EC2 / Client / create_vpc_peering_connection
create_vpc_peering_connection#
- EC2.Client.create_vpc_peering_connection(**kwargs)#
Requests a VPC peering connection between two VPCs: a requester VPC that you own and an accepter VPC with which to create the connection. The accepter VPC can belong to another Amazon Web Services account and can be in a different Region to the requester VPC. The requester VPC and accepter VPC cannot have overlapping CIDR blocks.
Note
Limitations and rules apply to a VPC peering connection. For more information, see the limitations section in the VPC Peering Guide.
The owner of the accepter VPC must accept the peering request to activate the peering connection. The VPC peering connection request expires after 7 days, after which it cannot be accepted or rejected.
If you create a VPC peering connection request between VPCs with overlapping CIDR blocks, the VPC peering connection has a status of
failed.See also: AWS API Documentation
Request Syntax
response = client.create_vpc_peering_connection( DryRun=True|False, PeerOwnerId='string', PeerVpcId='string', VpcId='string', PeerRegion='string', TagSpecifications=[ { 'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint', 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ] }, ] )
- Parameters:
DryRun (boolean) – Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is
DryRunOperation. Otherwise, it isUnauthorizedOperation.PeerOwnerId (string) –
The Amazon Web Services account ID of the owner of the accepter VPC.
Default: Your Amazon Web Services account ID
PeerVpcId (string) – The ID of the VPC with which you are creating the VPC peering connection. You must specify this parameter in the request.
VpcId (string) –
[REQUIRED]
The ID of the requester VPC. You must specify this parameter in the request.
PeerRegion (string) –
The Region code for the accepter VPC, if the accepter VPC is located in a Region other than the Region in which you make the request.
Default: The Region in which you make the request.
TagSpecifications (list) –
The tags to assign to the peering connection.
(dict) –
The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.
Note
The
Valid Valueslists all the resource types that can be tagged. However, the action you’re using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you’re using, you’ll get an error.ResourceType (string) –
The type of resource to tag on creation.
Tags (list) –
The tags to apply to the resource.
(dict) –
Describes a tag.
Key (string) –
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with
aws:.Value (string) –
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
- Return type:
dict
- Returns:
Response Syntax
{ 'VpcPeeringConnection': { 'AccepterVpcInfo': { 'CidrBlock': 'string', 'Ipv6CidrBlockSet': [ { 'Ipv6CidrBlock': 'string' }, ], 'CidrBlockSet': [ { 'CidrBlock': 'string' }, ], 'OwnerId': 'string', 'PeeringOptions': { 'AllowDnsResolutionFromRemoteVpc': True|False, 'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False, 'AllowEgressFromLocalVpcToRemoteClassicLink': True|False }, 'VpcId': 'string', 'Region': 'string' }, 'ExpirationTime': datetime(2015, 1, 1), 'RequesterVpcInfo': { 'CidrBlock': 'string', 'Ipv6CidrBlockSet': [ { 'Ipv6CidrBlock': 'string' }, ], 'CidrBlockSet': [ { 'CidrBlock': 'string' }, ], 'OwnerId': 'string', 'PeeringOptions': { 'AllowDnsResolutionFromRemoteVpc': True|False, 'AllowEgressFromLocalClassicLinkToRemoteVpc': True|False, 'AllowEgressFromLocalVpcToRemoteClassicLink': True|False }, 'VpcId': 'string', 'Region': 'string' }, 'Status': { 'Code': 'initiating-request'|'pending-acceptance'|'active'|'deleted'|'rejected'|'failed'|'expired'|'provisioning'|'deleting', 'Message': 'string' }, 'Tags': [ { 'Key': 'string', 'Value': 'string' }, ], 'VpcPeeringConnectionId': 'string' } }
Response Structure
(dict) –
VpcPeeringConnection (dict) –
Information about the VPC peering connection.
AccepterVpcInfo (dict) –
Information about the accepter VPC. CIDR block information is only returned when describing an active VPC peering connection.
CidrBlock (string) –
The IPv4 CIDR block for the VPC.
Ipv6CidrBlockSet (list) –
The IPv6 CIDR block for the VPC.
(dict) –
Describes an IPv6 CIDR block.
Ipv6CidrBlock (string) –
The IPv6 CIDR block.
CidrBlockSet (list) –
Information about the IPv4 CIDR blocks for the VPC.
(dict) –
Describes an IPv4 CIDR block.
CidrBlock (string) –
The IPv4 CIDR block.
OwnerId (string) –
The ID of the Amazon Web Services account that owns the VPC.
PeeringOptions (dict) –
Information about the VPC peering connection options for the accepter or requester VPC.
AllowDnsResolutionFromRemoteVpc (boolean) –
Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.
AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) –
Deprecated.
AllowEgressFromLocalVpcToRemoteClassicLink (boolean) –
Deprecated.
VpcId (string) –
The ID of the VPC.
Region (string) –
The Region in which the VPC is located.
ExpirationTime (datetime) –
The time that an unaccepted VPC peering connection will expire.
RequesterVpcInfo (dict) –
Information about the requester VPC. CIDR block information is only returned when describing an active VPC peering connection.
CidrBlock (string) –
The IPv4 CIDR block for the VPC.
Ipv6CidrBlockSet (list) –
The IPv6 CIDR block for the VPC.
(dict) –
Describes an IPv6 CIDR block.
Ipv6CidrBlock (string) –
The IPv6 CIDR block.
CidrBlockSet (list) –
Information about the IPv4 CIDR blocks for the VPC.
(dict) –
Describes an IPv4 CIDR block.
CidrBlock (string) –
The IPv4 CIDR block.
OwnerId (string) –
The ID of the Amazon Web Services account that owns the VPC.
PeeringOptions (dict) –
Information about the VPC peering connection options for the accepter or requester VPC.
AllowDnsResolutionFromRemoteVpc (boolean) –
Indicates whether a local VPC can resolve public DNS hostnames to private IP addresses when queried from instances in a peer VPC.
AllowEgressFromLocalClassicLinkToRemoteVpc (boolean) –
Deprecated.
AllowEgressFromLocalVpcToRemoteClassicLink (boolean) –
Deprecated.
VpcId (string) –
The ID of the VPC.
Region (string) –
The Region in which the VPC is located.
Status (dict) –
The status of the VPC peering connection.
Code (string) –
The status of the VPC peering connection.
Message (string) –
A message that provides more information about the status, if applicable.
Tags (list) –
Any tags assigned to the resource.
(dict) –
Describes a tag.
Key (string) –
The key of the tag.
Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with
aws:.Value (string) –
The value of the tag.
Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.
VpcPeeringConnectionId (string) –
The ID of the VPC peering connection.