def set_alarm_state(self,
alarm_name,
state_reason,
state_value,
state_reason_data=None):
"""
Temporarily sets the state of an alarm. When the updated StateValue
differs from the previous value, the action configured for the
appropriate state is invoked. This is not a permanent change. The next
periodic alarm check (in about a minute) will set the alarm to its
actual state.
:type alarm_name: string
:param alarm_name: Descriptive name for alarm.
:type state_reason: string
:param state_reason: Human readable reason.
:type state_value: string
:param state_value: OK | ALARM | INSUFFICIENT_DATA
:type state_reason_data: string
:param state_reason_data: Reason string (will be jsonified).
"""
params = {
'AlarmName': alarm_name,
'StateReason': state_reason,
'StateValue': state_value
}
if state_reason_data:
params['StateReasonData'] = json.dumps(state_reason_data)
return self.get_status('SetAlarmState', params)
def refresh_trusted_advisor_check(self, check_id):
"""
Requests a refresh of the Trusted Advisor check that has the
specified check ID. Check IDs can be obtained by calling
DescribeTrustedAdvisorChecks.
The response contains a RefreshTrustedAdvisorCheckResult
object, which contains these fields:
+ **Status.** The refresh status of the check: "none",
"enqueued", "processing", "success", or "abandoned".
+ **MillisUntilNextRefreshable.** The amount of time, in
milliseconds, until the check is eligible for refresh.
+ **CheckId.** The unique identifier for the check.
:type check_id: string
:param check_id: The unique identifier for the Trusted Advisor check.
"""
params = {
'checkId': check_id,
}
return self.make_request(action='RefreshTrustedAdvisorCheck',
body=json.dumps(params))
def delete_stream(self, stream_name):
"""
Deletes a stream and all its shards and data. You must shut
down any applications that are operating on the stream before
you delete the stream. If an application attempts to operate
on a deleted stream, it will receive the exception
`ResourceNotFoundException`.
If the stream is in the `ACTIVE` state, you can delete it.
After a `DeleteStream` request, the specified stream is in the
`DELETING` state until Amazon Kinesis completes the deletion.
**Note:** Amazon Kinesis might continue to accept data read
and write operations, such as PutRecord, PutRecords, and
GetRecords, on a stream in the `DELETING` state until the
stream deletion is complete.
When you delete a stream, any shards in that stream are also
deleted, and any tags are dissociated from the stream.
You can use the DescribeStream operation to check the state of
the stream, which is returned in `StreamStatus`.
`DeleteStream` has a limit of 5 transactions per second per
account.
:type stream_name: string
:param stream_name: The name of the stream to delete.
"""
params = {
'StreamName': stream_name,
}
return self.make_request(action='DeleteStream',
body=json.dumps(params))
def set_status(self, object_ids, status, pipeline_id):
"""
Requests that the status of an array of physical or logical
pipeline objects be updated in the pipeline. This update may
not occur immediately, but is eventually consistent. The
status that can be set depends on the type of object.
:type pipeline_id: string
:param pipeline_id: Identifies the pipeline that contains the objects.
:type object_ids: list
:param object_ids: Identifies an array of objects. The corresponding
objects can be either physical or components, but not a mix of both
types.
:type status: string
:param status: Specifies the status to be set on all the objects in
`objectIds`. For components, this can be either `PAUSE` or
`RESUME`. For instances, this can be either `CANCEL`, `RERUN`, or
`MARK_FINISHED`.
"""
params = {
'pipelineId': pipeline_id,
'objectIds': object_ids,
'status': status,
}
return self.make_request(action='SetStatus', body=json.dumps(params))
def describe_services(self, service_code_list=None, language=None):
"""
Returns the current list of AWS services and a list of service
categories that applies to each one. You then use service
names and categories in your CreateCase requests. Each AWS
service has its own set of categories.
The service codes and category codes correspond to the values
that are displayed in the **Service** and **Category** drop-
down lists on the AWS Support Center `Open a new case`_ page.
The values in those fields, however, do not necessarily match
the service codes and categories returned by the
`DescribeServices` request. Always use the service codes and
categories obtained programmatically. This practice ensures
that you always have the most recent set of service and
category codes.
