View Source aws_vpc_lattice (aws v1.0.4)
Amazon VPC Lattice is a fully managed application networking service that you use to connect, secure, and monitor all of your services across multiple accounts and virtual private clouds (VPCs).
Amazon VPC Lattice interconnects your microservices and legacy services within a logical boundary, so that you can discover and manage them more efficiently. For more information, see the Amazon VPC Lattice User Guide: https://docs.aws.amazon.com/vpc-lattice/latest/ug/Summary
Functions
Updates the listener rules in a batch.
Enables access logs to be sent to Amazon CloudWatch, Amazon S3, and Amazon Kinesis Data Firehose.
Creates a listener for a service.
Creates a listener rule.
Creates a service.
Creates a service network.
Associates a service with a service network.
Associates a VPC with a service network.
Creates a target group.
Deletes the specified auth policy.
Deletes a listener rule.
Deletes a service.
Deletes a service network.
Deletes the association between a specified service and the specific service network.
Disassociates the VPC from the service network.
Deletes a target group.
Retrieves information about the resource policy.
Retrieves information about listener rules.
Lists the associations between the service network and the service.
Lists the service network and VPC associations.
Lists the service networks owned by the caller account or shared with the caller account.
Lists your target groups.
Lists the targets for the target group.
Attaches a resource-based permission policy to a service or service network.
Registers the targets with the target group.
Updates a rule for the listener.
Updates the service network and VPC association.
Functions
batch_update_rule(Client, ListenerIdentifier, ServiceIdentifier, Input)
View SourceUpdates the listener rules in a batch.
You can use this operation to change the priority of listener rules. This can be useful when bulk updating or swapping rule priority.batch_update_rule(Client, ListenerIdentifier, ServiceIdentifier, Input0, Options0)
View SourceEnables access logs to be sent to Amazon CloudWatch, Amazon S3, and Amazon Kinesis Data Firehose.
The service network owner can use the access logs to audit the services in the network. The service network owner will only see access logs from clients and services that are associated with their service network. Access log entries represent traffic originated from VPCs associated with that network. For more information, see Access logs: https://docs.aws.amazon.com/vpc-lattice/latest/ug/monitoring-access-logs.html in the Amazon VPC Lattice User Guide.Creates a listener for a service.
Before you start using your Amazon VPC Lattice service, you must add one or more listeners. A listener is a process that checks for connection requests to your services. For more information, see Listeners: https://docs.aws.amazon.com/vpc-lattice/latest/ug/listeners.html in the Amazon VPC Lattice User Guide.Creates a listener rule.
Each listener has a default rule for checking connection requests, but you can define additional rules. Each rule consists of a priority, one or more actions, and one or more conditions. For more information, see Listener rules: https://docs.aws.amazon.com/vpc-lattice/latest/ug/listeners.html#listener-rules in the Amazon VPC Lattice User Guide.create_rule(Client, ListenerIdentifier, ServiceIdentifier, Input0, Options0)
View SourceCreates a service.
A service is any software application that can run on instances containers, or serverless functions within an account or virtual private cloud (VPC).
For more information, see Services: https://docs.aws.amazon.com/vpc-lattice/latest/ug/services.html in the Amazon VPC Lattice User Guide.Creates a service network.
A service network is a logical boundary for a collection of services. You can associate services and VPCs with a service network.
For more information, see Service networks: https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-networks.html in the Amazon VPC Lattice User Guide.Associates a service with a service network.
You can't use this operation if the service and service network are already associated or if there is a disassociation or deletion in progress. If the association fails, you can retry the operation by deleting the association and recreating it.
You cannot associate a service and service network that are shared with a caller. The caller must own either the service or the service network.
As a result of this operation, the association is created in the service network account and the association owner account.create_service_network_service_association(Client, Input0, Options0)
View SourceAssociates a VPC with a service network.
When you associate a VPC with the service network, it enables all the resources within that VPC to be clients and communicate with other services in the service network. For more information, see Manage VPC associations: https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-network-associations.html#service-network-vpc-associations in the Amazon VPC Lattice User Guide.
You can't use this operation if there is a disassociation in progress. If the association fails, retry by deleting the association and recreating it.
As a result of this operation, the association gets created in the service network account and the VPC owner account.
Once a security group is added to the VPC association it cannot be removed. You can add or update the security groups being used for the VPC association once a security group is attached. To remove all security groups you must reassociate the VPC.Creates a target group.
A target group is a collection of targets, or compute resources, that run your application or service. A target group can only be used by a single service.
