Aws::EC2::EndpointProvider)

    The endpoint provider used to resolve endpoints. Any object that responds to ‘#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::EC2::EndpointParameters`

  • :http_proxy (URI::HTTP, String)

    A proxy to send requests through. Formatted like ‘proxy.com:123’.

  • :http_open_timeout (Float) — default: 15

    The number of seconds to wait when opening a HTTP session before raising a ‘Timeout::Error`.

  • :http_read_timeout (Float) — default: 60

    The default number of seconds to wait for response data. This value can safely be set per-request on the session.

  • :http_idle_timeout (Float) — default: 5

    The number of seconds a connection is allowed to sit idle before it is considered stale. Stale connections are closed and removed from the pool before making a request.

  • :http_continue_timeout (Float) — default: 1

    The number of seconds to wait for a 100-continue response before sending the request body. This option has no effect unless the request has “Expect” header set to “100-continue”. Defaults to ‘nil` which disables this behaviour. This value can safely be set per request on the session.

  • :ssl_timeout (Float) — default: nil

    Sets the SSL timeout in seconds.

  • :http_wire_trace (Boolean) — default: false

    When ‘true`, HTTP debug output will be sent to the `:logger`.

  • :ssl_verify_peer (Boolean) — default: true

    When ‘true`, SSL peer certificates are verified when establishing a connection.

  • :ssl_ca_bundle (String)

    Full path to the SSL certificate authority bundle file that should be used when verifying peer certificates. If you do not pass ‘:ssl_ca_bundle` or `:ssl_ca_directory` the the system default will be used if available.

  • :ssl_ca_directory (String)

    Full path of the directory that contains the unbundled SSL certificate authority files for verifying peer certificates. If you do not pass ‘:ssl_ca_bundle` or `:ssl_ca_directory` the the system default will be used if available.



389
390
391
# File 'lib/aws-sdk-ec2/client.rb', line 389

def initialize(*args)
  super
end

Class Attribute Details

.identifierObject (readonly)

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



58803
58804
58805
# File 'lib/aws-sdk-ec2/client.rb', line 58803

def identifier
  @identifier
end

Class Method Details

.errors_moduleObject

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



58806
58807
58808
# File 'lib/aws-sdk-ec2/client.rb', line 58806

def errors_module
  Errors
end

Instance Method Details

#accept_address_transfer(params = {}) ⇒ Types::AcceptAddressTransferResult

Accepts an Elastic IP address transfer. For more information, see

Accept a transferred Elastic IP address][1

in the *Amazon Virtual

Private Cloud User Guide*.

[1]: docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#using-instance-addressing-eips-transfer-accept

Examples:

Request syntax with placeholder values


resp = client.accept_address_transfer({
  address: "String", # required
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
  dry_run: false,
})

Response structure


resp.address_transfer.public_ip #=> String
resp.address_transfer.allocation_id #=> String
resp.address_transfer. #=> String
resp.address_transfer.transfer_offer_expiration_timestamp #=> Time
resp.address_transfer.transfer_offer_accepted_timestamp #=> Time
resp.address_transfer.address_transfer_status #=> String, one of "pending", "disabled", "accepted"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :address (required, String)

    The Elastic IP address you are accepting for transfer.

  • :tag_specifications (Array<Types::TagSpecification>)

    ‘tag`:&lt;key&gt; - The key/value combination of a tag assigned to the resource. Use the tag key in the filter name and the tag value as the filter value. For example, to find all resources that have a tag with the key `Owner` and the value `TeamA`, specify `tag:Owner` for the filter name and `TeamA` for the filter value.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



454
455
456
457
# File 'lib/aws-sdk-ec2/client.rb', line 454

def accept_address_transfer(params = {}, options = {})
  req = build_request(:accept_address_transfer, params)
  req.send_request(options)
end

#accept_reserved_instances_exchange_quote(params = {}) ⇒ Types::AcceptReservedInstancesExchangeQuoteResult

Accepts the Convertible Reserved Instance exchange quote described in the GetReservedInstancesExchangeQuote call.

Examples:

Request syntax with placeholder values


resp = client.accept_reserved_instances_exchange_quote({
  dry_run: false,
  reserved_instance_ids: ["ReservationId"], # required
  target_configurations: [
    {
      instance_count: 1,
      offering_id: "ReservedInstancesOfferingId", # required
    },
  ],
})

Response structure


resp.exchange_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :reserved_instance_ids (required, Array<String>)

    The IDs of the Convertible Reserved Instances to exchange for another Convertible Reserved Instance of the same or higher value.

  • :target_configurations (Array<Types::TargetConfigurationRequest>)

    The configuration of the target Convertible Reserved Instance to exchange for your current Convertible Reserved Instances.

Returns:

See Also:



501
502
503
504
# File 'lib/aws-sdk-ec2/client.rb', line 501

def accept_reserved_instances_exchange_quote(params = {}, options = {})
  req = build_request(:accept_reserved_instances_exchange_quote, params)
  req.send_request(options)
end

#accept_transit_gateway_multicast_domain_associations(params = {}) ⇒ Types::AcceptTransitGatewayMulticastDomainAssociationsResult

Accepts a request to associate subnets with a transit gateway multicast domain.

Examples:

Request syntax with placeholder values


resp = client.accept_transit_gateway_multicast_domain_associations({
  transit_gateway_multicast_domain_id: "TransitGatewayMulticastDomainId",
  transit_gateway_attachment_id: "TransitGatewayAttachmentId",
  subnet_ids: ["String"],
  dry_run: false,
})

Response structure


resp.associations.transit_gateway_multicast_domain_id #=> String
resp.associations.transit_gateway_attachment_id #=> String
resp.associations.resource_id #=> String
resp.associations.resource_type #=> String, one of "vpc", "vpn", "direct-connect-gateway", "connect", "peering", "tgw-peering"
resp.associations.resource_owner_id #=> String
resp.associations.subnets #=> Array
resp.associations.subnets[0].subnet_id #=> String
resp.associations.subnets[0].state #=> String, one of "pendingAcceptance", "associating", "associated", "disassociating", "disassociated", "rejected", "failed"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :transit_gateway_multicast_domain_id (String)

    The ID of the transit gateway multicast domain.

  • :transit_gateway_attachment_id (String)

    The ID of the transit gateway attachment.

  • :subnet_ids (Array<String>)

    The IDs of the subnets to associate with the transit gateway multicast domain.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



553
554
555
556
# File 'lib/aws-sdk-ec2/client.rb', line 553

def accept_transit_gateway_multicast_domain_associations(params = {}, options = {})
  req = build_request(:accept_transit_gateway_multicast_domain_associations, params)
  req.send_request(options)
end

#accept_transit_gateway_peering_attachment(params = {}) ⇒ Types::AcceptTransitGatewayPeeringAttachmentResult

Accepts a transit gateway peering attachment request. The peering attachment must be in the ‘pendingAcceptance` state.

Examples:

Request syntax with placeholder values


resp = client.accept_transit_gateway_peering_attachment({
  transit_gateway_attachment_id: "TransitGatewayAttachmentId", # required
  dry_run: false,
})

Response structure


resp.transit_gateway_peering_attachment.transit_gateway_attachment_id #=> String
resp.transit_gateway_peering_attachment.accepter_transit_gateway_attachment_id #=> String
resp.transit_gateway_peering_attachment.requester_tgw_info.transit_gateway_id #=> String
resp.transit_gateway_peering_attachment.requester_tgw_info.core_network_id #=> String
resp.transit_gateway_peering_attachment.requester_tgw_info.owner_id #=> String
resp.transit_gateway_peering_attachment.requester_tgw_info.region #=> String
resp.transit_gateway_peering_attachment.accepter_tgw_info.transit_gateway_id #=> String
resp.transit_gateway_peering_attachment.accepter_tgw_info.core_network_id #=> String
resp.transit_gateway_peering_attachment.accepter_tgw_info.owner_id #=> String
resp.transit_gateway_peering_attachment.accepter_tgw_info.region #=> String
resp.transit_gateway_peering_attachment.options.dynamic_routing #=> String, one of "enable", "disable"
resp.transit_gateway_peering_attachment.status.code #=> String
resp.transit_gateway_peering_attachment.status.message #=> String
resp.transit_gateway_peering_attachment.state #=> String, one of "initiating", "initiatingRequest", "pendingAcceptance", "rollingBack", "pending", "available", "modifying", "deleting", "deleted", "failed", "rejected", "rejecting", "failing"
resp.transit_gateway_peering_attachment.creation_time #=> Time
resp.transit_gateway_peering_attachment.tags #=> Array
resp.transit_gateway_peering_attachment.tags[0].key #=> String
resp.transit_gateway_peering_attachment.tags[0].value #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :transit_gateway_attachment_id (required, String)

    The ID of the transit gateway attachment.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



606
607
608
609
# File 'lib/aws-sdk-ec2/client.rb', line 606

def accept_transit_gateway_peering_attachment(params = {}, options = {})
  req = build_request(:accept_transit_gateway_peering_attachment, params)
  req.send_request(options)
end

#accept_transit_gateway_vpc_attachment(params = {}) ⇒ Types::AcceptTransitGatewayVpcAttachmentResult

Accepts a request to attach a VPC to a transit gateway.

The VPC attachment must be in the ‘pendingAcceptance` state. Use DescribeTransitGatewayVpcAttachments to view your pending VPC attachment requests. Use RejectTransitGatewayVpcAttachment to reject a VPC attachment request.

Examples:

Request syntax with placeholder values


resp = client.accept_transit_gateway_vpc_attachment({
  transit_gateway_attachment_id: "TransitGatewayAttachmentId", # required
  dry_run: false,
})

Response structure


resp.transit_gateway_vpc_attachment.transit_gateway_attachment_id #=> String
resp.transit_gateway_vpc_attachment.transit_gateway_id #=> String
resp.transit_gateway_vpc_attachment.vpc_id #=> String
resp.transit_gateway_vpc_attachment.vpc_owner_id #=> String
resp.transit_gateway_vpc_attachment.state #=> String, one of "initiating", "initiatingRequest", "pendingAcceptance", "rollingBack", "pending", "available", "modifying", "deleting", "deleted", "failed", "rejected", "rejecting", "failing"
resp.transit_gateway_vpc_attachment.subnet_ids #=> Array
resp.transit_gateway_vpc_attachment.subnet_ids[0] #=> String
resp.transit_gateway_vpc_attachment.creation_time #=> Time
resp.transit_gateway_vpc_attachment.options.dns_support #=> String, one of "enable", "disable"
resp.transit_gateway_vpc_attachment.options.security_group_referencing_support #=> String, one of "enable", "disable"
resp.transit_gateway_vpc_attachment.options.ipv_6_support #=> String, one of "enable", "disable"
resp.transit_gateway_vpc_attachment.options.appliance_mode_support #=> String, one of "enable", "disable"
resp.transit_gateway_vpc_attachment.tags #=> Array
resp.transit_gateway_vpc_attachment.tags[0].key #=> String
resp.transit_gateway_vpc_attachment.tags[0].value #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :transit_gateway_attachment_id (required, String)

    The ID of the attachment.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



660
661
662
663
# File 'lib/aws-sdk-ec2/client.rb', line 660

def accept_transit_gateway_vpc_attachment(params = {}, options = {})
  req = build_request(:accept_transit_gateway_vpc_attachment, params)
  req.send_request(options)
end

#accept_vpc_endpoint_connections(params = {}) ⇒ Types::AcceptVpcEndpointConnectionsResult

Accepts connection requests to your VPC endpoint service.

Examples:

Request syntax with placeholder values


resp = client.accept_vpc_endpoint_connections({
  dry_run: false,
  service_id: "VpcEndpointServiceId", # required
  vpc_endpoint_ids: ["VpcEndpointId"], # required
})

Response structure


resp.unsuccessful #=> Array
resp.unsuccessful[0].error.code #=> String
resp.unsuccessful[0].error.message #=> String
resp.unsuccessful[0].resource_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :service_id (required, String)

    The ID of the VPC endpoint service.

  • :vpc_endpoint_ids (required, Array<String>)

    The IDs of the interface VPC endpoints.

Returns:

See Also:



702
703
704
705
# File 'lib/aws-sdk-ec2/client.rb', line 702

def accept_vpc_endpoint_connections(params = {}, options = {})
  req = build_request(:accept_vpc_endpoint_connections, params)
  req.send_request(options)
end

#accept_vpc_peering_connection(params = {}) ⇒ Types::AcceptVpcPeeringConnectionResult

Accept a VPC peering connection request. To accept a request, the VPC peering connection must be in the ‘pending-acceptance` state, and you must be the owner of the peer VPC. Use DescribeVpcPeeringConnections to view your outstanding VPC peering connection requests.

For an inter-Region VPC peering connection request, you must accept the VPC peering connection in the Region of the accepter VPC.

Examples:

Request syntax with placeholder values


resp = client.accept_vpc_peering_connection({
  dry_run: false,
  vpc_peering_connection_id: "VpcPeeringConnectionIdWithResolver", # required
})

Response structure


resp.vpc_peering_connection.accepter_vpc_info.cidr_block #=> String
resp.vpc_peering_connection.accepter_vpc_info.ipv_6_cidr_block_set #=> Array
resp.vpc_peering_connection.accepter_vpc_info.ipv_6_cidr_block_set[0].ipv_6_cidr_block #=> String
resp.vpc_peering_connection.accepter_vpc_info.cidr_block_set #=> Array
resp.vpc_peering_connection.accepter_vpc_info.cidr_block_set[0].cidr_block #=> String
resp.vpc_peering_connection.accepter_vpc_info.owner_id #=> String
resp.vpc_peering_connection.accepter_vpc_info.peering_options.allow_dns_resolution_from_remote_vpc #=> Boolean
resp.vpc_peering_connection.accepter_vpc_info.peering_options.allow_egress_from_local_classic_link_to_remote_vpc #=> Boolean
resp.vpc_peering_connection.accepter_vpc_info.peering_options.allow_egress_from_local_vpc_to_remote_classic_link #=> Boolean
resp.vpc_peering_connection.accepter_vpc_info.vpc_id #=> String
resp.vpc_peering_connection.accepter_vpc_info.region #=> String
resp.vpc_peering_connection.expiration_time #=> Time
resp.vpc_peering_connection.requester_vpc_info.cidr_block #=> String
resp.vpc_peering_connection.requester_vpc_info.ipv_6_cidr_block_set #=> Array
resp.vpc_peering_connection.requester_vpc_info.ipv_6_cidr_block_set[0].ipv_6_cidr_block #=> String
resp.vpc_peering_connection.requester_vpc_info.cidr_block_set #=> Array
resp.vpc_peering_connection.requester_vpc_info.cidr_block_set[0].cidr_block #=> String
resp.vpc_peering_connection.requester_vpc_info.owner_id #=> String
resp.vpc_peering_connection.requester_vpc_info.peering_options.allow_dns_resolution_from_remote_vpc #=> Boolean
resp.vpc_peering_connection.requester_vpc_info.peering_options.allow_egress_from_local_classic_link_to_remote_vpc #=> Boolean
resp.vpc_peering_connection.requester_vpc_info.peering_options.allow_egress_from_local_vpc_to_remote_classic_link #=> Boolean
resp.vpc_peering_connection.requester_vpc_info.vpc_id #=> String
resp.vpc_peering_connection.requester_vpc_info.region #=> String
resp.vpc_peering_connection.status.code #=> String, one of "initiating-request", "pending-acceptance", "active", "deleted", "rejected", "failed", "expired", "provisioning", "deleting"
resp.vpc_peering_connection.status.message #=> String
resp.vpc_peering_connection.tags #=> Array
resp.vpc_peering_connection.tags[0].key #=> String
resp.vpc_peering_connection.tags[0].value #=> String
resp.vpc_peering_connection.vpc_peering_connection_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :vpc_peering_connection_id (required, String)

    The ID of the VPC peering connection. You must specify this parameter in the request.

Returns:

See Also:



772
773
774
775
# File 'lib/aws-sdk-ec2/client.rb', line 772

def accept_vpc_peering_connection(params = {}, options = {})
  req = build_request(:accept_vpc_peering_connection, params)
  req.send_request(options)
end

Advertises an IPv4 or IPv6 address range that is provisioned for use with your Amazon Web Services resources through bring your own IP addresses (BYOIP).

You can perform this operation at most once every 10 seconds, even if you specify different address ranges each time.

We recommend that you stop advertising the BYOIP CIDR from other locations when you advertise it from Amazon Web Services. To minimize down time, you can configure your Amazon Web Services resources to use an address from a BYOIP CIDR before it is advertised, and then simultaneously stop advertising it from the current location and start advertising it through Amazon Web Services.

It can take a few minutes before traffic to the specified addresses starts routing to Amazon Web Services because of BGP propagation delays.

