finspace / Client / update_kx_environment_network
update_kx_environment_network#
- finspace.Client.update_kx_environment_network(**kwargs)#
Updates environment network to connect to your internal network by using a transit gateway. This API supports request to create a transit gateway attachment from FinSpace VPC to your transit gateway ID and create a custom Route-53 outbound resolvers.
Once you send a request to update a network, you cannot change it again. Network update might require termination of any clusters that are running in the existing network.
See also: AWS API Documentation
Request Syntax
response = client.update_kx_environment_network( environmentId='string', transitGatewayConfiguration={ 'transitGatewayID': 'string', 'routableCIDRSpace': 'string', 'attachmentNetworkAclConfiguration': [ { 'ruleNumber': 123, 'protocol': 'string', 'ruleAction': 'allow'|'deny', 'portRange': { 'from': 123, 'to': 123 }, 'icmpTypeCode': { 'type': 123, 'code': 123 }, 'cidrBlock': 'string' }, ] }, customDNSConfiguration=[ { 'customDNSServerName': 'string', 'customDNSServerIP': 'string' }, ], clientToken='string' )
- Parameters:
environmentId (string) –
[REQUIRED]
A unique identifier for the kdb environment.
transitGatewayConfiguration (dict) –
Specifies the transit gateway and network configuration to connect the kdb environment to an internal network.
transitGatewayID (string) – [REQUIRED]
The identifier of the transit gateway created by the customer to connect outbound traffics from kdb network to your internal network.
routableCIDRSpace (string) – [REQUIRED]
The routing CIDR on behalf of kdb environment. It could be any “/26 range in the 100.64.0.0 CIDR space. After providing, it will be added to the customer’s transit gateway routing table so that the traffics could be routed to kdb network.
attachmentNetworkAclConfiguration (list) –
The rules that define how you manage the outbound traffic from kdb network to your internal network.
(dict) –
The network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. The entry is a set of numbered ingress and egress rules that determine whether a packet should be allowed in or out of a subnet associated with the ACL. We process the entries in the ACL according to the rule numbers, in ascending order.
ruleNumber (integer) – [REQUIRED]
The rule number for the entry. For example 100. All the network ACL entries are processed in ascending order by rule number.
protocol (string) – [REQUIRED]
The protocol number. A value of -1 means all the protocols.
ruleAction (string) – [REQUIRED]
Indicates whether to allow or deny the traffic that matches the rule.
portRange (dict) –
The range of ports the rule applies to.
from (integer) – [REQUIRED]
The first port in the range.
to (integer) – [REQUIRED]
The last port in the range.
icmpTypeCode (dict) –
Defines the ICMP protocol that consists of the ICMP type and code.
type (integer) – [REQUIRED]
The ICMP type. A value of -1 means all types.
code (integer) – [REQUIRED]
The ICMP code. A value of -1 means all codes for the specified ICMP type.
cidrBlock (string) – [REQUIRED]
The IPv4 network range to allow or deny, in CIDR notation. For example,
172.16.0.0/24. We modify the specified CIDR block to its canonical form. For example, if you specify100.68.0.18/18, we modify it to100.68.0.0/18.
customDNSConfiguration (list) –
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
(dict) –
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
customDNSServerName (string) – [REQUIRED]
The name of the DNS server.
customDNSServerIP (string) – [REQUIRED]
The IP address of the DNS server.
clientToken (string) – A token that ensures idempotency. This token expires in 10 minutes.