For more information, see Target groups: https://docs.aws.amazon.com/vpc-lattice/latest/ug/target-groups.html in the Amazon VPC Lattice User Guide.delete_access_log_subscription(Client, AccessLogSubscriptionIdentifier, Input)
View Sourcedelete_access_log_subscription(Client, AccessLogSubscriptionIdentifier, Input0, Options0)
View SourceDeletes the specified auth policy.
If an auth is set toAmazon Web Services_IAM and the auth policy is deleted, all requests will be denied by default. If you are trying to remove the auth policy completely, you must set the auth_type to NONE. If auth is enabled on the resource, but no auth policy is set, all requests will be denied.
delete_listener(Client, ListenerIdentifier, ServiceIdentifier, Input)
View Sourcedelete_listener(Client, ListenerIdentifier, ServiceIdentifier, Input0, Options0)
View Sourcedelete_rule(Client, ListenerIdentifier, RuleIdentifier, ServiceIdentifier, Input)
View SourceDeletes a listener rule.
Each listener has a default rule for checking connection requests, but you can define additional rules. Each rule consists of a priority, one or more actions, and one or more conditions. You can delete additional listener rules, but you cannot delete the default rule.
For more information, see Listener rules: https://docs.aws.amazon.com/vpc-lattice/latest/ug/listeners.html#listener-rules in the Amazon VPC Lattice User Guide.delete_rule(Client, ListenerIdentifier, RuleIdentifier, ServiceIdentifier, Input0, Options0)
View SourceDeletes a service.
A service can't be deleted if it's associated with a service network. If you delete a service, all resources related to the service, such as the resource policy, auth policy, listeners, listener rules, and access log subscriptions, are also deleted. For more information, see Delete a service: https://docs.aws.amazon.com/vpc-lattice/latest/ug/services.html#delete-service in the Amazon VPC Lattice User Guide.Deletes a service network.
You can only delete the service network if there is no service or VPC associated with it. If you delete a service network, all resources related to the service network, such as the resource policy, auth policy, and access log subscriptions, are also deleted. For more information, see Delete a service network: https://docs.aws.amazon.com/vpc-lattice/latest/ug/service-networks.html#delete-service-network in the Amazon VPC Lattice User Guide.delete_service_network(Client, ServiceNetworkIdentifier, Input0, Options0)
View Sourcedelete_service_network_service_association(Client, ServiceNetworkServiceAssociationIdentifier, Input)
View SourceDeletes the association between a specified service and the specific service network.
This request will fail if an association is still in progress.delete_service_network_service_association(Client, ServiceNetworkServiceAssociationIdentifier, Input0, Options0)
View Sourcedelete_service_network_vpc_association(Client, ServiceNetworkVpcAssociationIdentifier, Input)
View SourceDisassociates the VPC from the service network.
You can't disassociate the VPC if there is a create or update association in progress.delete_service_network_vpc_association(Client, ServiceNetworkVpcAssociationIdentifier, Input0, Options0)
View SourceDeletes a target group.
You can't delete a target group if it is used in a listener rule or if the target group creation is in progress.delete_target_group(Client, TargetGroupIdentifier, Input0, Options0)
View Sourcederegister_targets(Client, TargetGroupIdentifier, Input0, Options0)
View Sourceget_access_log_subscription(Client, AccessLogSubscriptionIdentifier)
View Sourceget_access_log_subscription(Client, AccessLogSubscriptionIdentifier, QueryMap, HeadersMap)
View Sourceget_access_log_subscription(Client, AccessLogSubscriptionIdentifier, QueryMap, HeadersMap, Options0)
View Sourceget_auth_policy(Client, ResourceIdentifier, QueryMap, HeadersMap, Options0)
View Sourceget_listener(Client, ListenerIdentifier, ServiceIdentifier, QueryMap, HeadersMap)
View Sourceget_listener(Client, ListenerIdentifier, ServiceIdentifier, QueryMap, HeadersMap, Options0)
View SourceRetrieves information about the resource policy.
The resource policy is an IAM policy created by AWS RAM on behalf of the resource owner when they share a resource.get_resource_policy(Client, ResourceArn, QueryMap, HeadersMap, Options0)
View Sourceget_rule(Client, ListenerIdentifier, RuleIdentifier, ServiceIdentifier)
View SourceRetrieves information about listener rules.