To stop advertising the BYOIP CIDR, use WithdrawByoipCidr.

Examples:

Request syntax with placeholder values


resp = client.advertise_byoip_cidr({
  cidr: "String", # required
  asn: "String",
  dry_run: false,
})

Response structure


resp.byoip_cidr.cidr #=> String
resp.byoip_cidr.description #=> String
resp.byoip_cidr.asn_associations #=> Array
resp.byoip_cidr.asn_associations[0].asn #=> String
resp.byoip_cidr.asn_associations[0].cidr #=> String
resp.byoip_cidr.asn_associations[0].status_message #=> String
resp.byoip_cidr.asn_associations[0].state #=> String, one of "disassociated", "failed-disassociation", "failed-association", "pending-disassociation", "pending-association", "associated"
resp.byoip_cidr.status_message #=> String
resp.byoip_cidr.state #=> String, one of "advertised", "deprovisioned", "failed-deprovision", "failed-provision", "pending-deprovision", "pending-provision", "provisioned", "provisioned-not-publicly-advertisable"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :cidr (required, String)

    The address range, in CIDR notation. This must be the exact range that you provisioned. You can’t advertise only a portion of the provisioned range.

  • :asn (String)

    The public 2-byte or 4-byte ASN that you want to advertise.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



839
840
841
842
# File 'lib/aws-sdk-ec2/client.rb', line 839

def advertise_byoip_cidr(params = {}, options = {})
  req = build_request(:advertise_byoip_cidr, params)
  req.send_request(options)
end

#allocate_address(params = {}) ⇒ Types::AllocateAddressResult

Allocates an Elastic IP address to your Amazon Web Services account. After you allocate the Elastic IP address you can associate it with an instance or network interface. After you release an Elastic IP address, it is released to the IP address pool and can be allocated to a different Amazon Web Services account.

You can allocate an Elastic IP address from an address pool owned by Amazon Web Services or from an address pool created from a public IPv4 address range that you have brought to Amazon Web Services for use with your Amazon Web Services resources using bring your own IP addresses (BYOIP). For more information, see [Bring Your Own IP Addresses (BYOIP)] in the *Amazon Elastic Compute Cloud User Guide*.

If you release an Elastic IP address, you might be able to recover it. You cannot recover an Elastic IP address that you released after it is allocated to another Amazon Web Services account. To attempt to recover an Elastic IP address that you released, specify it in this operation.

For more information, see [Elastic IP Addresses] in the *Amazon Elastic Compute Cloud User Guide*.

You can allocate a carrier IP address which is a public IP address from a telecommunication carrier, to a network interface which resides in a subnet in a Wavelength Zone (for example an EC2 instance).

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html [2]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html

Examples:

Example: To allocate an Elastic IP address


# This example allocates an Elastic IP address.

resp = client.allocate_address({
})

resp.to_h outputs the following:
{
  allocation_id: "eipalloc-64d5890a", 
  domain: "vpc", 
  network_border_group: "us-east-1", 
  public_ip: "203.0.113.0", 
  public_ipv_4_pool: "amazon", 
}

Request syntax with placeholder values


resp = client.allocate_address({
  domain: "vpc", # accepts vpc, standard
  address: "PublicIpAddress",
  public_ipv_4_pool: "Ipv4PoolEc2Id",
  network_border_group: "String",
  customer_owned_ipv_4_pool: "String",
  dry_run: false,
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
})

Response structure


resp.public_ip #=> String
resp.allocation_id #=> String
resp.public_ipv_4_pool #=> String
resp.network_border_group #=> String
resp.domain #=> String, one of "vpc", "standard"
resp.customer_owned_ip #=> String
resp.customer_owned_ipv_4_pool #=> String
resp.carrier_ip #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :domain (String)

    The network (‘vpc`).

  • :address (String)

    The Elastic IP address to recover or an IPv4 address from an address pool.

  • :public_ipv_4_pool (String)

    The ID of an address pool that you own. Use this parameter to let Amazon EC2 select an address from the address pool. To specify a specific address from the address pool, use the ‘Address` parameter instead.

  • :network_border_group (String)

    A unique set of Availability Zones, Local Zones, or Wavelength Zones from which Amazon Web Services advertises IP addresses. Use this parameter to limit the IP address to this location. IP addresses cannot move between network border groups.

    Use [DescribeAvailabilityZones] to view the network border groups.

    [1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html

  • :customer_owned_ipv_4_pool (String)

    The ID of a customer-owned address pool. Use this parameter to let Amazon EC2 select an address from the address pool. Alternatively, specify a specific address from the address pool.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :tag_specifications (Array<Types::TagSpecification>)

    The tags to assign to the Elastic IP address.

Returns:

See Also:



980
981
982
983
# File 'lib/aws-sdk-ec2/client.rb', line 980

def allocate_address(params = {}, options = {})
  req = build_request(:allocate_address, params)
  req.send_request(options)
end

#allocate_hosts(params = {}) ⇒ Types::AllocateHostsResult

Allocates a Dedicated Host to your account. At a minimum, specify the supported instance type or instance family, the Availability Zone in which to allocate the host, and the number of hosts to allocate.

Examples:

Request syntax with placeholder values


resp = client.allocate_hosts({
  auto_placement: "on", # accepts on, off
  availability_zone: "String", # required
  client_token: "String",
  instance_type: "String",
  instance_family: "String",
  quantity: 1,
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
  host_recovery: "on", # accepts on, off
  outpost_arn: "String",
  host_maintenance: "on", # accepts on, off
  asset_ids: ["AssetId"],
})

Response structure


resp.host_ids #=> Array
resp.host_ids[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :auto_placement (String)

    Indicates whether the host accepts any untargeted instance launches that match its instance type configuration, or if it only accepts Host tenancy instance launches that specify its unique host ID. For more information, see [ Understanding auto-placement and affinity] in the *Amazon EC2 User Guide*.

    Default: ‘on`

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-understanding

  • :availability_zone (required, String)

    The Availability Zone in which to allocate the Dedicated Host.

  • :client_token (String)

    Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see [Ensuring Idempotency].

    [1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html

  • :instance_type (String)

    Specifies the instance type to be supported by the Dedicated Hosts. If you specify an instance type, the Dedicated Hosts support instances of the specified instance type only.

    If you want the Dedicated Hosts to support multiple instance types in a specific instance family, omit this parameter and specify InstanceFamily instead. You cannot specify InstanceType and InstanceFamily in the same request.

  • :instance_family (String)

    Specifies the instance family to be supported by the Dedicated Hosts. If you specify an instance family, the Dedicated Hosts support multiple instance types within that instance family.

    If you want the Dedicated Hosts to support a specific instance type only, omit this parameter and specify InstanceType instead. You cannot specify InstanceFamily and InstanceType in the same request.

  • :quantity (Integer)

    The number of Dedicated Hosts to allocate to your account with these parameters. If you are allocating the Dedicated Hosts on an Outpost, and you specify AssetIds, you can omit this parameter. In this case, Amazon EC2 allocates a Dedicated Host on each specified hardware asset. If you specify both AssetIds and Quantity, then the value that you specify for Quantity must be equal to the number of asset IDs specified.

  • :tag_specifications (Array<Types::TagSpecification>)

    The tags to apply to the Dedicated Host during creation.

  • :host_recovery (String)

    Indicates whether to enable or disable host recovery for the Dedicated Host. Host recovery is disabled by default. For more information, see

    Host recovery][1

    in the *Amazon EC2 User Guide*.

    Default: ‘off`

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html

  • :outpost_arn (String)

    The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which to allocate the Dedicated Host. If you specify OutpostArn, you can optionally specify AssetIds.

    If you are allocating the Dedicated Host in a Region, omit this parameter.

  • :host_maintenance (String)

    Indicates whether to enable or disable host maintenance for the Dedicated Host. For more information, see [Host maintenance] in the *Amazon EC2 User Guide*.

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-maintenance.html

  • :asset_ids (Array<String>)

    The IDs of the Outpost hardware assets on which to allocate the Dedicated Hosts. Targeting specific hardware assets on an Outpost can help to minimize latency between your workloads. This parameter is supported only if you specify OutpostArn. If you are allocating the Dedicated Hosts in a Region, omit this parameter.

    • If you specify this parameter, you can omit Quantity. In this case, Amazon EC2 allocates a Dedicated Host on each specified hardware asset.

    • If you specify both AssetIds and Quantity, then the value for Quantity must be equal to the number of asset IDs specified.

Returns:

See Also:



1127
1128
1129
1130
# File 'lib/aws-sdk-ec2/client.rb', line 1127

def allocate_hosts(params = {}, options = {})
  req = build_request(:allocate_hosts, params)
  req.send_request(options)
end

#allocate_ipam_pool_cidr(params = {}) ⇒ Types::AllocateIpamPoolCidrResult

Allocate a CIDR from an IPAM pool. The Region you use should be the IPAM pool locale. The locale is the Amazon Web Services Region where this IPAM pool is available for allocations.

In IPAM, an allocation is a CIDR assignment from an IPAM pool to another IPAM pool or to a resource. For more information, see

Allocate CIDRs][1

in the *Amazon VPC IPAM User Guide*.

<note markdown=“1”> This action creates an allocation with strong consistency. The returned CIDR will not overlap with any other allocations from the same pool.

</note>

[1]: docs.aws.amazon.com/vpc/latest/ipam/allocate-cidrs-ipam.html

Examples:

Request syntax with placeholder values


resp = client.allocate_ipam_pool_cidr({
  dry_run: false,
  ipam_pool_id: "IpamPoolId", # required
  cidr: "String",
  netmask_length: 1,
  client_token: "String",
  description: "String",
  preview_next_cidr: false,
  allowed_cidrs: ["String"],
  disallowed_cidrs: ["String"],
})

Response structure


resp.ipam_pool_allocation.cidr #=> String
resp.ipam_pool_allocation.ipam_pool_allocation_id #=> String
resp.ipam_pool_allocation.description #=> String
resp.ipam_pool_allocation.resource_id #=> String
resp.ipam_pool_allocation.resource_type #=> String, one of "ipam-pool", "vpc", "ec2-public-ipv4-pool", "custom", "subnet"
resp.ipam_pool_allocation.resource_region #=> String
resp.ipam_pool_allocation.resource_owner #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :ipam_pool_id (required, String)

    The ID of the IPAM pool from which you would like to allocate a CIDR.

  • :cidr (String)

    The CIDR you would like to allocate from the IPAM pool. Note the following:

    • If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.

    • If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.

    Possible values: Any available IPv4 or IPv6 CIDR.

  • :netmask_length (Integer)

    The netmask length of the CIDR you would like to allocate from the IPAM pool. Note the following:

    • If there is no DefaultNetmaskLength allocation rule set on the pool, you must specify either the NetmaskLength or the CIDR.

    • If the DefaultNetmaskLength allocation rule is set on the pool, you can specify either the NetmaskLength or the CIDR and the DefaultNetmaskLength allocation rule will be ignored.

    Possible netmask lengths for IPv4 addresses are 0 - 32. Possible netmask lengths for IPv6 addresses are 0 - 128.

  • :client_token (String)

    A unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see [Ensuring Idempotency].

    **A suitable default value is auto-generated.** You should normally not need to pass this option.**

    [1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html

  • :description (String)

    A description for the allocation.

  • :preview_next_cidr (Boolean)

    A preview of the next available CIDR in a pool.

  • :allowed_cidrs (Array<String>)

    Include a particular CIDR range that can be returned by the pool. Allowed CIDRs are only allowed if using netmask length for allocation.

  • :disallowed_cidrs (Array<String>)

    Exclude a particular CIDR range from being returned by the pool. Disallowed CIDRs are only allowed if using netmask length for allocation.

Returns:

See Also:



1245
1246
1247
1248
# File 'lib/aws-sdk-ec2/client.rb', line 1245

def allocate_ipam_pool_cidr(params = {}, options = {})
  req = build_request(:allocate_ipam_pool_cidr, params)
  req.send_request(options)
end

#apply_security_groups_to_client_vpn_target_network(params = {}) ⇒ Types::ApplySecurityGroupsToClientVpnTargetNetworkResult

Applies a security group to the association between the target network and the Client VPN endpoint. This action replaces the existing security groups with the specified security groups.

Examples:

Request syntax with placeholder values


resp = client.apply_security_groups_to_client_vpn_target_network({
  client_vpn_endpoint_id: "ClientVpnEndpointId", # required
  vpc_id: "VpcId", # required
  security_group_ids: ["SecurityGroupId"], # required
  dry_run: false,
})

Response structure


resp.security_group_ids #=> Array
resp.security_group_ids[0] #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_vpn_endpoint_id (required, String)

    The ID of the Client VPN endpoint.

  • :vpc_id (required, String)

    The ID of the VPC in which the associated target network is located.

  • :security_group_ids (required, Array<String>)

    The IDs of the security groups to apply to the associated target network. Up to 5 security groups can be applied to an associated target network.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



1293
1294
1295
1296
# File 'lib/aws-sdk-ec2/client.rb', line 1293

def apply_security_groups_to_client_vpn_target_network(params = {}, options = {})
  req = build_request(:apply_security_groups_to_client_vpn_target_network, params)
  req.send_request(options)
end

#assign_ipv_6_addresses(params = {}) ⇒ Types::AssignIpv6AddressesResult

Assigns one or more IPv6 addresses to the specified network interface. You can specify one or more specific IPv6 addresses, or you can specify the number of IPv6 addresses to be automatically assigned from within the subnet’s IPv6 CIDR block range. You can assign as many IPv6 addresses to a network interface as you can assign private IPv4 addresses, and the limit varies per instance type. For information, see [IP Addresses Per Network Interface Per Instance Type] in the *Amazon Elastic Compute Cloud User Guide*.

You must specify either the IPv6 addresses or the IPv6 address count in the request.

You can optionally use Prefix Delegation on the network interface. You must specify either the IPV6 Prefix Delegation prefixes, or the IPv6 Prefix Delegation count. For information, see [ Assigning prefixes to Amazon EC2 network interfaces] in the *Amazon Elastic Compute Cloud User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-eni.html#AvailableIpPerENI [2]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html

Examples:

Request syntax with placeholder values


resp = client.assign_ipv_6_addresses({
  ipv_6_address_count: 1,
  ipv_6_addresses: ["String"],
  ipv_6_prefix_count: 1,
  ipv_6_prefixes: ["String"],
  network_interface_id: "NetworkInterfaceId", # required
})

Response structure


resp.assigned_ipv_6_addresses #=> Array
resp.assigned_ipv_6_addresses[0] #=> String
resp.assigned_ipv_6_prefixes #=> Array
resp.assigned_ipv_6_prefixes[0] #=> String
resp.network_interface_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :ipv_6_address_count (Integer)

    The number of additional IPv6 addresses to assign to the network interface. The specified number of IPv6 addresses are assigned in addition to the existing IPv6 addresses that are already assigned to the network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can’t use this option if specifying specific IPv6 addresses.

  • :ipv_6_addresses (Array<String>)

    The IPv6 addresses to be assigned to the network interface. You can’t use this option if you’re specifying a number of IPv6 addresses.

  • :ipv_6_prefix_count (Integer)

    The number of IPv6 prefixes that Amazon Web Services automatically assigns to the network interface. You cannot use this option if you use the ‘Ipv6Prefixes` option.

  • :ipv_6_prefixes (Array<String>)

    One or more IPv6 prefixes assigned to the network interface. You cannot use this option if you use the ‘Ipv6PrefixCount` option.

  • :network_interface_id (required, String)

    The ID of the network interface.

Returns:

See Also:



1373
1374
1375
1376
# File 'lib/aws-sdk-ec2/client.rb', line 1373

def assign_ipv_6_addresses(params = {}, options = {})
  req = build_request(:assign_ipv_6_addresses, params)
  req.send_request(options)
end

#assign_private_ip_addresses(params = {}) ⇒ Types::AssignPrivateIpAddressesResult

Assigns one or more secondary private IP addresses to the specified network interface.

You can specify one or more specific secondary IP addresses, or you can specify the number of secondary IP addresses to be automatically assigned within the subnet’s CIDR block range. The number of secondary IP addresses that you can assign to an instance varies by instance type. For information about instance types, see [Instance Types] in the *Amazon Elastic Compute Cloud User Guide*. For more information about Elastic IP addresses, see [Elastic IP Addresses] in the *Amazon Elastic Compute Cloud User Guide*.

When you move a secondary private IP address to another network interface, any Elastic IP address that is associated with the IP address is also moved.

Remapping an IP address is an asynchronous operation. When you move an IP address from one network interface to another, check ‘network/interfaces/macs/mac/local-ipv4s` in the instance metadata to confirm that the remapping is complete.