- Return type:
dict
- Returns:
Response Syntax
{ 'name': 'string', 'environmentId': 'string', 'awsAccountId': 'string', 'status': 'CREATE_REQUESTED'|'CREATING'|'CREATED'|'DELETE_REQUESTED'|'DELETING'|'DELETED'|'FAILED_CREATION'|'RETRY_DELETION'|'FAILED_DELETION'|'UPDATE_NETWORK_REQUESTED'|'UPDATING_NETWORK'|'FAILED_UPDATING_NETWORK'|'SUSPENDED', 'tgwStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED', 'dnsStatus': 'NONE'|'UPDATE_REQUESTED'|'UPDATING'|'FAILED_UPDATE'|'SUCCESSFULLY_UPDATED', 'errorMessage': 'string', 'description': 'string', 'environmentArn': 'string', 'kmsKeyId': 'string', 'dedicatedServiceAccountId': 'string', 'transitGatewayConfiguration': { 'transitGatewayID': 'string', 'routableCIDRSpace': 'string', 'attachmentNetworkAclConfiguration': [ { 'ruleNumber': 123, 'protocol': 'string', 'ruleAction': 'allow'|'deny', 'portRange': { 'from': 123, 'to': 123 }, 'icmpTypeCode': { 'type': 123, 'code': 123 }, 'cidrBlock': 'string' }, ] }, 'customDNSConfiguration': [ { 'customDNSServerName': 'string', 'customDNSServerIP': 'string' }, ], 'creationTimestamp': datetime(2015, 1, 1), 'updateTimestamp': datetime(2015, 1, 1), 'availabilityZoneIds': [ 'string', ] }
Response Structure
(dict) –
name (string) –
The name of the kdb environment.
environmentId (string) –
A unique identifier for the kdb environment.
awsAccountId (string) –
The unique identifier of the AWS account that is used to create the kdb environment.
status (string) –
The status of the kdb environment.
tgwStatus (string) –
The status of the network configuration.
dnsStatus (string) –
The status of DNS configuration.
errorMessage (string) –
Specifies the error message that appears if a flow fails.
description (string) –
The description of the environment.
environmentArn (string) –
The ARN identifier of the environment.
kmsKeyId (string) –
The KMS key ID to encrypt your data in the FinSpace environment.
dedicatedServiceAccountId (string) –
A unique identifier for the AWS environment infrastructure account.
transitGatewayConfiguration (dict) –
The structure of the transit gateway and network configuration that is used to connect the kdb environment to an internal network.
transitGatewayID (string) –
The identifier of the transit gateway created by the customer to connect outbound traffics from kdb network to your internal network.
routableCIDRSpace (string) –
The routing CIDR on behalf of kdb environment. It could be any “/26 range in the 100.64.0.0 CIDR space. After providing, it will be added to the customer’s transit gateway routing table so that the traffics could be routed to kdb network.
attachmentNetworkAclConfiguration (list) –
The rules that define how you manage the outbound traffic from kdb network to your internal network.
(dict) –
The network access control list (ACL) is an optional layer of security for your VPC that acts as a firewall for controlling traffic in and out of one or more subnets. The entry is a set of numbered ingress and egress rules that determine whether a packet should be allowed in or out of a subnet associated with the ACL. We process the entries in the ACL according to the rule numbers, in ascending order.
ruleNumber (integer) –
The rule number for the entry. For example 100. All the network ACL entries are processed in ascending order by rule number.
protocol (string) –
The protocol number. A value of -1 means all the protocols.
ruleAction (string) –
Indicates whether to allow or deny the traffic that matches the rule.
portRange (dict) –
The range of ports the rule applies to.
from (integer) –
The first port in the range.
to (integer) –
The last port in the range.
icmpTypeCode (dict) –
Defines the ICMP protocol that consists of the ICMP type and code.
type (integer) –
The ICMP type. A value of -1 means all types.
code (integer) –
The ICMP code. A value of -1 means all codes for the specified ICMP type.
cidrBlock (string) –
The IPv4 network range to allow or deny, in CIDR notation. For example,
172.16.0.0/24. We modify the specified CIDR block to its canonical form. For example, if you specify100.68.0.18/18, we modify it to100.68.0.0/18.
customDNSConfiguration (list) –
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
(dict) –
A list of DNS server name and server IP. This is used to set up Route-53 outbound resolvers.
customDNSServerName (string) –
The name of the DNS server.
customDNSServerIP (string) –
The IP address of the DNS server.
creationTimestamp (datetime) –
The timestamp at which the kdb environment was created in FinSpace.
updateTimestamp (datetime) –
The timestamp at which the kdb environment was updated.
availabilityZoneIds (list) –
The identifier of the availability zones where subnets for the environment are created.
(string) –
Exceptions
finspace.Client.exceptions.ResourceNotFoundExceptionfinspace.Client.exceptions.InternalServerExceptionfinspace.Client.exceptions.AccessDeniedExceptionfinspace.Client.exceptions.ThrottlingExceptionfinspace.Client.exceptions.ValidationExceptionfinspace.Client.exceptions.ConflictException