You can also retrieve information about the default listener rule. For more information, see Listener rules: https://docs.aws.amazon.com/vpc-lattice/latest/ug/listeners.html#listener-rules in the Amazon VPC Lattice User Guide.get_rule(Client, ListenerIdentifier, RuleIdentifier, ServiceIdentifier, QueryMap, HeadersMap)
View Sourceget_rule(Client, ListenerIdentifier, RuleIdentifier, ServiceIdentifier, QueryMap, HeadersMap, Options0)
View Sourceget_service(Client, ServiceIdentifier, QueryMap, HeadersMap, Options0)
View Sourceget_service_network(Client, ServiceNetworkIdentifier, QueryMap, HeadersMap)
View Sourceget_service_network(Client, ServiceNetworkIdentifier, QueryMap, HeadersMap, Options0)
View Sourceget_service_network_service_association(Client, ServiceNetworkServiceAssociationIdentifier)
View Sourceget_service_network_service_association(Client, ServiceNetworkServiceAssociationIdentifier, QueryMap, HeadersMap)
View Sourceget_service_network_service_association(Client, ServiceNetworkServiceAssociationIdentifier, QueryMap, HeadersMap, Options0)
View Sourceget_service_network_vpc_association(Client, ServiceNetworkVpcAssociationIdentifier)
View Sourceget_service_network_vpc_association(Client, ServiceNetworkVpcAssociationIdentifier, QueryMap, HeadersMap)
View Sourceget_service_network_vpc_association(Client, ServiceNetworkVpcAssociationIdentifier, QueryMap, HeadersMap, Options0)
View Sourceget_target_group(Client, TargetGroupIdentifier, QueryMap, HeadersMap)
View Sourceget_target_group(Client, TargetGroupIdentifier, QueryMap, HeadersMap, Options0)
View Sourcelist_access_log_subscriptions(Client, ResourceIdentifier, QueryMap, HeadersMap)
View Sourcelist_access_log_subscriptions(Client, ResourceIdentifier, QueryMap, HeadersMap, Options0)
View Sourcelist_listeners(Client, ServiceIdentifier, QueryMap, HeadersMap, Options0)
View Sourcelist_rules(Client, ListenerIdentifier, ServiceIdentifier, QueryMap, HeadersMap)
View Sourcelist_rules(Client, ListenerIdentifier, ServiceIdentifier, QueryMap, HeadersMap, Options0)
View SourceLists the associations between the service network and the service.
You can filter the list either by service or service network. You must provide either the service network identifier or the service identifier.
Every association in Amazon VPC Lattice is given a unique Amazon Resource Name (ARN), such as when a service network is associated with a VPC or when a service is associated with a service network. If the association is for a resource that is shared with another account, the association will include the local account ID as the prefix in the ARN for each account the resource is shared with.list_service_network_service_associations(Client, QueryMap, HeadersMap)
View Sourcelist_service_network_service_associations(Client, QueryMap, HeadersMap, Options0)
View SourceLists the service network and VPC associations.
You can filter the list either by VPC or service network. You must provide either the service network identifier or the VPC identifier.list_service_network_vpc_associations(Client, QueryMap, HeadersMap)
View Sourcelist_service_network_vpc_associations(Client, QueryMap, HeadersMap, Options0)
View SourceLists the service networks owned by the caller account or shared with the caller account.
Also includes the account ID in the ARN to show which account owns the service network.list_tags_for_resource(Client, ResourceArn, QueryMap, HeadersMap, Options0)
View SourceLists your target groups.
You can narrow your search by using the filters below in your request.Lists the targets for the target group.
By default, all targets are included. You can use this API to check the health status of targets. You can also filter the results by target.Attaches a resource-based permission policy to a service or service network.
The policy must contain the same actions and condition statements as the Amazon Web Services Resource Access Manager permission for sharing services and service networks.Registers the targets with the target group.
If it's a Lambda target, you can only have one target in a target group.update_access_log_subscription(Client, AccessLogSubscriptionIdentifier, Input)
View Sourceupdate_access_log_subscription(Client, AccessLogSubscriptionIdentifier, Input0, Options0)
View Sourceupdate_listener(Client, ListenerIdentifier, ServiceIdentifier, Input)
View Sourceupdate_listener(Client, ListenerIdentifier, ServiceIdentifier, Input0, Options0)
View Sourceupdate_rule(Client, ListenerIdentifier, RuleIdentifier, ServiceIdentifier, Input)
View SourceUpdates a rule for the listener.
You can't modify a default listener rule. To modify a default listener rule, useUpdateListener.
update_rule(Client, ListenerIdentifier, RuleIdentifier, ServiceIdentifier, Input0, Options0)
View Sourceupdate_service_network(Client, ServiceNetworkIdentifier, Input0, Options0)
View Sourceupdate_service_network_vpc_association(Client, ServiceNetworkVpcAssociationIdentifier, Input)
View SourceUpdates the service network and VPC association.
Once you add a security group, it cannot be removed.