You must specify either the IP addresses or the IP address count in the request.

You can optionally use Prefix Delegation on the network interface. You must specify either the IPv4 Prefix Delegation prefixes, or the IPv4 Prefix Delegation count. For information, see [ Assigning prefixes to Amazon EC2 network interfaces] in the *Amazon Elastic Compute Cloud User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html [2]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html [3]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html

Examples:

Example: To assign a specific secondary private IP address to an interface


# This example assigns the specified secondary private IP address to the specified network interface.

resp = client.assign_private_ip_addresses({
  network_interface_id: "eni-e5aa89a3", 
  private_ip_addresses: [
    "10.0.0.82", 
  ], 
})

Example: To assign secondary private IP addresses that Amazon EC2 selects to an interface


# This example assigns two secondary private IP addresses to the specified network interface. Amazon EC2 automatically
# assigns these IP addresses from the available IP addresses in the CIDR block range of the subnet the network interface
# is associated with.

resp = client.assign_private_ip_addresses({
  network_interface_id: "eni-e5aa89a3", 
  secondary_private_ip_address_count: 2, 
})

Request syntax with placeholder values


resp = client.assign_private_ip_addresses({
  allow_reassignment: false,
  network_interface_id: "NetworkInterfaceId", # required
  private_ip_addresses: ["String"],
  secondary_private_ip_address_count: 1,
  ipv_4_prefixes: ["String"],
  ipv_4_prefix_count: 1,
})

Response structure


resp.network_interface_id #=> String
resp.assigned_private_ip_addresses #=> Array
resp.assigned_private_ip_addresses[0].private_ip_address #=> String
resp.assigned_ipv_4_prefixes #=> Array
resp.assigned_ipv_4_prefixes[0].ipv_4_prefix #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :allow_reassignment (Boolean)

    Indicates whether to allow an IP address that is already assigned to another network interface or instance to be reassigned to the specified network interface.

  • :network_interface_id (required, String)

    The ID of the network interface.

  • :private_ip_addresses (Array<String>)

    The IP addresses to be assigned as a secondary private IP address to the network interface. You can’t specify this parameter when also specifying a number of secondary IP addresses.

    If you don’t specify an IP address, Amazon EC2 automatically selects an IP address within the subnet range.

  • :secondary_private_ip_address_count (Integer)

    The number of secondary IP addresses to assign to the network interface. You can’t specify this parameter when also specifying private IP addresses.

  • :ipv_4_prefixes (Array<String>)

    One or more IPv4 prefixes assigned to the network interface. You cannot use this option if you use the ‘Ipv4PrefixCount` option.

  • :ipv_4_prefix_count (Integer)

    The number of IPv4 prefixes that Amazon Web Services automatically assigns to the network interface. You cannot use this option if you use the ‘Ipv4 Prefixes` option.

Returns:

See Also:



1496
1497
1498
1499
# File 'lib/aws-sdk-ec2/client.rb', line 1496

def assign_private_ip_addresses(params = {}, options = {})
  req = build_request(:assign_private_ip_addresses, params)
  req.send_request(options)
end

#assign_private_nat_gateway_address(params = {}) ⇒ Types::AssignPrivateNatGatewayAddressResult

Assigns one or more private IPv4 addresses to a private NAT gateway. For more information, see [Work with NAT gateways] in the *Amazon VPC User Guide*.

[1]: docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-working-with

Examples:

Request syntax with placeholder values


resp = client.assign_private_nat_gateway_address({
  nat_gateway_id: "NatGatewayId", # required
  private_ip_addresses: ["String"],
  private_ip_address_count: 1,
  dry_run: false,
})

Response structure


resp.nat_gateway_id #=> String
resp.nat_gateway_addresses #=> Array
resp.nat_gateway_addresses[0].allocation_id #=> String
resp.nat_gateway_addresses[0].network_interface_id #=> String
resp.nat_gateway_addresses[0].private_ip #=> String
resp.nat_gateway_addresses[0].public_ip #=> String
resp.nat_gateway_addresses[0].association_id #=> String
resp.nat_gateway_addresses[0].is_primary #=> Boolean
resp.nat_gateway_addresses[0].failure_message #=> String
resp.nat_gateway_addresses[0].status #=> String, one of "assigning", "unassigning", "associating", "disassociating", "succeeded", "failed"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :nat_gateway_id (required, String)

    The ID of the NAT gateway.

  • :private_ip_addresses (Array<String>)

    The private IPv4 addresses you want to assign to the private NAT gateway.

  • :private_ip_address_count (Integer)

    The number of private IP addresses to assign to the NAT gateway. You can’t specify this parameter when also specifying private IP addresses.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



1558
1559
1560
1561
# File 'lib/aws-sdk-ec2/client.rb', line 1558

def assign_private_nat_gateway_address(params = {}, options = {})
  req = build_request(:assign_private_nat_gateway_address, params)
  req.send_request(options)
end

#associate_address(params = {}) ⇒ Types::AssociateAddressResult

Associates an Elastic IP address, or carrier IP address (for instances that are in subnets in Wavelength Zones) with an instance or a network interface. Before you can use an Elastic IP address, you must allocate it to your account.

If the Elastic IP address is already associated with a different instance, it is disassociated from that instance and associated with the specified instance. If you associate an Elastic IP address with an instance that has an existing Elastic IP address, the existing address is disassociated from the instance, but remains allocated to your account.

[Subnets in Wavelength Zones] You can associate an IP address from the telecommunication carrier to the instance or network interface.

You cannot associate an Elastic IP address with an interface in a different network border group.

This is an idempotent operation. If you perform the operation more than once, Amazon EC2 doesn’t return an error, and you may be charged for each time the Elastic IP address is remapped to the same instance. For more information, see the *Elastic IP Addresses* section of [Amazon EC2 Pricing].

[1]: aws.amazon.com/ec2/pricing/

Examples:

Example: To associate an Elastic IP address


# This example associates the specified Elastic IP address with the specified instance.

resp = client.associate_address({
  allocation_id: "eipalloc-64d5890a", 
  instance_id: "i-0b263919b6498b123", 
})

resp.to_h outputs the following:
{
  association_id: "eipassoc-2bebb745", 
}

Example: To associate an Elastic IP address with a network interface


# This example associates the specified Elastic IP address with the specified network interface.

resp = client.associate_address({
  allocation_id: "eipalloc-64d5890a", 
  network_interface_id: "eni-1a2b3c4d", 
})

resp.to_h outputs the following:
{
  association_id: "eipassoc-2bebb745", 
}

Request syntax with placeholder values


resp = client.associate_address({
  allocation_id: "AllocationId",
  instance_id: "InstanceId",
  public_ip: "EipAllocationPublicIp",
  allow_reassociation: false,
  dry_run: false,
  network_interface_id: "NetworkInterfaceId",
  private_ip_address: "String",
})

Response structure


resp.association_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :allocation_id (String)

    The allocation ID. This is required.

  • :instance_id (String)

    The ID of the instance. The instance must have exactly one attached network interface. You can specify either the instance ID or the network interface ID, but not both.

  • :public_ip (String)

    Deprecated.

  • :allow_reassociation (Boolean)

    Reassociation is automatic, but you can specify false to ensure the operation fails if the Elastic IP address is already associated with another resource.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :network_interface_id (String)

    The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.

    You can specify either the instance ID or the network interface ID, but not both.

  • :private_ip_address (String)

    The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.

Returns:

See Also:



1678
1679
1680
1681
# File 'lib/aws-sdk-ec2/client.rb', line 1678

def associate_address(params = {}, options = {})
  req = build_request(:associate_address, params)
  req.send_request(options)
end

#associate_client_vpn_target_network(params = {}) ⇒ Types::AssociateClientVpnTargetNetworkResult

Associates a target network with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. You can associate only one subnet in each Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy.

If you specified a VPC when you created the Client VPN endpoint or if you have previous subnet associations, the specified subnet must be in the same VPC. To specify a subnet that’s in a different VPC, you must first modify the Client VPN endpoint (ModifyClientVpnEndpoint) and change the VPC that’s associated with it.

Examples:

Request syntax with placeholder values


resp = client.associate_client_vpn_target_network({
  client_vpn_endpoint_id: "ClientVpnEndpointId", # required
  subnet_id: "SubnetId", # required
  client_token: "String",
  dry_run: false,
})

Response structure


resp.association_id #=> String
resp.status.code #=> String, one of "associating", "associated", "association-failed", "disassociating", "disassociated"
resp.status.message #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_vpn_endpoint_id (required, String)

    The ID of the Client VPN endpoint.

  • :subnet_id (required, String)

    The ID of the subnet to associate with the Client VPN endpoint.

  • :client_token (String)

    Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see [How to ensure idempotency].

    **A suitable default value is auto-generated.** You should normally not need to pass this option.**

    [1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



1743
1744
1745
1746
# File 'lib/aws-sdk-ec2/client.rb', line 1743

def associate_client_vpn_target_network(params = {}, options = {})
  req = build_request(:associate_client_vpn_target_network, params)
  req.send_request(options)
end

#associate_dhcp_options(params = {}) ⇒ Struct

Associates a set of DHCP options (that you’ve previously created) with the specified VPC, or associates no DHCP options with the VPC.

After you associate the options with the VPC, any existing instances and all new instances that you launch in that VPC use the options. You don’t need to restart or relaunch the instances. They automatically pick up the changes within a few hours, depending on how frequently the instance renews its DHCP lease. You can explicitly renew the lease using the operating system on the instance.

For more information, see [DHCP options sets] in the *Amazon VPC User Guide*.

[1]: docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html

Examples:

Example: To associate a DHCP options set with a VPC


# This example associates the specified DHCP options set with the specified VPC.

resp = client.associate_dhcp_options({
  dhcp_options_id: "dopt-d9070ebb", 
  vpc_id: "vpc-a01106c2", 
})

Example: To associate the default DHCP options set with a VPC


# This example associates the default DHCP options set with the specified VPC.

resp = client.associate_dhcp_options({
  dhcp_options_id: "default", 
  vpc_id: "vpc-a01106c2", 
})

Request syntax with placeholder values


resp = client.associate_dhcp_options({
  dhcp_options_id: "DefaultingDhcpOptionsId", # required
  vpc_id: "VpcId", # required
  dry_run: false,
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dhcp_options_id (required, String)

    The ID of the DHCP options set, or ‘default` to associate no DHCP options with the VPC.

  • :vpc_id (required, String)

    The ID of the VPC.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



1811
1812
1813
1814
# File 'lib/aws-sdk-ec2/client.rb', line 1811

def associate_dhcp_options(params = {}, options = {})
  req = build_request(:associate_dhcp_options, params)
  req.send_request(options)
end

#associate_enclave_certificate_iam_role(params = {}) ⇒ Types::AssociateEnclaveCertificateIamRoleResult

Associates an Identity and Access Management (IAM) role with an Certificate Manager (ACM) certificate. This enables the certificate to be used by the ACM for Nitro Enclaves application inside an enclave. For more information, see [Certificate Manager for Nitro Enclaves] in the *Amazon Web Services Nitro Enclaves User Guide*.

When the IAM role is associated with the ACM certificate, the certificate, certificate chain, and encrypted private key are placed in an Amazon S3 location that only the associated IAM role can access. The private key of the certificate is encrypted with an Amazon Web Services managed key that has an attached attestation-based key policy.

To enable the IAM role to access the Amazon S3 object, you must grant it permission to call ‘s3:GetObject` on the Amazon S3 bucket returned by the command. To enable the IAM role to access the KMS key, you must grant it permission to call `kms:Decrypt` on the KMS key returned by the command. For more information, see [ Grant the role permission to access the certificate and encryption key] in the *Amazon Web Services Nitro Enclaves User Guide*.

[1]: docs.aws.amazon.com/enclaves/latest/user/nitro-enclave-refapp.html [2]: docs.aws.amazon.com/enclaves/latest/user/nitro-enclave-refapp.html#add-policy

Examples:

Request syntax with placeholder values


resp = client.associate_enclave_certificate_iam_role({
  certificate_arn: "CertificateId", # required
  role_arn: "RoleId", # required
  dry_run: false,
})

Response structure


resp.certificate_s3_bucket_name #=> String
resp.certificate_s3_object_key #=> String
resp.encryption_kms_key_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :certificate_arn (required, String)

    The ARN of the ACM certificate with which to associate the IAM role.

  • :role_arn (required, String)

    The ARN of the IAM role to associate with the ACM certificate. You can associate up to 16 IAM roles with an ACM certificate.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



1879
1880
1881
1882
# File 'lib/aws-sdk-ec2/client.rb', line 1879

def associate_enclave_certificate_iam_role(params = {}, options = {})
  req = build_request(:associate_enclave_certificate_iam_role, params)
  req.send_request(options)
end

#associate_iam_instance_profile(params = {}) ⇒ Types::AssociateIamInstanceProfileResult

Associates an IAM instance profile with a running or stopped instance. You cannot associate more than one IAM instance profile with an instance.

Examples:

Example: To associate an IAM instance profile with an instance


# This example associates an IAM instance profile named admin-role with the specified instance.

resp = client.associate_iam_instance_profile({
  iam_instance_profile: {
    name: "admin-role", 
  }, 
  instance_id: "i-123456789abcde123", 
})

resp.to_h outputs the following:
{
  iam_instance_profile_association: {
    association_id: "iip-assoc-0e7736511a163c209", 
    iam_instance_profile: {
      arn: "arn:aws:iam::123456789012:instance-profile/admin-role", 
      id: "AIPAJBLK7RKJKWDXVHIEC", 
    }, 
    instance_id: "i-123456789abcde123", 
    state: "associating", 
  }, 
}

Request syntax with placeholder values


resp = client.associate_iam_instance_profile({
  iam_instance_profile: { # required
    arn: "String",
    name: "String",
  },
  instance_id: "InstanceId", # required
})

Response structure


resp.iam_instance_profile_association.association_id #=> String
resp.iam_instance_profile_association.instance_id #=> String
resp.iam_instance_profile_association.iam_instance_profile.arn #=> String
resp.iam_instance_profile_association.iam_instance_profile.id #=> String
resp.iam_instance_profile_association.state #=> String, one of "associating", "associated", "disassociating", "disassociated"
resp.iam_instance_profile_association.timestamp #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

Returns:

See Also:



1946
1947
1948
1949
# File 'lib/aws-sdk-ec2/client.rb', line 1946

def associate_iam_instance_profile(params = {}, options = {})
  req = build_request(:associate_iam_instance_profile, params)
  req.send_request(options)
end

#associate_instance_event_window(params = {}) ⇒ Types::AssociateInstanceEventWindowResult

Associates one or more targets with an event window. Only one type of target (instance IDs, Dedicated Host IDs, or tags) can be specified with an event window.

For more information, see [Define event windows for scheduled events] in the *Amazon EC2 User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/event-windows.html

Examples:

Request syntax with placeholder values


resp = client.associate_instance_event_window({
  dry_run: false,
  instance_event_window_id: "InstanceEventWindowId", # required
  association_target: { # required
    instance_ids: ["InstanceId"],
    instance_tags: [
      {
        key: "String",
        value: "String",
      },
    ],
    dedicated_host_ids: ["DedicatedHostId"],
  },
})

Response structure


resp.instance_event_window.instance_event_window_id #=> String
resp.instance_event_window.time_ranges #=> Array
resp.instance_event_window.time_ranges[0].start_week_day #=> String, one of "sunday", "monday", "tuesday", "wednesday", "thursday", "friday", "saturday"
resp.instance_event_window.time_ranges[0].start_hour #=> Integer
resp.instance_event_window.time_ranges[0].end_week_day #=> String, one of "sunday", "monday", "tuesday", "wednesday", "thursday", "friday", "saturday"
resp.instance_event_window.time_ranges[0].end_hour #=> Integer
resp.instance_event_window.name #=> String
resp.instance_event_window.cron_expression #=> String
resp.instance_event_window.association_target.instance_ids #=> Array
resp.instance_event_window.association_target.instance_ids[0] #=> String
resp.instance_event_window.association_target.tags #=> Array
resp.instance_event_window.association_target.tags[0].key #=> String
resp.instance_event_window.association_target.tags[0].value #=> String
resp.instance_event_window.association_target.dedicated_host_ids #=> Array
resp.instance_event_window.association_target.dedicated_host_ids[0] #=> String
resp.instance_event_window.state #=> String, one of "creating", "deleting", "active", "deleted"
resp.instance_event_window.tags #=> Array
resp.instance_event_window.tags[0].key #=> String
resp.instance_event_window.tags[0].value #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :instance_event_window_id (required, String)

    The ID of the event window.

  • :association_target (required, Types::InstanceEventWindowAssociationRequest)

    One or more targets associated with the specified event window.