:type service_code_list: list
:param service_code_list: A JSON-formatted list of service codes
available for AWS services.
:type language: string
:param language: The ISO 639-1 code for the language in which AWS
provides support. AWS Support currently supports English ("en") and
Japanese ("ja"). Language parameters must be passed explicitly for
operations that take them.
"""
params = {}
if service_code_list is not None:
params['serviceCodeList'] = service_code_list
if language is not None:
params['language'] = language
return self.make_request(action='DescribeServices',
body=json.dumps(params))
def set_identity_pool_configuration(self,
identity_pool_id,
push_sync=None):
"""
Sets the necessary configuration for push sync.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. This is the ID of the pool to modify.
:type push_sync: dict
:param push_sync: Configuration options to be applied to the identity
pool.
"""
uri = '/identitypools/{0}/configuration'.format(identity_pool_id)
params = {}
headers = {}
query_params = {}
if push_sync is not None:
params['PushSync'] = push_sync
return self.make_request('POST',
uri,
expected_status=200,
data=json.dumps(params),
headers=headers,
params=query_params)
def describe_pipelines(self, pipeline_ids):
"""
Retrieve metadata about one or more pipelines. The information
retrieved includes the name of the pipeline, the pipeline
identifier, its current state, and the user account that owns
the pipeline. Using account credentials, you can retrieve
metadata about pipelines that you or your IAM users have
created. If you are using an IAM user account, you can
retrieve metadata about only those pipelines you have read
permission for.
To retrieve the full pipeline definition instead of metadata
about the pipeline, call the GetPipelineDefinition action.
:type pipeline_ids: list
:param pipeline_ids: Identifiers of the pipelines to describe. You can
pass as many as 25 identifiers in a single call to
DescribePipelines. You can obtain pipeline identifiers by calling
ListPipelines.
"""
params = {
'pipelineIds': pipeline_ids,
}
return self.make_request(action='DescribePipelines',
body=json.dumps(params))
def create_log_group(self, log_group_name):
"""
Creates a new log group with the specified name. The name of
the log group must be unique within a region for an AWS
account. You can create up to 100 log groups per account.
You must use the following guidelines when naming a log group:
+ Log group names can be between 1 and 512 characters long.
+ Allowed characters are az, AZ, 09, '_' (underscore), '-'
(hyphen), '/' (forward slash), and '.' (period).
Log groups are created with a default retention of 14 days.
The retention attribute allow you to configure the number of
days you want to retain log events in the specified log group.
See the `SetRetention` operation on how to modify the
retention of your log groups.
:type log_group_name: string
:param log_group_name:
"""
params = {
'logGroupName': log_group_name,
}
return self.make_request(action='CreateLogGroup',
body=json.dumps(params))
def create_log_stream(self, log_group_name, log_stream_name):
"""
Creates a new log stream in the specified log group. The name
of the log stream must be unique within the log group. There
is no limit on the number of log streams that can exist in a
log group.
You must use the following guidelines when naming a log
stream:
+ Log stream names can be between 1 and 512 characters long.
+ The ':' colon character is not allowed.
:type log_group_name: string
:param log_group_name:
:type log_stream_name: string
:param log_stream_name:
"""
params = {
'logGroupName': log_group_name,
'logStreamName': log_stream_name,
}
return self.make_request(action='CreateLogStream',
body=json.dumps(params))
def create_private_virtual_interface(self, connection_id,
new_private_virtual_interface):
"""
Creates a new private virtual interface. A virtual interface
is the VLAN that transports AWS Direct Connect traffic. A
private virtual interface supports sending traffic to a single
virtual private cloud (VPC).
:type connection_id: string
:param connection_id: ID of the connection.
Example: dxcon-fg5678gh
Default: None
:type new_private_virtual_interface: dict
:param new_private_virtual_interface: Detailed information for the
private virtual interface to be created.
