EC2 / Client / create_ipam_policy

create_ipam_policy

EC2.Client.create_ipam_policy(**kwargs)

Creates an IPAM policy.

An IPAM policy is a set of rules that define how public IPv4 addresses from IPAM pools are allocated to Amazon Web Services resources. Each rule maps an Amazon Web Services service to IPAM pools that the service will use to get IP addresses. A single policy can have multiple rules and be applied to multiple Amazon Web Services Regions. If the IPAM pool run out of addresses then the services fallback to Amazon-provided IP addresses. A policy can be applied to an individual Amazon Web Services account or an entity within Amazon Web Services Organizations.

For more information, see Define public IPv4 allocation strategy with IPAM policies in the Amazon VPC IPAM User Guide.

See also: AWS API Documentation

Request Syntax

response = client.create_ipam_policy(
    DryRun=True|False,
    TagSpecifications=[
        {
            'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'declarative-policies-report'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'image-usage-report'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'outpost-lag'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'service-link-virtual-interface'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-metering-policy'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'vpc-encryption-control'|'route-server'|'route-server-endpoint'|'route-server-peer'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint'|'verified-access-endpoint-target'|'ipam-external-resource-verification-token'|'capacity-block'|'mac-modification-task'|'ipam-prefix-list-resolver'|'ipam-policy'|'ipam-prefix-list-resolver-target'|'capacity-manager-data-export'|'vpn-concentrator',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ],
    ClientToken='string',
    IpamId='string'
)
Parameters:

  • DryRun (boolean) – A check for whether you have the required permissions for the action without actually making the request and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

  • TagSpecifications (list) –

    The tags to assign to the IPAM policy.

    • (dict) –

      The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.

      Note

      The Valid Values lists all the resource types that can be tagged. However, the action you’re using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you’re using, you’ll get an error.

      • ResourceType (string) –

        The type of resource to tag on creation.

      • Tags (list) –

        The tags to apply to the resource.

        • (dict) –

          Describes a tag.

          • Key (string) –

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:.

          • Value (string) –

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

  • ClientToken (string) –

    A unique, case-sensitive identifier to ensure the idempotency of the request.

    This field is autopopulated if not provided.

  • IpamId (string) –

    [REQUIRED]

    The ID of the IPAM for which you’re creating the policy.

Return type:

dict

Returns:

Response Syntax

{
    'IpamPolicy': {
        'OwnerId': 'string',
        'IpamPolicyId': 'string',
        'IpamPolicyArn': 'string',
        'IpamPolicyRegion': 'string',
        'State': 'create-in-progress'|'create-complete'|'create-failed'|'modify-in-progress'|'modify-complete'|'modify-failed'|'delete-in-progress'|'delete-complete'|'delete-failed'|'isolate-in-progress'|'isolate-complete'|'restore-in-progress',
        'StateMessage': 'string',
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ],
        'IpamId': 'string'
    }
}

Response Structure

  • (dict) –

    • IpamPolicy (dict) –

      Information about the created IPAM policy.

      An IPAM policy is a set of rules that define how public IPv4 addresses from IPAM pools are allocated to Amazon Web Services resources. Each rule maps an Amazon Web Services service to IPAM pools that the service will use to get IP addresses. A single policy can have multiple rules and be applied to multiple Amazon Web Services Regions. If the IPAM pool run out of addresses then the services fallback to Amazon-provided IP addresses. A policy can be applied to an individual Amazon Web Services account or an entity within Amazon Web Services Organizations.

      • OwnerId (string) –

        The account ID that owns the IPAM policy.

      • IpamPolicyId (string) –

        The ID of the IPAM policy.

      • IpamPolicyArn (string) –

        The Amazon Resource Name (ARN) of the IPAM policy.

      • IpamPolicyRegion (string) –

        The Region of the IPAM policy.

      • State (string) –

        The state of the IPAM policy.

      • StateMessage (string) –

        A message about the state of the IPAM policy.

      • Tags (list) –

        The tags assigned to the IPAM policy.

        • (dict) –

          Describes a tag.

          • Key (string) –

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:.

          • Value (string) –

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

      • IpamId (string) –

        The ID of the IPAM this policy belongs to.