Returns:

See Also:



2021
2022
2023
2024
# File 'lib/aws-sdk-ec2/client.rb', line 2021

def associate_instance_event_window(params = {}, options = {})
  req = build_request(:associate_instance_event_window, params)
  req.send_request(options)
end

#associate_ipam_byoasn(params = {}) ⇒ Types::AssociateIpamByoasnResult

Associates your Autonomous System Number (ASN) with a BYOIP CIDR that you own in the same Amazon Web Services Region. For more information, see [Tutorial: Bring your ASN to IPAM] in the *Amazon VPC IPAM guide*.

After the association succeeds, the ASN is eligible for advertisement. You can view the association with [DescribeByoipCidrs]. You can advertise the CIDR with [AdvertiseByoipCidr].

[1]: docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html [2]: docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeByoipCidrs.html [3]: docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AdvertiseByoipCidr.html

Examples:

Request syntax with placeholder values


resp = client.associate_ipam_byoasn({
  dry_run: false,
  asn: "String", # required
  cidr: "String", # required
})

Response structure


resp.asn_association.asn #=> String
resp.asn_association.cidr #=> String
resp.asn_association.status_message #=> String
resp.asn_association.state #=> String, one of "disassociated", "failed-disassociation", "failed-association", "pending-disassociation", "pending-association", "associated"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :asn (required, String)

    A public 2-byte or 4-byte ASN.

  • :cidr (required, String)

    The BYOIP CIDR you want to associate with an ASN.

Returns:

See Also:



2076
2077
2078
2079
# File 'lib/aws-sdk-ec2/client.rb', line 2076

def associate_ipam_byoasn(params = {}, options = {})
  req = build_request(:associate_ipam_byoasn, params)
  req.send_request(options)
end

#associate_ipam_resource_discovery(params = {}) ⇒ Types::AssociateIpamResourceDiscoveryResult

Associates an IPAM resource discovery with an Amazon VPC IPAM. A resource discovery is an IPAM component that enables IPAM to manage and monitor resources that belong to the owning account.

Examples:

Request syntax with placeholder values


resp = client.associate_ipam_resource_discovery({
  dry_run: false,
  ipam_id: "IpamId", # required
  ipam_resource_discovery_id: "IpamResourceDiscoveryId", # required
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
  client_token: "String",
})

Response structure


resp.ipam_resource_discovery_association.owner_id #=> String
resp.ipam_resource_discovery_association.ipam_resource_discovery_association_id #=> String
resp.ipam_resource_discovery_association.ipam_resource_discovery_association_arn #=> String
resp.ipam_resource_discovery_association.ipam_resource_discovery_id #=> String
resp.ipam_resource_discovery_association.ipam_id #=> String
resp.ipam_resource_discovery_association.ipam_arn #=> String
resp.ipam_resource_discovery_association.ipam_region #=> String
resp.ipam_resource_discovery_association.is_default #=> Boolean
resp.ipam_resource_discovery_association.resource_discovery_status #=> String, one of "active", "not-found"
resp.ipam_resource_discovery_association.state #=> String, one of "associate-in-progress", "associate-complete", "associate-failed", "disassociate-in-progress", "disassociate-complete", "disassociate-failed", "isolate-in-progress", "isolate-complete", "restore-in-progress"
resp.ipam_resource_discovery_association.tags #=> Array
resp.ipam_resource_discovery_association.tags[0].key #=> String
resp.ipam_resource_discovery_association.tags[0].value #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :ipam_id (required, String)

    An IPAM ID.

  • :ipam_resource_discovery_id (required, String)

    A resource discovery ID.

  • :tag_specifications (Array<Types::TagSpecification>)

    Tag specifications.

  • :client_token (String)

    A client token.

    **A suitable default value is auto-generated.** You should normally not need to pass this option.**

Returns:

See Also:



2150
2151
2152
2153
# File 'lib/aws-sdk-ec2/client.rb', line 2150

def associate_ipam_resource_discovery(params = {}, options = {})
  req = build_request(:associate_ipam_resource_discovery, params)
  req.send_request(options)
end

#associate_nat_gateway_address(params = {}) ⇒ Types::AssociateNatGatewayAddressResult

Associates Elastic IP addresses (EIPs) and private IPv4 addresses with a public NAT gateway. For more information, see [Work with NAT gateways] in the *Amazon VPC User Guide*.

By default, you can associate up to 2 Elastic IP addresses per public NAT gateway. You can increase the limit by requesting a quota adjustment. For more information, see [Elastic IP address quotas] in the *Amazon VPC User Guide*.

When you associate an EIP or secondary EIPs with a public NAT gateway, the network border group of the EIPs must match the network border group of the Availability Zone (AZ) that the public NAT gateway is in. If it’s not the same, the EIP will fail to associate. You can see the network border group for the subnet’s AZ by viewing the details of the subnet. Similarly, you can view the network border group of an EIP by viewing the details of the EIP address. For more information about network border groups and EIPs, see [Allocate an Elastic IP address] in the *Amazon VPC User Guide*.

[1]: docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-working-with [2]: docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-eips [3]: docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip

Examples:

Request syntax with placeholder values


resp = client.associate_nat_gateway_address({
  nat_gateway_id: "NatGatewayId", # required
  allocation_ids: ["AllocationId"], # required
  private_ip_addresses: ["String"],
  dry_run: false,
})

Response structure


resp.nat_gateway_id #=> String
resp.nat_gateway_addresses #=> Array
resp.nat_gateway_addresses[0].allocation_id #=> String
resp.nat_gateway_addresses[0].network_interface_id #=> String
resp.nat_gateway_addresses[0].private_ip #=> String
resp.nat_gateway_addresses[0].public_ip #=> String
resp.nat_gateway_addresses[0].association_id #=> String
resp.nat_gateway_addresses[0].is_primary #=> Boolean
resp.nat_gateway_addresses[0].failure_message #=> String
resp.nat_gateway_addresses[0].status #=> String, one of "assigning", "unassigning", "associating", "disassociating", "succeeded", "failed"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :nat_gateway_id (required, String)

    The ID of the NAT gateway.

  • :allocation_ids (required, Array<String>)

    The allocation IDs of EIPs that you want to associate with your NAT gateway.

  • :private_ip_addresses (Array<String>)

    The private IPv4 addresses that you want to assign to the NAT gateway.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



2227
2228
2229
2230
# File 'lib/aws-sdk-ec2/client.rb', line 2227

def associate_nat_gateway_address(params = {}, options = {})
  req = build_request(:associate_nat_gateway_address, params)
  req.send_request(options)
end

#associate_route_table(params = {}) ⇒ Types::AssociateRouteTableResult

Associates a subnet in your VPC or an internet gateway or virtual private gateway attached to your VPC with a route table in your VPC. This association causes traffic from the subnet or gateway to be routed according to the routes in the route table. The action returns an association ID, which you need in order to disassociate the route table later. A route table can be associated with multiple subnets.

For more information, see [Route tables] in the *Amazon VPC User Guide*.

[1]: docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html

Examples:

Example: To associate a route table with a subnet


# This example associates the specified route table with the specified subnet.

resp = client.associate_route_table({
  route_table_id: "rtb-22574640", 
  subnet_id: "subnet-9d4a7b6", 
})

resp.to_h outputs the following:
{
  association_id: "rtbassoc-781d0d1a", 
}

Request syntax with placeholder values


resp = client.associate_route_table({
  dry_run: false,
  route_table_id: "RouteTableId", # required
  subnet_id: "SubnetId",
  gateway_id: "RouteGatewayId",
})

Response structure


resp.association_id #=> String
resp.association_state.state #=> String, one of "associating", "associated", "disassociating", "disassociated", "failed"
resp.association_state.status_message #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :route_table_id (required, String)

    The ID of the route table.

  • :subnet_id (String)

    The ID of the subnet.

  • :gateway_id (String)

    The ID of the internet gateway or virtual private gateway.

Returns:

See Also:



2300
2301
2302
2303
# File 'lib/aws-sdk-ec2/client.rb', line 2300

def associate_route_table(params = {}, options = {})
  req = build_request(:associate_route_table, params)
  req.send_request(options)
end

#associate_subnet_cidr_block(params = {}) ⇒ Types::AssociateSubnetCidrBlockResult

Associates a CIDR block with your subnet. You can only associate a single IPv6 CIDR block with your subnet.

Examples:

Request syntax with placeholder values


resp = client.associate_subnet_cidr_block({
  ipv_6_cidr_block: "String",
  subnet_id: "SubnetId", # required
  ipv_6_ipam_pool_id: "IpamPoolId",
  ipv_6_netmask_length: 1,
})

Response structure


resp.ipv_6_cidr_block_association.association_id #=> String
resp.ipv_6_cidr_block_association.ipv_6_cidr_block #=> String
resp.ipv_6_cidr_block_association.ipv_6_cidr_block_state.state #=> String, one of "associating", "associated", "disassociating", "disassociated", "failing", "failed"
resp.ipv_6_cidr_block_association.ipv_6_cidr_block_state.status_message #=> String
resp.subnet_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :ipv_6_cidr_block (String)

    The IPv6 CIDR block for your subnet.

  • :subnet_id (required, String)

    The ID of your subnet.

  • :ipv_6_ipam_pool_id (String)

    An IPv6 IPAM pool ID.

  • :ipv_6_netmask_length (Integer)

    An IPv6 netmask length.

Returns:

See Also:



2346
2347
2348
2349
# File 'lib/aws-sdk-ec2/client.rb', line 2346

def associate_subnet_cidr_block(params = {}, options = {})
  req = build_request(:associate_subnet_cidr_block, params)
  req.send_request(options)
end

#associate_transit_gateway_multicast_domain(params = {}) ⇒ Types::AssociateTransitGatewayMulticastDomainResult

Associates the specified subnets and transit gateway attachments with the specified transit gateway multicast domain.

The transit gateway attachment must be in the available state before you can add a resource. Use [DescribeTransitGatewayAttachments] to see the state of the attachment.

[1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeTransitGatewayAttachments.html

Examples:

Request syntax with placeholder values


resp = client.associate_transit_gateway_multicast_domain({
  transit_gateway_multicast_domain_id: "TransitGatewayMulticastDomainId", # required
  transit_gateway_attachment_id: "TransitGatewayAttachmentId", # required
  subnet_ids: ["SubnetId"], # required
  dry_run: false,
})

Response structure


resp.associations.transit_gateway_multicast_domain_id #=> String
resp.associations.transit_gateway_attachment_id #=> String
resp.associations.resource_id #=> String
resp.associations.resource_type #=> String, one of "vpc", "vpn", "direct-connect-gateway", "connect", "peering", "tgw-peering"
resp.associations.resource_owner_id #=> String
resp.associations.subnets #=> Array
resp.associations.subnets[0].subnet_id #=> String
resp.associations.subnets[0].state #=> String, one of "pendingAcceptance", "associating", "associated", "disassociating", "disassociated", "rejected", "failed"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :transit_gateway_multicast_domain_id (required, String)

    The ID of the transit gateway multicast domain.

  • :transit_gateway_attachment_id (required, String)

    The ID of the transit gateway attachment to associate with the transit gateway multicast domain.

  • :subnet_ids (required, Array<String>)

    The IDs of the subnets to associate with the transit gateway multicast domain.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



2407
2408
2409
2410
# File 'lib/aws-sdk-ec2/client.rb', line 2407

def associate_transit_gateway_multicast_domain(params = {}, options = {})
  req = build_request(:associate_transit_gateway_multicast_domain, params)
  req.send_request(options)
end

#associate_transit_gateway_policy_table(params = {}) ⇒ Types::AssociateTransitGatewayPolicyTableResult

Associates the specified transit gateway attachment with a transit gateway policy table.

Examples:

Request syntax with placeholder values


resp = client.associate_transit_gateway_policy_table({
  transit_gateway_policy_table_id: "TransitGatewayPolicyTableId", # required
  transit_gateway_attachment_id: "TransitGatewayAttachmentId", # required
  dry_run: false,
})

Response structure


resp.association.transit_gateway_policy_table_id #=> String
resp.association.transit_gateway_attachment_id #=> String
resp.association.resource_id #=> String
resp.association.resource_type #=> String, one of "vpc", "vpn", "direct-connect-gateway", "connect", "peering", "tgw-peering"
resp.association.state #=> String, one of "associating", "associated", "disassociating", "disassociated"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :transit_gateway_policy_table_id (required, String)

    The ID of the transit gateway policy table to associate with the transit gateway attachment.

  • :transit_gateway_attachment_id (required, String)

    The ID of the transit gateway attachment to associate with the policy table.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



2453
2454
2455
2456
# File 'lib/aws-sdk-ec2/client.rb', line 2453

def associate_transit_gateway_policy_table(params = {}, options = {})
  req = build_request(:associate_transit_gateway_policy_table, params)
  req.send_request(options)
end

#associate_transit_gateway_route_table(params = {}) ⇒ Types::AssociateTransitGatewayRouteTableResult

Associates the specified attachment with the specified transit gateway route table. You can associate only one route table with an attachment.

Examples:

Request syntax with placeholder values


resp = client.associate_transit_gateway_route_table({
  transit_gateway_route_table_id: "TransitGatewayRouteTableId", # required
  transit_gateway_attachment_id: "TransitGatewayAttachmentId", # required
  dry_run: false,
})

Response structure


resp.association.transit_gateway_route_table_id #=> String
resp.association.transit_gateway_attachment_id #=> String
resp.association.resource_id #=> String
resp.association.resource_type #=> String, one of "vpc", "vpn", "direct-connect-gateway", "connect", "peering", "tgw-peering"
resp.association.state #=> String, one of "associating", "associated", "disassociating", "disassociated"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :transit_gateway_route_table_id (required, String)

    The ID of the transit gateway route table.

  • :transit_gateway_attachment_id (required, String)

    The ID of the attachment.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



2498
2499
2500
2501
# File 'lib/aws-sdk-ec2/client.rb', line 2498

def associate_transit_gateway_route_table(params = {}, options = {})
  req = build_request(:associate_transit_gateway_route_table, params)
  req.send_request(options)
end

#associate_trunk_interface(params = {}) ⇒ Types::AssociateTrunkInterfaceResult

Associates a branch network interface with a trunk network interface.

Before you create the association, run the

create-network-interface][1

command and set ‘–interface-type` to

‘trunk`. You must also create a network interface for each branch network interface that you want to associate with the trunk network interface.

[1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html

Examples:

Request syntax with placeholder values


resp = client.associate_trunk_interface({
  branch_interface_id: "NetworkInterfaceId", # required
  trunk_interface_id: "NetworkInterfaceId", # required
  vlan_id: 1,
  gre_key: 1,
  client_token: "String",
  dry_run: false,
})

Response structure


resp.interface_association.association_id #=> String
resp.interface_association.branch_interface_id #=> String
resp.interface_association.trunk_interface_id #=> String
resp.interface_association.interface_protocol #=> String, one of "VLAN", "GRE"
resp.interface_association.vlan_id #=> Integer
resp.interface_association.gre_key #=> Integer
resp.interface_association.tags #=> Array
resp.interface_association.tags[0].key #=> String
resp.interface_association.tags[0].value #=> String
resp.client_token #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :branch_interface_id (required, String)

    The ID of the branch network interface.

  • :trunk_interface_id (required, String)

    The ID of the trunk network interface.

  • :vlan_id (Integer)

    The ID of the VLAN. This applies to the VLAN protocol.

  • :gre_key (Integer)

    The application key. This applies to the GRE protocol.

  • :client_token (String)

    Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see [How to Ensure Idempotency].

    **A suitable default value is auto-generated.** You should normally not need to pass this option.**

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



2578
2579
2580
2581
# File 'lib/aws-sdk-ec2/client.rb', line 2578

def associate_trunk_interface(params = {}, options = {})
  req = build_request(:associate_trunk_interface, params)
  req.send_request(options)
end

#associate_vpc_cidr_block(params = {}) ⇒ Types::AssociateVpcCidrBlockResult

Associates a CIDR block with your VPC. You can associate a secondary IPv4 CIDR block, an Amazon-provided IPv6 CIDR block, or an IPv6 CIDR block from an IPv6 address pool that you provisioned through bring your own IP addresses ([BYOIP]).

You must specify one of the following in the request: an IPv4 CIDR block, an IPv6 pool, or an Amazon-provided IPv6 CIDR block.

For more information about associating CIDR blocks with your VPC and applicable restrictions, see [IP addressing for your VPCs and subnets] in the *Amazon VPC User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html [2]: docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html

Examples:

Request syntax with placeholder values


resp = client.associate_vpc_cidr_block({
  amazon_provided_ipv_6_cidr_block: false,
  cidr_block: "String",
  vpc_id: "VpcId", # required
  ipv_6_cidr_block_network_border_group: "String",
  ipv_6_pool: "Ipv6PoolEc2Id",
  ipv_6_cidr_block: "String",
  ipv_4_ipam_pool_id: "IpamPoolId",
  ipv_4_netmask_length: 1,
  ipv_6_ipam_pool_id: "IpamPoolId",
  ipv_6_netmask_length: 1,
})

Response structure


resp.ipv_6_cidr_block_association.association_id #=> String
resp.ipv_6_cidr_block_association.ipv_6_cidr_block #=> String
resp.ipv_6_cidr_block_association.ipv_6_cidr_block_state.state #=> String, one of "associating", "associated", "disassociating", "disassociated", "failing", "failed"
resp.ipv_6_cidr_block_association.ipv_6_cidr_block_state.status_message #=> String
resp.ipv_6_cidr_block_association.network_border_group #=> String
resp.ipv_6_cidr_block_association.ipv_6_pool #=> String
resp.cidr_block_association.association_id #=> String
resp.cidr_block_association.cidr_block #=> String
resp.cidr_block_association.cidr_block_state.state #=> String, one of "associating", "associated", "disassociating", "disassociated", "failing", "failed"
resp.cidr_block_association.cidr_block_state.status_message #=> String
resp.vpc_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :amazon_provided_ipv_6_cidr_block (Boolean)

    Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IPv6 addresses or the size of the CIDR block.

  • :cidr_block (String)

    An IPv4 CIDR block to associate with the VPC.

  • :vpc_id (required, String)

    The ID of the VPC.

  • :ipv_6_cidr_block_network_border_group (String)

    The name of the location from which we advertise the IPV6 CIDR block. Use this parameter to limit the CIDR block to this location.

    You must set ‘AmazonProvidedIpv6CidrBlock` to `true` to use this parameter.

    You can have one IPv6 CIDR block association per network border group.

  • :ipv_6_pool (String)

    The ID of an IPv6 address pool from which to allocate the IPv6 CIDR block.

  • :ipv_6_cidr_block (String)

    An IPv6 CIDR block from the IPv6 address pool. You must also specify ‘Ipv6Pool` in the request.

    To let Amazon choose the IPv6 CIDR block for you, omit this parameter.

  • :ipv_4_ipam_pool_id (String)

    Associate a CIDR allocated from an IPv4 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?] in the *Amazon VPC IPAM User Guide*.

    [1]: docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html

  • :ipv_4_netmask_length (Integer)

    The netmask length of the IPv4 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?] in the *Amazon VPC IPAM User Guide*.

    [1]: docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html

  • :ipv_6_ipam_pool_id (String)

    Associates a CIDR allocated from an IPv6 IPAM pool to a VPC. For more information about Amazon VPC IP Address Manager (IPAM), see [What is IPAM?] in the *Amazon VPC IPAM User Guide*.

    [1]: docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html

  • :ipv_6_netmask_length (Integer)

    The netmask length of the IPv6 CIDR you would like to associate from an Amazon VPC IP Address Manager (IPAM) pool. For more information about IPAM, see [What is IPAM?] in the *Amazon VPC IPAM User Guide*.

    [1]: docs.aws.amazon.com/vpc/latest/ipam/what-is-it-ipam.html

Returns:

See Also:



2707
2708
2709
2710
# File 'lib/aws-sdk-ec2/client.rb', line 2707

def associate_vpc_cidr_block(params = {}, options = {})
  req = build_request(:associate_vpc_cidr_block, params)
  req.send_request(options)
end

<note markdown=“1”> This action is deprecated.

</note>

Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or more of the VPC security groups. You cannot link an EC2-Classic instance to more than one VPC at a time. You can only link an instance that’s in the ‘running` state. An instance is automatically unlinked from a VPC when it’s stopped - you can link it to the VPC again when you restart it.

After you’ve linked an instance, you cannot change the VPC security groups that are associated with it. To change the security groups, you must first unlink the instance, and then link it again.

Linking your instance to a VPC is sometimes referred to as attaching your instance.

Examples:

Request syntax with placeholder values


resp = client.attach_classic_link_vpc({
  dry_run: false,
  groups: ["SecurityGroupId"], # required
  instance_id: "InstanceId", # required
  vpc_id: "VpcId", # required
})

Response structure


resp.return #=> Boolean

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :groups (required, Array<String>)

    The IDs of the security groups. You cannot specify security groups from a different VPC.

  • :instance_id (required, String)

    The ID of the EC2-Classic instance.

  • :vpc_id (required, String)

    The ID of the ClassicLink-enabled VPC.

Returns:

See Also:



2767
2768
2769
2770
# File 'lib/aws-sdk-ec2/client.rb', line 2767

def attach_classic_link_vpc(params = {}, options = {})
  req = build_request(:attach_classic_link_vpc, params)
  req.send_request(options)
end

#attach_internet_gateway(params = {}) ⇒ Struct

Attaches an internet gateway or a virtual private gateway to a VPC, enabling connectivity between the internet and the VPC. For more information, see [Internet gateways] in the *Amazon VPC User Guide*.

[1]: docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html

Examples:

Example: To attach an Internet gateway to a VPC


# This example attaches the specified Internet gateway to the specified VPC.

resp = client.attach_internet_gateway({
  internet_gateway_id: "igw-c0a643a9", 
  vpc_id: "vpc-a01106c2", 
})

Request syntax with placeholder values


resp = client.attach_internet_gateway({
  dry_run: false,
  internet_gateway_id: "InternetGatewayId", # required
  vpc_id: "VpcId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :internet_gateway_id (required, String)

    The ID of the internet gateway.

  • :vpc_id (required, String)

    The ID of the VPC.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



2817
2818
2819
2820
# File 'lib/aws-sdk-ec2/client.rb', line 2817

def attach_internet_gateway(params = {}, options = {})
  req = build_request(:attach_internet_gateway, params)
  req.send_request(options)
end

#attach_network_interface(params = {}) ⇒ Types::AttachNetworkInterfaceResult

Attaches a network interface to an instance.

Examples:

Example: To attach a network interface to an instance


# This example attaches the specified network interface to the specified instance.

resp = client.attach_network_interface({
  device_index: 1, 
  instance_id: "i-1234567890abcdef0", 
  network_interface_id: "eni-e5aa89a3", 
})

resp.to_h outputs the following:
{
  attachment_id: "eni-attach-66c4350a", 
}

Request syntax with placeholder values


resp = client.attach_network_interface({
  device_index: 1, # required
  dry_run: false,
  instance_id: "InstanceId", # required
  network_interface_id: "NetworkInterfaceId", # required
  network_card_index: 1,
  ena_srd_specification: {
    ena_srd_enabled: false,
    ena_srd_udp_specification: {
      ena_srd_udp_enabled: false,
    },
  },
})

Response structure


resp.attachment_id #=> String
resp.network_card_index #=> Integer

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :device_index (required, Integer)

    The index of the device for the network interface attachment.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :instance_id (required, String)

    The ID of the instance.

  • :network_interface_id (required, String)

    The ID of the network interface.

  • :network_card_index (Integer)

    The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0.

  • :ena_srd_specification (Types::EnaSrdSpecification)

    Configures ENA Express for the network interface that this action attaches to the instance.

Returns:

See Also:



2894
2895
2896
2897
# File 'lib/aws-sdk-ec2/client.rb', line 2894

def attach_network_interface(params = {}, options = {})
  req = build_request(:attach_network_interface, params)
  req.send_request(options)
end

#attach_verified_access_trust_provider(params = {}) ⇒ Types::AttachVerifiedAccessTrustProviderResult

Attaches the specified Amazon Web Services Verified Access trust provider to the specified Amazon Web Services Verified Access instance.

Examples:

Request syntax with placeholder values


resp = client.attach_verified_access_trust_provider({
  verified_access_instance_id: "VerifiedAccessInstanceId", # required
  verified_access_trust_provider_id: "VerifiedAccessTrustProviderId", # required
  client_token: "String",
  dry_run: false,
})

Response structure


resp.verified_access_trust_provider.verified_access_trust_provider_id #=> String
resp.verified_access_trust_provider.description #=> String
resp.verified_access_trust_provider.trust_provider_type #=> String, one of "user", "device"
resp.verified_access_trust_provider.user_trust_provider_type #=> String, one of "iam-identity-center", "oidc"
resp.verified_access_trust_provider.device_trust_provider_type #=> String, one of "jamf", "crowdstrike", "jumpcloud"
resp.verified_access_trust_provider.oidc_options.issuer #=> String
resp.verified_access_trust_provider.oidc_options.authorization_endpoint #=> String
resp.verified_access_trust_provider.oidc_options.token_endpoint #=> String
resp.verified_access_trust_provider.oidc_options. #=> String
resp.verified_access_trust_provider.oidc_options.client_id #=> String
resp.verified_access_trust_provider.oidc_options.client_secret #=> String
resp.verified_access_trust_provider.oidc_options.scope #=> String
resp.verified_access_trust_provider.device_options.tenant_id #=> String
resp.verified_access_trust_provider.device_options.public_signing_key_url #=> String
resp.verified_access_trust_provider.policy_reference_name #=> String
resp.verified_access_trust_provider.creation_time #=> String
resp.verified_access_trust_provider.last_updated_time #=> String
resp.verified_access_trust_provider.tags #=> Array
resp.verified_access_trust_provider.tags[0].key #=> String
resp.verified_access_trust_provider.tags[0].value #=> String
resp.verified_access_trust_provider.sse_specification.customer_managed_key_enabled #=> Boolean
resp.verified_access_trust_provider.sse_specification.kms_key_arn #=> String
resp.verified_access_instance.verified_access_instance_id #=> String
resp.verified_access_instance.description #=> String
resp.verified_access_instance.verified_access_trust_providers #=> Array
resp.verified_access_instance.verified_access_trust_providers[0].verified_access_trust_provider_id #=> String
resp.verified_access_instance.verified_access_trust_providers[0].description #=> String
resp.verified_access_instance.verified_access_trust_providers[0].trust_provider_type #=> String, one of "user", "device"
resp.verified_access_instance.verified_access_trust_providers[0].user_trust_provider_type #=> String, one of "iam-identity-center", "oidc"
resp.verified_access_instance.verified_access_trust_providers[0].device_trust_provider_type #=> String, one of "jamf", "crowdstrike", "jumpcloud"
resp.verified_access_instance.creation_time #=> String
resp.verified_access_instance.last_updated_time #=> String
resp.verified_access_instance.tags #=> Array
resp.verified_access_instance.tags[0].key #=> String
resp.verified_access_instance.tags[0].value #=> String
resp.verified_access_instance.fips_enabled #=> Boolean

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :verified_access_instance_id (required, String)

    The ID of the Verified Access instance.

  • :verified_access_trust_provider_id (required, String)

    The ID of the Verified Access trust provider.

  • :client_token (String)

    A unique, case-sensitive token that you provide to ensure idempotency of your modification request. For more information, see [Ensuring Idempotency].

    **A suitable default value is auto-generated.** You should normally not need to pass this option.**

    [1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



2984
2985
2986
2987
# File 'lib/aws-sdk-ec2/client.rb', line 2984

def attach_verified_access_trust_provider(params = {}, options = {})
  req = build_request(:attach_verified_access_trust_provider, params)
  req.send_request(options)
end

#attach_volume(params = {}) ⇒ Types::VolumeAttachment

Attaches an EBS volume to a running or stopped instance and exposes it to the instance with the specified device name.

Encrypted EBS volumes must be attached to instances that support Amazon EBS encryption. For more information, see [Amazon EBS encryption] in the *Amazon Elastic Compute Cloud User Guide*.

After you attach an EBS volume, you must make it available. For more information, see [Make an EBS volume available for use].

If a volume has an Amazon Web Services Marketplace product code:

  • The volume can be attached only to a stopped instance.

  • Amazon Web Services Marketplace product codes are copied from the volume to the instance.

  • You must be subscribed to the product.

  • The instance type and operating system of the instance must support the product. For example, you can’t detach a volume from a Windows instance and attach it to a Linux instance.

For more information, see [Attach an Amazon EBS volume to an instance] in the *Amazon Elastic Compute Cloud User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html [2]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html [3]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html

Examples:

Example: To attach a volume to an instance


# This example attaches a volume (``vol-1234567890abcdef0``) to an instance (``i-01474ef662b89480``) as ``/dev/sdf``.

resp = client.attach_volume({
  device: "/dev/sdf", 
  instance_id: "i-01474ef662b89480", 
  volume_id: "vol-1234567890abcdef0", 
})

resp.to_h outputs the following:
{
  attach_time: Time.parse("2016-08-29T18:52:32.724Z"), 
  device: "/dev/sdf", 
  instance_id: "i-01474ef662b89480", 
  state: "attaching", 
  volume_id: "vol-1234567890abcdef0", 
}

Request syntax with placeholder values


resp = client.attach_volume({
  device: "String", # required
  instance_id: "InstanceId", # required
  volume_id: "VolumeId", # required
  dry_run: false,
})

Response structure


resp.attach_time #=> Time
resp.device #=> String
resp.instance_id #=> String
resp.state #=> String, one of "attaching", "attached", "detaching", "detached", "busy"
resp.volume_id #=> String
resp.delete_on_termination #=> Boolean

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :device (required, String)

    The device name (for example, ‘/dev/sdh` or `xvdh`).

  • :instance_id (required, String)

    The ID of the instance.

  • :volume_id (required, String)

    The ID of the EBS volume. The volume and instance must be within the same Availability Zone.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



3088
3089
3090
3091
# File 'lib/aws-sdk-ec2/client.rb', line 3088

def attach_volume(params = {}, options = {})
  req = build_request(:attach_volume, params)
  req.send_request(options)
end

#attach_vpn_gateway(params = {}) ⇒ Types::AttachVpnGatewayResult

Attaches a virtual private gateway to a VPC. You can attach one virtual private gateway to one VPC at a time.

For more information, see [Amazon Web Services Site-to-Site VPN] in the *Amazon Web Services Site-to-Site VPN User Guide*.

[1]: docs.aws.amazon.com/vpn/latest/s2svpn/VPC_VPN.html

Examples:

Request syntax with placeholder values


resp = client.attach_vpn_gateway({
  vpc_id: "VpcId", # required
  vpn_gateway_id: "VpnGatewayId", # required
  dry_run: false,
})

Response structure


resp.vpc_attachment.state #=> String, one of "attaching", "attached", "detaching", "detached"
resp.vpc_attachment.vpc_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :vpc_id (required, String)

    The ID of the VPC.

  • :vpn_gateway_id (required, String)

    The ID of the virtual private gateway.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



3136
3137
3138
3139
# File 'lib/aws-sdk-ec2/client.rb', line 3136

def attach_vpn_gateway(params = {}, options = {})
  req = build_request(:attach_vpn_gateway, params)
  req.send_request(options)
end

#authorize_client_vpn_ingress(params = {}) ⇒ Types::AuthorizeClientVpnIngressResult

Adds an ingress authorization rule to a Client VPN endpoint. Ingress authorization rules act as firewall rules that grant access to networks. You must configure ingress authorization rules to enable clients to access resources in Amazon Web Services or on-premises networks.

Examples:

Request syntax with placeholder values


resp = client.authorize_client_vpn_ingress({
  client_vpn_endpoint_id: "ClientVpnEndpointId", # required
  target_network_cidr: "String", # required
  access_group_id: "String",
  authorize_all_groups: false,
  description: "String",
  client_token: "String",
  dry_run: false,
})

Response structure


resp.status.code #=> String, one of "authorizing", "active", "failed", "revoking"
resp.status.message #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_vpn_endpoint_id (required, String)

    The ID of the Client VPN endpoint.

  • :target_network_cidr (required, String)

    The IPv4 address range, in CIDR notation, of the network for which access is being authorized.

  • :access_group_id (String)

    The ID of the group to grant access to, for example, the Active Directory group or identity provider (IdP) group. Required if ‘AuthorizeAllGroups` is `false` or not specified.

  • :authorize_all_groups (Boolean)

    Indicates whether to grant access to all clients. Specify ‘true` to grant all clients who successfully establish a VPN connection access to the network. Must be set to `true` if `AccessGroupId` is not specified.

  • :description (String)

    A brief description of the authorization rule.

  • :client_token (String)

    Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see [How to ensure idempotency].

    **A suitable default value is auto-generated.** You should normally not need to pass this option.**

    [1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



3211
3212
3213
3214
# File 'lib/aws-sdk-ec2/client.rb', line 3211

def authorize_client_vpn_ingress(params = {}, options = {})
  req = build_request(:authorize_client_vpn_ingress, params)
  req.send_request(options)
end

#authorize_security_group_egress(params = {}) ⇒ Types::AuthorizeSecurityGroupEgressResult

Adds the specified outbound (egress) rules to a security group for use with a VPC.

An outbound rule permits instances to send traffic to the specified IPv4 or IPv6 CIDR address ranges, or to the instances that are associated with the specified source security groups. When specifying an outbound rule for your security group in a VPC, the ‘IpPermissions` must include a destination for the traffic.

You specify a protocol for each rule (for example, TCP). For the TCP and UDP protocols, you must also specify the destination port or port range. For the ICMP protocol, you must also specify the ICMP type and code. You can use -1 for the type or code to mean all types or all codes.

Rule changes are propagated to affected instances as quickly as possible. However, a small delay might occur.

For information about VPC security group quotas, see [Amazon VPC quotas].

<note markdown=“1”> If you want to reference a security group across VPCs attached to a transit gateway using the [security group referencing feature], note that you can only reference security groups for ingress rules. You cannot reference a security group for egress rules.

</note>

[1]: docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html [2]: docs.aws.amazon.com/vpc/latest/tgw/tgw-transit-gateways.html#create-tgw

Examples:

Example: To add a rule that allows outbound traffic to a specific address range


# This example adds a rule that grants access to the specified address ranges on TCP port 80.

resp = client.authorize_security_group_egress({
  group_id: "sg-1a2b3c4d", 
  ip_permissions: [
    {
      from_port: 80, 
      ip_protocol: "tcp", 
      ip_ranges: [
        {
          cidr_ip: "10.0.0.0/16", 
        }, 
      ], 
      to_port: 80, 
    }, 
  ], 
})

resp.to_h outputs the following:
{
}

Example: To add a rule that allows outbound traffic to a specific security group


# This example adds a rule that grants access to the specified security group on TCP port 80.

resp = client.authorize_security_group_egress({
  group_id: "sg-1a2b3c4d", 
  ip_permissions: [
    {
      from_port: 80, 
      ip_protocol: "tcp", 
      to_port: 80, 
      user_id_group_pairs: [
        {
          group_id: "sg-4b51a32f", 
        }, 
      ], 
    }, 
  ], 
})

resp.to_h outputs the following:
{
}

Request syntax with placeholder values


resp = client.authorize_security_group_egress({
  dry_run: false,
  group_id: "SecurityGroupId", # required
  ip_permissions: [
    {
      from_port: 1,
      ip_protocol: "String",
      ip_ranges: [
        {
          cidr_ip: "String",
          description: "String",
        },
      ],
      ipv_6_ranges: [
        {
          cidr_ipv_6: "String",
          description: "String",
        },
      ],
      prefix_list_ids: [
        {
          description: "String",
          prefix_list_id: "String",
        },
      ],
      to_port: 1,
      user_id_group_pairs: [
        {
          description: "String",
          group_id: "String",
          group_name: "String",
          peering_status: "String",
          user_id: "String",
          vpc_id: "String",
          vpc_peering_connection_id: "String",
        },
      ],
    },
  ],
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
  cidr_ip: "String",
  from_port: 1,
  ip_protocol: "String",
  to_port: 1,
  source_security_group_name: "String",
  source_security_group_owner_id: "String",
})

Response structure


resp.return #=> Boolean
resp.security_group_rules #=> Array
resp.security_group_rules[0].security_group_rule_id #=> String
resp.security_group_rules[0].group_id #=> String
resp.security_group_rules[0].group_owner_id #=> String
resp.security_group_rules[0].is_egress #=> Boolean
resp.security_group_rules[0].ip_protocol #=> String
resp.security_group_rules[0].from_port #=> Integer
resp.security_group_rules[0].to_port #=> Integer
resp.security_group_rules[0].cidr_ipv_4 #=> String
resp.security_group_rules[0].cidr_ipv_6 #=> String
resp.security_group_rules[0].prefix_list_id #=> String
resp.security_group_rules[0].referenced_group_info.group_id #=> String
resp.security_group_rules[0].referenced_group_info.peering_status #=> String
resp.security_group_rules[0].referenced_group_info.user_id #=> String
resp.security_group_rules[0].referenced_group_info.vpc_id #=> String
resp.security_group_rules[0].referenced_group_info.vpc_peering_connection_id #=> String
resp.security_group_rules[0].description #=> String
resp.security_group_rules[0].tags #=> Array
resp.security_group_rules[0].tags[0].key #=> String
resp.security_group_rules[0].tags[0].value #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :group_id (required, String)

    The ID of the security group.

  • :ip_permissions (Array<Types::IpPermission>)

    The sets of IP permissions. You can’t specify a destination security group and a CIDR IP address range in the same set of permissions.

  • :tag_specifications (Array<Types::TagSpecification>)

    The tags applied to the security group rule.

  • :cidr_ip (String)

    Not supported. Use a set of IP permissions to specify the CIDR.

  • :from_port (Integer)

    Not supported. Use a set of IP permissions to specify the port.

  • :ip_protocol (String)

    Not supported. Use a set of IP permissions to specify the protocol name or number.

  • :to_port (Integer)

    Not supported. Use a set of IP permissions to specify the port.

  • :source_security_group_name (String)

    Not supported. Use a set of IP permissions to specify a destination security group.

  • :source_security_group_owner_id (String)

    Not supported. Use a set of IP permissions to specify a destination security group.

Returns:

See Also:



3428
3429
3430
3431
# File 'lib/aws-sdk-ec2/client.rb', line 3428

def authorize_security_group_egress(params = {}, options = {})
  req = build_request(:authorize_security_group_egress, params)
  req.send_request(options)
end

#authorize_security_group_ingress(params = {}) ⇒ Types::AuthorizeSecurityGroupIngressResult

Adds the specified inbound (ingress) rules to a security group.

An inbound rule permits instances to receive traffic from the specified IPv4 or IPv6 CIDR address range, or from the instances that are associated with the specified destination security groups. When specifying an inbound rule for your security group in a VPC, the ‘IpPermissions` must include a source for the traffic.

You specify a protocol for each rule (for example, TCP). For TCP and UDP, you must also specify the destination port or port range. For ICMP/ICMPv6, you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean all types or all codes.

Rule changes are propagated to instances within the security group as quickly as possible. However, a small delay might occur.

For more information about VPC security group quotas, see [Amazon VPC quotas].

[1]: docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html

Examples:

Example: To add a rule that allows inbound SSH traffic from an IPv4 address range


# This example enables inbound traffic on TCP port 22 (SSH). The rule includes a description to help you identify it
# later.

resp = client.authorize_security_group_ingress({
  group_id: "sg-903004f8", 
  ip_permissions: [
    {
      from_port: 22, 
      ip_protocol: "tcp", 
      ip_ranges: [
        {
          cidr_ip: "203.0.113.0/24", 
          description: "SSH access from the LA office", 
        }, 
      ], 
      to_port: 22, 
    }, 
  ], 
})

resp.to_h outputs the following:
{
}

Example: To add a rule that allows inbound HTTP traffic from another security group


# This example enables inbound traffic on TCP port 80 from the specified security group. The group must be in the same VPC
# or a peer VPC. Incoming traffic is allowed based on the private IP addresses of instances that are associated with the
# specified security group.

resp = client.authorize_security_group_ingress({
  group_id: "sg-111aaa22", 
  ip_permissions: [
    {
      from_port: 80, 
      ip_protocol: "tcp", 
      to_port: 80, 
      user_id_group_pairs: [
        {
          description: "HTTP access from other instances", 
          group_id: "sg-1a2b3c4d", 
        }, 
      ], 
    }, 
  ], 
})

resp.to_h outputs the following:
{
}

Example: To add a rule that allows inbound RDP traffic from an IPv6 address range


# This example adds an inbound rule that allows RDP traffic from the specified IPv6 address range. The rule includes a
# description to help you identify it later.

resp = client.authorize_security_group_ingress({
  group_id: "sg-123abc12 ", 
  ip_permissions: [
    {
      from_port: 3389, 
      ip_protocol: "tcp", 
      ipv_6_ranges: [
        {
          cidr_ipv_6: "2001:db8:1234:1a00::/64", 
          description: "RDP access from the NY office", 
        }, 
      ], 
      to_port: 3389, 
    }, 
  ], 
})

resp.to_h outputs the following:
{
}

Request syntax with placeholder values


resp = client.authorize_security_group_ingress({
  cidr_ip: "String",
  from_port: 1,
  group_id: "SecurityGroupId",
  group_name: "SecurityGroupName",
  ip_permissions: [
    {
      from_port: 1,
      ip_protocol: "String",
      ip_ranges: [
        {
          cidr_ip: "String",
          description: "String",
        },
      ],
      ipv_6_ranges: [
        {
          cidr_ipv_6: "String",
          description: "String",
        },
      ],
      prefix_list_ids: [
        {
          description: "String",
          prefix_list_id: "String",
        },
      ],
      to_port: 1,
      user_id_group_pairs: [
        {
          description: "String",
          group_id: "String",
          group_name: "String",
          peering_status: "String",
          user_id: "String",
          vpc_id: "String",
          vpc_peering_connection_id: "String",
        },
      ],
    },
  ],
  ip_protocol: "String",
  source_security_group_name: "String",
  source_security_group_owner_id: "String",
  to_port: 1,
  dry_run: false,
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
})

Response structure


resp.return #=> Boolean
resp.security_group_rules #=> Array
resp.security_group_rules[0].security_group_rule_id #=> String
resp.security_group_rules[0].group_id #=> String
resp.security_group_rules[0].group_owner_id #=> String
resp.security_group_rules[0].is_egress #=> Boolean
resp.security_group_rules[0].ip_protocol #=> String
resp.security_group_rules[0].from_port #=> Integer
resp.security_group_rules[0].to_port #=> Integer
resp.security_group_rules[0].cidr_ipv_4 #=> String
resp.security_group_rules[0].cidr_ipv_6 #=> String
resp.security_group_rules[0].prefix_list_id #=> String
resp.security_group_rules[0].referenced_group_info.group_id #=> String
resp.security_group_rules[0].referenced_group_info.peering_status #=> String
resp.security_group_rules[0].referenced_group_info.user_id #=> String
resp.security_group_rules[0].referenced_group_info.vpc_id #=> String
resp.security_group_rules[0].referenced_group_info.vpc_peering_connection_id #=> String
resp.security_group_rules[0].description #=> String
resp.security_group_rules[0].tags #=> Array
resp.security_group_rules[0].tags[0].key #=> String
resp.security_group_rules[0].tags[0].value #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :cidr_ip (String)

    The IPv4 address range, in CIDR format. You can’t specify this parameter when specifying a source security group. To specify an IPv6 address range, use a set of IP permissions.

    Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.

  • :from_port (Integer)

    If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP, this is the type number. A value of -1 indicates all ICMP types. If you specify all ICMP types, you must specify all ICMP codes.

    Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.

  • :group_id (String)

    The ID of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.

  • :group_name (String)

    [Default VPC] The name of the security group. You must specify either the security group ID or the security group name in the request. For security groups in a nondefault VPC, you must specify the security group ID.

  • :ip_permissions (Array<Types::IpPermission>)

    The sets of IP permissions.

  • :ip_protocol (String)

    The IP protocol name (‘tcp`, `udp`, `icmp`) or number (see [Protocol Numbers]). To specify `icmpv6`, use a set of IP permissions.

    Use ‘-1` to specify all protocols. If you specify `-1` or a protocol other than `tcp`, `udp`, or `icmp`, traffic on all ports is allowed, regardless of any ports you specify.

    Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.

    [1]: www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml

  • :source_security_group_name (String)

    [Default VPC] The name of the source security group. You can’t specify this parameter in combination with the following parameters: the CIDR IP address range, the start of the port range, the IP protocol, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead. The source security group must be in the same VPC.

  • :source_security_group_owner_id (String)

    [Nondefault VPC] The Amazon Web Services account ID for the source security group, if the source security group is in a different account. You can’t specify this parameter in combination with the following parameters: the CIDR IP address range, the IP protocol, the start of the port range, and the end of the port range. Creates rules that grant full ICMP, UDP, and TCP access. To create a rule with a specific IP protocol and port range, use a set of IP permissions instead.

  • :to_port (Integer)

    If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP, this is the code. A value of -1 indicates all ICMP codes. If you specify all ICMP types, you must specify all ICMP codes.

    Alternatively, use a set of IP permissions to specify multiple rules and a description for the rule.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :tag_specifications (Array<Types::TagSpecification>)

    [VPC Only] The tags applied to the security group rule.

Returns:

See Also:



3713
3714
3715
3716
# File 'lib/aws-sdk-ec2/client.rb', line 3713

def authorize_security_group_ingress(params = {}, options = {})
  req = build_request(:authorize_security_group_ingress, params)
  req.send_request(options)
end

#build_request(operation_name, params = {}) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Parameters:

  • params ({}) (defaults to: {})


58598
58599
58600
58601
58602
58603
58604
58605
58606
58607
58608
58609
# File 'lib/aws-sdk-ec2/client.rb', line 58598

def build_request(operation_name, params = {})
  handlers = @handlers.for(operation_name)
  context = Seahorse::Client::RequestContext.new(
    operation_name: operation_name,
    operation: config.api.operation(operation_name),
    client: self,
    params: params,
    config: config)
  context[:gem_name] = 'aws-sdk-ec2'
  context[:gem_version] = '1.424.0'
  Seahorse::Client::Request.new(handlers, context)
end

#bundle_instance(params = {}) ⇒ Types::BundleInstanceResult

Bundles an Amazon instance store-backed Windows instance.

During bundling, only the root device volume (C:\) is bundled. Data on other instance store volumes is not preserved.

<note markdown=“1”> This action is not applicable for Linux/Unix instances or Windows instances that are backed by Amazon EBS.

</note>

Examples:

Request syntax with placeholder values


resp = client.bundle_instance({
  instance_id: "InstanceId", # required
  storage: { # required
    s3: {
      aws_access_key_id: "String",
      bucket: "String",
      prefix: "String",
      upload_policy: "data",
      upload_policy_signature: "S3StorageUploadPolicySignature",
    },
  },
  dry_run: false,
})

Response structure


resp.bundle_task.bundle_id #=> String
resp.bundle_task.bundle_task_error.code #=> String
resp.bundle_task.bundle_task_error.message #=> String
resp.bundle_task.instance_id #=> String
resp.bundle_task.progress #=> String
resp.bundle_task.start_time #=> Time
resp.bundle_task.state #=> String, one of "pending", "waiting-for-shutdown", "bundling", "storing", "cancelling", "complete", "failed"
resp.bundle_task.storage.s3.aws_access_key_id #=> String
resp.bundle_task.storage.s3.bucket #=> String
resp.bundle_task.storage.s3.prefix #=> String
resp.bundle_task.storage.s3.upload_policy #=> String
resp.bundle_task.storage.s3.upload_policy_signature #=> String
resp.bundle_task.update_time #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :instance_id (required, String)

    The ID of the instance to bundle.

    Type: String

    Default: None

    Required: Yes

  • :storage (required, Types::Storage)

    The bucket in which to store the AMI. You can specify a bucket that you already own or a new bucket that Amazon EC2 creates on your behalf. If you specify a bucket that belongs to someone else, Amazon EC2 returns an error.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



3789
3790
3791
3792
# File 'lib/aws-sdk-ec2/client.rb', line 3789

def bundle_instance(params = {}, options = {})
  req = build_request(:bundle_instance, params)
  req.send_request(options)
end

#cancel_bundle_task(params = {}) ⇒ Types::CancelBundleTaskResult

Cancels a bundling operation for an instance store-backed Windows instance.

Examples:

Request syntax with placeholder values


resp = client.cancel_bundle_task({
  bundle_id: "BundleId", # required
  dry_run: false,
})

Response structure


resp.bundle_task.bundle_id #=> String
resp.bundle_task.bundle_task_error.code #=> String
resp.bundle_task.bundle_task_error.message #=> String
resp.bundle_task.instance_id #=> String
resp.bundle_task.progress #=> String
resp.bundle_task.start_time #=> Time
resp.bundle_task.state #=> String, one of "pending", "waiting-for-shutdown", "bundling", "storing", "cancelling", "complete", "failed"
resp.bundle_task.storage.s3.aws_access_key_id #=> String
resp.bundle_task.storage.s3.bucket #=> String
resp.bundle_task.storage.s3.prefix #=> String
resp.bundle_task.storage.s3.upload_policy #=> String
resp.bundle_task.storage.s3.upload_policy_signature #=> String
resp.bundle_task.update_time #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :bundle_id (required, String)

    The ID of the bundle task.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



3837
3838
3839
3840
# File 'lib/aws-sdk-ec2/client.rb', line 3837

def cancel_bundle_task(params = {}, options = {})
  req = build_request(:cancel_bundle_task, params)
  req.send_request(options)
end

#cancel_capacity_reservation(params = {}) ⇒ Types::CancelCapacityReservationResult

Cancels the specified Capacity Reservation, releases the reserved capacity, and changes the Capacity Reservation’s state to ‘cancelled`.

Instances running in the reserved capacity continue running until you stop them. Stopped instances that target the Capacity Reservation can no longer launch. Modify these instances to either target a different Capacity Reservation, launch On-Demand Instance capacity, or run in any open Capacity Reservation that has matching attributes and sufficient capacity.

Examples:

Request syntax with placeholder values


resp = client.cancel_capacity_reservation({
  capacity_reservation_id: "CapacityReservationId", # required
  dry_run: false,
})

Response structure


resp.return #=> Boolean

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :capacity_reservation_id (required, String)

    The ID of the Capacity Reservation to be cancelled.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



3881
3882
3883
3884
# File 'lib/aws-sdk-ec2/client.rb', line 3881

def cancel_capacity_reservation(params = {}, options = {})
  req = build_request(:cancel_capacity_reservation, params)
  req.send_request(options)
end

#cancel_capacity_reservation_fleets(params = {}) ⇒ Types::CancelCapacityReservationFleetsResult

Cancels one or more Capacity Reservation Fleets. When you cancel a Capacity Reservation Fleet, the following happens:

  • The Capacity Reservation Fleet’s status changes to ‘cancelled`.

  • The individual Capacity Reservations in the Fleet are cancelled. Instances running in the Capacity Reservations at the time of cancelling the Fleet continue to run in shared capacity.

  • The Fleet stops creating new Capacity Reservations.

Examples:

Request syntax with placeholder values


resp = client.cancel_capacity_reservation_fleets({
  dry_run: false,
  capacity_reservation_fleet_ids: ["CapacityReservationFleetId"], # required
})

Response structure


resp.successful_fleet_cancellations #=> Array
resp.successful_fleet_cancellations[0].current_fleet_state #=> String, one of "submitted", "modifying", "active", "partially_fulfilled", "expiring", "expired", "cancelling", "cancelled", "failed"
resp.successful_fleet_cancellations[0].previous_fleet_state #=> String, one of "submitted", "modifying", "active", "partially_fulfilled", "expiring", "expired", "cancelling", "cancelled", "failed"
resp.successful_fleet_cancellations[0].capacity_reservation_fleet_id #=> String
resp.failed_fleet_cancellations #=> Array
resp.failed_fleet_cancellations[0].capacity_reservation_fleet_id #=> String
resp.failed_fleet_cancellations[0].cancel_capacity_reservation_fleet_error.code #=> String
resp.failed_fleet_cancellations[0].cancel_capacity_reservation_fleet_error.message #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :capacity_reservation_fleet_ids (required, Array<String>)

    The IDs of the Capacity Reservation Fleets to cancel.

Returns:

See Also:



3933
3934
3935
3936
# File 'lib/aws-sdk-ec2/client.rb', line 3933

def cancel_capacity_reservation_fleets(params = {}, options = {})
  req = build_request(:cancel_capacity_reservation_fleets, params)
  req.send_request(options)
end

#cancel_conversion_task(params = {}) ⇒ Struct

Cancels an active conversion task. The task can be the import of an instance or volume. The action removes all artifacts of the conversion, including a partially uploaded volume or instance. If the conversion is complete or is in the process of transferring the final disk image, the command fails and returns an exception.

For more information, see [Importing a Virtual Machine Using the Amazon EC2 CLI].

[1]: docs.aws.amazon.com/AWSEC2/latest/CommandLineReference/ec2-cli-vmimport-export.html

Examples:

Request syntax with placeholder values


resp = client.cancel_conversion_task({
  conversion_task_id: "ConversionTaskId", # required
  dry_run: false,
  reason_message: "String",
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :conversion_task_id (required, String)

    The ID of the conversion task.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :reason_message (String)

    The reason for canceling the conversion task.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



3977
3978
3979
3980
# File 'lib/aws-sdk-ec2/client.rb', line 3977

def cancel_conversion_task(params = {}, options = {})
  req = build_request(:cancel_conversion_task, params)
  req.send_request(options)
end

#cancel_export_task(params = {}) ⇒ Struct

Cancels an active export task. The request removes all artifacts of the export, including any partially-created Amazon S3 objects. If the export task is complete or is in the process of transferring the final disk image, the command fails and returns an error.

Examples:

Request syntax with placeholder values


resp = client.cancel_export_task({
  export_task_id: "ExportVmTaskId", # required
})

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :export_task_id (required, String)

    The ID of the export task. This is the ID returned by the ‘CreateInstanceExportTask` and `ExportImage` operations.

Returns:

  • (Struct)

    Returns an empty response.

See Also:



4003
4004
4005
4006
# File 'lib/aws-sdk-ec2/client.rb', line 4003

def cancel_export_task(params = {}, options = {})
  req = build_request(:cancel_export_task, params)
  req.send_request(options)
end

#cancel_image_launch_permission(params = {}) ⇒ Types::CancelImageLaunchPermissionResult

Removes your Amazon Web Services account from the launch permissions for the specified AMI. For more information, see [ Cancel having an AMI shared with your Amazon Web Services account] in the *Amazon EC2 User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-sharing-an-AMI.html

Examples:

Request syntax with placeholder values


resp = client.cancel_image_launch_permission({
  image_id: "ImageId", # required
  dry_run: false,
})

Response structure


resp.return #=> Boolean

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :image_id (required, String)

    The ID of the AMI that was shared with your Amazon Web Services account.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



4046
4047
4048
4049
# File 'lib/aws-sdk-ec2/client.rb', line 4046

def cancel_image_launch_permission(params = {}, options = {})
  req = build_request(:cancel_image_launch_permission, params)
  req.send_request(options)
end

#cancel_import_task(params = {}) ⇒ Types::CancelImportTaskResult

Cancels an in-process import virtual machine or import snapshot task.

Examples:

Request syntax with placeholder values


resp = client.cancel_import_task({
  cancel_reason: "String",
  dry_run: false,
  import_task_id: "ImportTaskId",
})

Response structure


resp.import_task_id #=> String
resp.previous_state #=> String
resp.state #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :cancel_reason (String)

    The reason for canceling the task.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :import_task_id (String)

    The ID of the import image or import snapshot task to be canceled.

Returns:

See Also:



4089
4090
4091
4092
# File 'lib/aws-sdk-ec2/client.rb', line 4089

def cancel_import_task(params = {}, options = {})
  req = build_request(:cancel_import_task, params)
  req.send_request(options)
end

#cancel_reserved_instances_listing(params = {}) ⇒ Types::CancelReservedInstancesListingResult

Cancels the specified Reserved Instance listing in the Reserved Instance Marketplace.

For more information, see [Reserved Instance Marketplace] in the *Amazon EC2 User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html

Examples:

Request syntax with placeholder values


resp = client.cancel_reserved_instances_listing({
  reserved_instances_listing_id: "ReservedInstancesListingId", # required
})

Response structure


resp.reserved_instances_listings #=> Array
resp.reserved_instances_listings[0].client_token #=> String
resp.reserved_instances_listings[0].create_date #=> Time
resp.reserved_instances_listings[0].instance_counts #=> Array
resp.reserved_instances_listings[0].instance_counts[0].instance_count #=> Integer
resp.reserved_instances_listings[0].instance_counts[0].state #=> String, one of "available", "sold", "cancelled", "pending"
resp.reserved_instances_listings[0].price_schedules #=> Array
resp.reserved_instances_listings[0].price_schedules[0].active #=> Boolean
resp.reserved_instances_listings[0].price_schedules[0].currency_code #=> String, one of "USD"
resp.reserved_instances_listings[0].price_schedules[0].price #=> Float
resp.reserved_instances_listings[0].price_schedules[0].term #=> Integer
resp.reserved_instances_listings[0].reserved_instances_id #=> String
resp.reserved_instances_listings[0].reserved_instances_listing_id #=> String
resp.reserved_instances_listings[0].status #=> String, one of "active", "pending", "cancelled", "closed"
resp.reserved_instances_listings[0].status_message #=> String
resp.reserved_instances_listings[0].tags #=> Array
resp.reserved_instances_listings[0].tags[0].key #=> String
resp.reserved_instances_listings[0].tags[0].value #=> String
resp.reserved_instances_listings[0].update_date #=> Time

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :reserved_instances_listing_id (required, String)

    The ID of the Reserved Instance listing.

Returns:

See Also:



4143
4144
4145
4146
# File 'lib/aws-sdk-ec2/client.rb', line 4143

def cancel_reserved_instances_listing(params = {}, options = {})
  req = build_request(:cancel_reserved_instances_listing, params)
  req.send_request(options)
end

#cancel_spot_fleet_requests(params = {}) ⇒ Types::CancelSpotFleetRequestsResponse

Cancels the specified Spot Fleet requests.

After you cancel a Spot Fleet request, the Spot Fleet launches no new instances.

You must also specify whether a canceled Spot Fleet request should terminate its instances. If you choose to terminate the instances, the Spot Fleet request enters the ‘cancelled_terminating` state. Otherwise, the Spot Fleet request enters the `cancelled_running` state and the instances continue to run until they are interrupted or you terminate them manually.

Examples:

Example: To cancel a Spot fleet request


# This example cancels the specified Spot fleet request and terminates its associated Spot Instances.

resp = client.cancel_spot_fleet_requests({
  spot_fleet_request_ids: [
    "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", 
  ], 
  terminate_instances: true, 
})

resp.to_h outputs the following:
{
  successful_fleet_requests: [
    {
      current_spot_fleet_request_state: "cancelled_running", 
      previous_spot_fleet_request_state: "active", 
      spot_fleet_request_id: "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", 
    }, 
  ], 
}

Example: To cancel a Spot fleet request without terminating its Spot Instances


# This example cancels the specified Spot fleet request without terminating its associated Spot Instances.

resp = client.cancel_spot_fleet_requests({
  spot_fleet_request_ids: [
    "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", 
  ], 
  terminate_instances: false, 
})

resp.to_h outputs the following:
{
  successful_fleet_requests: [
    {
      current_spot_fleet_request_state: "cancelled_terminating", 
      previous_spot_fleet_request_state: "active", 
      spot_fleet_request_id: "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", 
    }, 
  ], 
}

Request syntax with placeholder values


resp = client.cancel_spot_fleet_requests({
  dry_run: false,
  spot_fleet_request_ids: ["SpotFleetRequestId"], # required
  terminate_instances: false, # required
})

Response structure


resp.successful_fleet_requests #=> Array
resp.successful_fleet_requests[0].current_spot_fleet_request_state #=> String, one of "submitted", "active", "cancelled", "failed", "cancelled_running", "cancelled_terminating", "modifying"
resp.successful_fleet_requests[0].previous_spot_fleet_request_state #=> String, one of "submitted", "active", "cancelled", "failed", "cancelled_running", "cancelled_terminating", "modifying"
resp.successful_fleet_requests[0].spot_fleet_request_id #=> String
resp.unsuccessful_fleet_requests #=> Array
resp.unsuccessful_fleet_requests[0].error.code #=> String, one of "fleetRequestIdDoesNotExist", "fleetRequestIdMalformed", "fleetRequestNotInCancellableState", "unexpectedError"
resp.unsuccessful_fleet_requests[0].error.message #=> String
resp.unsuccessful_fleet_requests[0].spot_fleet_request_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :spot_fleet_request_ids (required, Array<String>)

    The IDs of the Spot Fleet requests.

  • :terminate_instances (required, Boolean)

    Indicates whether to terminate the associated instances when the Spot Fleet request is canceled. The default is to terminate the instances.

    To let the instances continue to run after the Spot Fleet request is canceled, specify ‘no-terminate-instances`.

Returns:

See Also:



4249
4250
4251
4252
# File 'lib/aws-sdk-ec2/client.rb', line 4249

def cancel_spot_fleet_requests(params = {}, options = {})
  req = build_request(:cancel_spot_fleet_requests, params)
  req.send_request(options)
end

#cancel_spot_instance_requests(params = {}) ⇒ Types::CancelSpotInstanceRequestsResult

Cancels one or more Spot Instance requests.

Canceling a Spot Instance request does not terminate running Spot Instances associated with the request.

Examples:

Example: To cancel Spot Instance requests


# This example cancels a Spot Instance request.

resp = client.cancel_spot_instance_requests({
  spot_instance_request_ids: [
    "sir-08b93456", 
  ], 
})

resp.to_h outputs the following:
{
  cancelled_spot_instance_requests: [
    {
      spot_instance_request_id: "sir-08b93456", 
      state: "cancelled", 
    }, 
  ], 
}

Request syntax with placeholder values


resp = client.cancel_spot_instance_requests({
  dry_run: false,
  spot_instance_request_ids: ["SpotInstanceRequestId"], # required
})

Response structure


resp.cancelled_spot_instance_requests #=> Array
resp.cancelled_spot_instance_requests[0].spot_instance_request_id #=> String
resp.cancelled_spot_instance_requests[0].state #=> String, one of "active", "open", "closed", "cancelled", "completed"

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :spot_instance_request_ids (required, Array<String>)

    The IDs of the Spot Instance requests.

Returns:

See Also:



4310
4311
4312
4313
# File 'lib/aws-sdk-ec2/client.rb', line 4310

def cancel_spot_instance_requests(params = {}, options = {})
  req = build_request(:cancel_spot_instance_requests, params)
  req.send_request(options)
end

#confirm_product_instance(params = {}) ⇒ Types::ConfirmProductInstanceResult

Determines whether a product code is associated with an instance. This action can only be used by the owner of the product code. It is useful when a product code owner must verify whether another user’s instance is eligible for support.

Examples:

Example: To confirm the product instance


# This example determines whether the specified product code is associated with the specified instance.

resp = client.confirm_product_instance({
  instance_id: "i-1234567890abcdef0", 
  product_code: "774F4FF8", 
})

resp.to_h outputs the following:
{
  owner_id: "123456789012", 
}

Request syntax with placeholder values


resp = client.confirm_product_instance({
  instance_id: "InstanceId", # required
  product_code: "String", # required
  dry_run: false,
})

Response structure


resp.owner_id #=> String
resp.return #=> Boolean

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :instance_id (required, String)

    The ID of the instance.

  • :product_code (required, String)

    The product code. This must be a product code that you own.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



4369
4370
4371
4372
# File 'lib/aws-sdk-ec2/client.rb', line 4369

def confirm_product_instance(params = {}, options = {})
  req = build_request(:confirm_product_instance, params)
  req.send_request(options)
end

#copy_fpga_image(params = {}) ⇒ Types::CopyFpgaImageResult

Copies the specified Amazon FPGA Image (AFI) to the current Region.

Examples:

Request syntax with placeholder values


resp = client.copy_fpga_image({
  dry_run: false,
  source_fpga_image_id: "String", # required
  description: "String",
  name: "String",
  source_region: "String", # required
  client_token: "String",
})

Response structure


resp.fpga_image_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :source_fpga_image_id (required, String)

    The ID of the source AFI.

  • :description (String)

    The description for the new AFI.

  • :name (String)

    The name for the new AFI. The default is the name of the source AFI.

  • :source_region (required, String)

    The Region that contains the source AFI.

  • :client_token (String)

    Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see [Ensuring idempotency].

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html

Returns:

See Also:



4426
4427
4428
4429
# File 'lib/aws-sdk-ec2/client.rb', line 4426

def copy_fpga_image(params = {}, options = {})
  req = build_request(:copy_fpga_image, params)
  req.send_request(options)
end

#copy_image(params = {}) ⇒ Types::CopyImageResult

Initiates the copy of an AMI. You can copy an AMI from one Region to another, or from a Region to an Outpost. You can’t copy an AMI from an Outpost to a Region, from one Outpost to another, or within the same Outpost. To copy an AMI to another partition, see [CreateStoreImageTask].

To copy an AMI from one Region to another, specify the source Region using the SourceRegion parameter, and specify the destination Region using its endpoint. Copies of encrypted backing snapshots for the AMI are encrypted. Copies of unencrypted backing snapshots remain unencrypted, unless you set ‘Encrypted` during the copy operation. You cannot create an unencrypted copy of an encrypted backing snapshot.

To copy an AMI from a Region to an Outpost, specify the source Region using the SourceRegion parameter, and specify the ARN of the destination Outpost using DestinationOutpostArn. Backing snapshots copied to an Outpost are encrypted by default using the default encryption key for the Region, or a different key that you specify in the request using KmsKeyId. Outposts do not support unencrypted snapshots. For more information, [ Amazon EBS local snapshots on Outposts] in the *Amazon EC2 User Guide*.

For more information about the prerequisites and limits when copying an AMI, see [Copy an AMI] in the *Amazon EC2 User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateStoreImageTask.html [2]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami [3]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html

Examples:

Example: To copy an AMI to another region


# This example copies the specified AMI from the us-east-1 region to the current region.

resp = client.copy_image({
  description: "", 
  name: "My server", 
  source_image_id: "ami-5731123e", 
  source_region: "us-east-1", 
})

resp.to_h outputs the following:
{
  image_id: "ami-438bea42", 
}

Request syntax with placeholder values


resp = client.copy_image({
  client_token: "String",
  description: "String",
  encrypted: false,
  kms_key_id: "KmsKeyId",
  name: "String", # required
  source_image_id: "String", # required
  source_region: "String", # required
  destination_outpost_arn: "String",
  dry_run: false,
  copy_image_tags: false,
})

Response structure


resp.image_id #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :client_token (String)

    Unique, case-sensitive identifier you provide to ensure idempotency of the request. For more information, see [Ensuring idempotency] in the *Amazon EC2 API Reference*.

    [1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html

  • :description (String)

    A description for the new AMI in the destination Region.

  • :encrypted (Boolean)

    Specifies whether the destination snapshots of the copied image should be encrypted. You can encrypt a copy of an unencrypted snapshot, but you cannot create an unencrypted copy of an encrypted snapshot. The default KMS key for Amazon EBS is used unless you specify a non-default Key Management Service (KMS) KMS key using ‘KmsKeyId`. For more information, see [Amazon EBS encryption] in the *Amazon EC2 User Guide*.

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html

  • :kms_key_id (String)

    The identifier of the symmetric Key Management Service (KMS) KMS key to use when creating encrypted volumes. If this parameter is not specified, your Amazon Web Services managed KMS key for Amazon EBS is used. If you specify a KMS key, you must also set the encrypted state to ‘true`.

    You can specify a KMS key using any of the following:

    • Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.

    • Key alias. For example, alias/ExampleAlias.

    • Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.

    • Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.

    Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an identifier that is not valid, the action can appear to complete, but eventually fails.

    The specified KMS key must exist in the destination Region.

    Amazon EBS does not support asymmetric KMS keys.

  • :name (required, String)

    The name of the new AMI in the destination Region.

  • :source_image_id (required, String)

    The ID of the AMI to copy.

  • :source_region (required, String)

    The name of the Region that contains the AMI to copy.

  • :destination_outpost_arn (String)

    The Amazon Resource Name (ARN) of the Outpost to which to copy the AMI. Only specify this parameter when copying an AMI from an Amazon Web Services Region to an Outpost. The AMI must be in the Region of the destination Outpost. You cannot copy an AMI from an Outpost to a Region, from one Outpost to another, or within the same Outpost.

    For more information, see [ Copy AMIs from an Amazon Web Services Region to an Outpost] in the *Amazon EC2 User Guide*.

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#copy-amis

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

  • :copy_image_tags (Boolean)

    Indicates whether to include your user-defined AMI tags when copying the AMI.

    The following tags will not be copied:

    • System tags (prefixed with ‘aws:`)

    • For public and shared AMIs, user-defined tags that are attached by other Amazon Web Services accounts

    Default: Your user-defined AMI tags are not copied.

Returns:

See Also:



4600
4601
4602
4603
# File 'lib/aws-sdk-ec2/client.rb', line 4600

def copy_image(params = {}, options = {})
  req = build_request(:copy_image, params)
  req.send_request(options)
end

#copy_snapshot(params = {}) ⇒ Types::CopySnapshotResult

Copies a point-in-time snapshot of an EBS volume and stores it in Amazon S3. You can copy a snapshot within the same Region, from one Region to another, or from a Region to an Outpost. You can’t copy a snapshot from an Outpost to a Region, from one Outpost to another, or within the same Outpost.

You can use the snapshot to create EBS volumes or Amazon Machine Images (AMIs).

When copying snapshots to a Region, copies of encrypted EBS snapshots remain encrypted. Copies of unencrypted snapshots remain unencrypted, unless you enable encryption for the snapshot copy operation. By default, encrypted snapshot copies use the default Key Management Service (KMS) KMS key; however, you can specify a different KMS key. To copy an encrypted snapshot that has been shared from another account, you must have permissions for the KMS key used to encrypt the snapshot.

Snapshots copied to an Outpost are encrypted by default using the default encryption key for the Region, or a different key that you specify in the request using KmsKeyId. Outposts do not support unencrypted snapshots. For more information, [ Amazon EBS local snapshots on Outposts] in the *Amazon Elastic Compute Cloud User Guide*.

Snapshots created by copying another snapshot have an arbitrary volume ID that should not be used for any purpose.

For more information, see [Copy an Amazon EBS snapshot] in the *Amazon Elastic Compute Cloud User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami [2]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html

Examples:

Example: To copy a snapshot


# This example copies a snapshot with the snapshot ID of ``snap-066877671789bd71b`` from the ``us-west-2`` region to the
# ``us-east-1`` region and adds a short description to identify the snapshot.

resp = client.copy_snapshot({
  description: "This is my copied snapshot.", 
  destination_region: "us-east-1", 
  source_region: "us-west-2", 
  source_snapshot_id: "snap-066877671789bd71b", 
})

resp.to_h outputs the following:
{
  snapshot_id: "snap-066877671789bd71b", 
}

Copy snapshot example

source_snapshot_id = 'snapshot-id'
source_region = 'us-east-1'
target_region = 'us-west-2'

# You must configure your EC2 client for the destination region to copy
ec2 = Aws::EC2::Client(region: target_region)

resp = ec2.copy_snapshot({
    source_region: source_region,
    source_snapshot_id: source_snapshot_id,
})

snapshot_id = resp.snapshot_id

ec2.wait_until(:snapshot_completed, snapshot_ids: [snapshot_id])

Copy an encrypted snapshot

# same as above, expect you must pass `encrypted: true`
resp = ec2.copy_snapshot({
    source_region: source_region,
    source_snapshot_id: source_snapshot_id,
    encrypted: true, # required for encrypted snapshots
})

Request syntax with placeholder values


resp = client.copy_snapshot({
  description: "String",
  destination_outpost_arn: "String",
  destination_region: "String",
  encrypted: false,
  kms_key_id: "KmsKeyId",
  presigned_url: "CopySnapshotRequestPSU",
  source_region: "String", # required
  source_snapshot_id: "String", # required
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
  dry_run: false,
})

Response structure


resp.snapshot_id #=> String
resp.tags #=> Array
resp.tags[0].key #=> String
resp.tags[0].value #=> String

Parameters:

  • params (Hash) (defaults to: {})

    ({})

Options Hash (params):

  • :description (String)

    A description for the EBS snapshot.

  • :destination_outpost_arn (String)

    The Amazon Resource Name (ARN) of the Outpost to which to copy the snapshot. Only specify this parameter when copying a snapshot from an Amazon Web Services Region to an Outpost. The snapshot must be in the Region for the destination Outpost. You cannot copy a snapshot from an Outpost to a Region, from one Outpost to another, or within the same Outpost.

    For more information, see [ Copy snapshots from an Amazon Web Services Region to an Outpost] in the *Amazon Elastic Compute Cloud User Guide*.

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#copy-snapshots

  • :destination_region (String)

    The destination Region to use in the ‘PresignedUrl` parameter of a snapshot copy operation. This parameter is only valid for specifying the destination Region in a `PresignedUrl` parameter, where it is required.

    The snapshot copy is sent to the regional endpoint that you sent the HTTP request to (for example, ‘ec2.us-east-1.amazonaws.com`). With the CLI, this is specified using the `–region` parameter or the default Region in your Amazon Web Services configuration file.

  • :encrypted (Boolean)

    To encrypt a copy of an unencrypted snapshot if encryption by default is not enabled, enable encryption using this parameter. Otherwise, omit this parameter. Encrypted snapshots are encrypted, even if you omit this parameter and encryption by default is not enabled. You cannot set this parameter to false. For more information, see [Amazon EBS encryption] in the *Amazon Elastic Compute Cloud User Guide*.

    [1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html

  • :kms_key_id (String)

    The identifier of the Key Management Service (KMS) KMS key to use for Amazon EBS encryption. If this parameter is not specified, your KMS key for Amazon EBS is used. If ‘KmsKeyId` is specified, the encrypted state must be `true`.

    You can specify the KMS key using any of the following:

    • Key ID. For example, 1234abcd-12ab-34cd-56ef-1234567890ab.

    • Key alias. For example, alias/ExampleAlias.

    • Key ARN. For example, arn:aws:kms:us-east-1:012345678910:key/1234abcd-12ab-34cd-56ef-1234567890ab.

    • Alias ARN. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias.

    Amazon Web Services authenticates the KMS key asynchronously. Therefore, if you specify an ID, alias, or ARN that is not valid, the action can appear to complete, but eventually fails.

  • :presigned_url (String)

    When you copy an encrypted source snapshot using the Amazon EC2 Query API, you must supply a pre-signed URL. This parameter is optional for unencrypted snapshots. For more information, see [Query requests].

    The ‘PresignedUrl` should use the snapshot source endpoint, the `CopySnapshot` action, and include the `SourceRegion`, `SourceSnapshotId`, and `DestinationRegion` parameters. The `PresignedUrl` must be signed using Amazon Web Services Signature Version 4. Because EBS snapshots are stored in Amazon S3, the signing algorithm for this parameter uses the same logic that is described in [Authenticating Requests: Using Query Parameters (Amazon Web Services Signature Version 4)] in the *Amazon Simple Storage Service API Reference*. An invalid or improperly signed `PresignedUrl` will cause the copy operation to fail asynchronously, and the snapshot will move to an `error` state.

    [1]: docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html [2]: docs.aws.amazon.com/AmazonS3/latest/API/sigv4-query-string-auth.html

  • :source_region (required, String)

    The ID of the Region that contains the snapshot to be copied.

  • :source_snapshot_id (required, String)

    The ID of the EBS snapshot to copy.

  • :tag_specifications (Array<Types::TagSpecification>)

    The tags to apply to the new snapshot.

  • :dry_run (Boolean)

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ‘DryRunOperation`. Otherwise, it is `UnauthorizedOperation`.

Returns:

See Also:



4826
4827
4828
4829
# File 'lib/aws-sdk-ec2/client.rb', line 4826

def copy_snapshot(params = {}, options = {})
  req = build_request(:copy_snapshot, params)
  req.send_request(options)
end

#create_capacity_reservation(params = {}) ⇒ Types::CreateCapacityReservationResult

Creates a new Capacity Reservation with the specified attributes.

Capacity Reservations enable you to reserve capacity for your Amazon EC2 instances in a specific Availability Zone for any duration. This gives you the flexibility to selectively add capacity reservations and still get the Regional RI discounts for that usage. By creating Capacity Reservations, you ensure that you always have access to Amazon EC2 capacity when you need it, for as long as you need it. For more information, see [Capacity Reservations] in the *Amazon EC2 User Guide*.

Your request to create a Capacity Reservation could fail if Amazon EC2 does not have sufficient capacity to fulfill the request. If your request fails due to Amazon EC2 capacity constraints, either try again at a later time, try in a different Availability Zone, or request a smaller capacity reservation. If your application is flexible across instance types and sizes, try to create a Capacity Reservation with different instance attributes.

Your request could also fail if the requested quantity exceeds your On-Demand Instance limit for the selected instance type. If your request fails due to limit constraints, increase your On-Demand Instance limit for the required instance type and try again. For more information about increasing your instance limits, see [Amazon EC2 Service Quotas] in the *Amazon EC2 User Guide*.

[1]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-capacity-reservations.html [2]: docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html

Examples:

Request syntax with placeholder values


resp = client.create_capacity_reservation({
  client_token: "String",
  instance_type: "String", # required
  instance_platform: "Linux/UNIX", # required, accepts Linux/UNIX, Red Hat Enterprise Linux, SUSE Linux, Windows, Windows with SQL Server, Windows with SQL Server Enterprise, Windows with SQL Server Standard, Windows with SQL Server Web, Linux with SQL Server Standard, Linux with SQL Server Web, Linux with SQL Server Enterprise, RHEL with SQL Server Standard, RHEL with SQL Server Enterprise, RHEL with SQL Server Web, RHEL with HA, RHEL with HA and SQL Server Standard, RHEL with HA and SQL Server Enterprise, Ubuntu Pro
  availability_zone: "AvailabilityZoneName",
  availability_zone_id: "AvailabilityZoneId",
  tenancy: "default", # accepts default, dedicated
  instance_count: 1, # required
  ebs_optimized: false,
  ephemeral_storage: false,
  end_date: Time.now,
  end_date_type: "unlimited", # accepts unlimited, limited
  instance_match_criteria: "open", # accepts open, targeted
  tag_specifications: [
    {
      resource_type: "capacity-reservation", # accepts capacity-reservation, client-vpn-endpoint, customer-gateway, carrier-gateway, coip-pool, dedicated-host, dhcp-options, egress-only-internet-gateway, elastic-ip, elastic-gpu, export-image-task, export-instance-task, fleet, fpga-image, host-reservation, image, import-image-task, import-snapshot-task, instance, instance-event-window, internet-gateway, ipam, ipam-pool, ipam-scope, ipv4pool-ec2, ipv6pool-ec2, key-pair, launch-template, local-gateway, local-gateway-route-table, local-gateway-virtual-interface, local-gateway-virtual-interface-group, local-gateway-route-table-vpc-association, local-gateway-route-table-virtual-interface-group-association, natgateway, network-acl, network-interface, network-insights-analysis, network-insights-path, network-insights-access-scope, network-insights-access-scope-analysis, placement-group, prefix-list, replace-root-volume-task, reserved-instances, route-table, security-group, security-group-rule, snapshot, spot-fleet-request, spot-instances-request, subnet, subnet-cidr-reservation, traffic-mirror-filter, traffic-mirror-session, traffic-mirror-target, transit-gateway, transit-gateway-attachment, transit-gateway-connect-peer, transit-gateway-multicast-domain, transit-gateway-policy-table, transit-gateway-route-table, transit-gateway-route-table-announcement, volume, vpc, vpc-endpoint, vpc-endpoint-connection, vpc-endpoint-service, vpc-endpoint-service-permission, vpc-peering-connection, vpn-connection, vpn-gateway, vpc-flow-log, capacity-reservation-fleet, traffic-mirror-filter-rule, vpc-endpoint-connection-device-type, verified-access-instance, verified-access-group, verified-access-endpoint, verified-access-policy, verified-access-trust-provider, vpn-connection-device-type, vpc-block-public-access-exclusion, ipam-resource-discovery, ipam-resource-discovery-association, instance-connect-endpoint
      tags: [
        {
          key: "String",
          value: "String",
        },
      ],
    },
  ],
  dry_run: false,
  outpost_arn: "OutpostArn",
  placement_group_arn: "PlacementGroupArn",
})

Response structure


resp.capacity_reservation.capacity_reservation_id #=> String
resp.capacity_reservation.owner_id #=> String
resp.capacity_reservation.capacity_reservation_arn #=> String
resp.capacity_reservation.availability_zone_id #=> String
resp.capacity_reservation.instance_type #=> String
resp.capacity_reservation.instance_platform #=> String, one of "Linux/UNIX", "Red Hat Enterprise Linux", "SUSE Linux", "Windows", "Windows with SQL Server", "Windows with SQL Server Enterprise", "Windows with SQL Server Standard", "Windows with SQL Server Web", "Linux with SQL Server Standard", "Linux with SQL Server Web", "Linux with SQL Server Enterprise", "RHEL with SQL Server Standard", "RHEL with SQL Server Enterprise", "RHEL with SQL Server Web", "RHEL with HA", "RHEL with HA and SQL Server Standard", "RHEL with HA and SQL Server Enterprise", "Ubuntu Pro"
resp.capacity_reservation.availability_zone #=> String
resp.capacity_reservation.tenancy #=> String, one of "default", "dedicated"
resp.capacity_reservation.total_instance_count #=> Integer
resp.capacity_reservation.available_instance_count #=> Integer
resp.capacity_reservation.ebs_optimized #=> Boolean
resp.capacity_reservation.ephemeral_storage #=> Boolean
resp.capacity_reservation.state #=> String, one of "active", "expired", "cancelled", "pending", "failed", "scheduled", "payment-pending", "payment-failed"
resp.capacity_reservation.start_date #=> Time
resp.capacity_reservation.end_date #=> Time
resp.capacity_reservation.end_date_type #=> String, one of "unlimited", "limited"
resp.capacity_reservation.instance_match_criteria #=> String, one of "open", "targeted"
resp.capacity_reservation.create_date #=> Time
resp.capacity_reservation.tags #=> Array
resp.capacity_reservation.tags[0].key #=> String
resp.capacity_reservation.tags[0].value #=> String
resp.capacity_reservation.outpost_arn #=> String
resp.