Default: None
"""
params = {
'connectionId': connection_id,
'newPrivateVirtualInterface': new_private_virtual_interface,
}
return self.make_request(action='CreatePrivateVirtualInterface',
body=json.dumps(params))
def create_public_virtual_interface(self, connection_id,
new_public_virtual_interface):
"""
Creates a new public virtual interface. A virtual interface is
the VLAN that transports AWS Direct Connect traffic. A public
virtual interface supports sending traffic to public services
of AWS such as Amazon Simple Storage Service (Amazon S3).
:type connection_id: string
:param connection_id: ID of the connection.
Example: dxcon-fg5678gh
Default: None
:type new_public_virtual_interface: dict
:param new_public_virtual_interface: Detailed information for the
public virtual interface to be created.
Default: None
"""
params = {
'connectionId': connection_id,
'newPublicVirtualInterface': new_public_virtual_interface,
}
return self.make_request(action='CreatePublicVirtualInterface',
body=json.dumps(params))
def confirm_private_virtual_interface(self, virtual_interface_id,
virtual_gateway_id):
"""
Accept ownership of a private virtual interface created by
another customer.
After the virtual interface owner calls this function, the
virtual interface will be created and attached to the given
virtual private gateway, and will be available for handling
traffic.
:type virtual_interface_id: string
:param virtual_interface_id: ID of the virtual interface.
Example: dxvif-123dfg56
Default: None
:type virtual_gateway_id: string
:param virtual_gateway_id: ID of the virtual private gateway that will
be attached to the virtual interface.
A virtual private gateway can be managed via the Amazon Virtual Private
Cloud (VPC) console or the `EC2 CreateVpnGateway`_ action.
Default: None
"""
params = {
'virtualInterfaceId': virtual_interface_id,
'virtualGatewayId': virtual_gateway_id,
}
return self.make_request(action='ConfirmPrivateVirtualInterface',
body=json.dumps(params))
def create_table(self, table_name, schema, provisioned_throughput):
"""
Add a new table to your account. The table name must be unique
among those associated with the account issuing the request.
This request triggers an asynchronous workflow to begin creating
the table. When the workflow is complete, the state of the
table will be ACTIVE.
:type table_name: str
:param table_name: The name of the table to create.
:type schema: dict
:param schema: A Python version of the KeySchema data structure
as defined by DynamoDB
:type provisioned_throughput: dict
:param provisioned_throughput: A Python version of the
ProvisionedThroughput data structure defined by
DynamoDB.
"""
data = {
'TableName': table_name,
'KeySchema': schema,
'ProvisionedThroughput': provisioned_throughput
}
json_input = json.dumps(data)
response_dict = self.make_request('CreateTable', json_input)
return response_dict
def list_tables(self, limit=None, start_table=None):
"""
Returns a dictionary of results. The dictionary contains
a **TableNames** key whose value is a list of the table names.
The dictionary could also contain a **LastEvaluatedTableName**
key whose value would be the last table name returned if
the complete list of table names was not returned. This
value would then be passed as the ``start_table`` parameter on
a subsequent call to this method.
:type limit: int
:param limit: The maximum number of tables to return.
:type start_table: str
:param start_table: The name of the table that starts the
list. If you ran a previous list_tables and not
all results were returned, the response dict would
include a LastEvaluatedTableName attribute. Use
that value here to continue the listing.
"""
data = {}
if limit:
data['Limit'] = limit
if start_table:
data['ExclusiveStartTableName'] = start_table
json_input = json.dumps(data)
return self.make_request('ListTables', json_input)
def list_identity_pool_usage(self, next_token=None, max_results=None):
"""
Gets a list of identity pools registered with Cognito.
:type next_token: string
:param next_token: A pagination token for obtaining the next page of
results.
:type max_results: integer
:param max_results: The maximum number of results to be returned.
"""
uri = '/identitypools'
params = {}
headers = {}
query_params = {}
if next_token is not None:
query_params['nextToken'] = next_token
if max_results is not None:
query_params['maxResults'] = max_results
return self.make_request('GET',
uri,
expected_status=200,
data=json.dumps(params),
headers=headers,
params=query_params)
def put_metric_filter(self, log_group_name, filter_name, filter_pattern,
metric_transformations):
"""
Creates or updates a metric filter and associates it with the
specified log group. Metric filters allow you to configure
rules to extract metric data from log events ingested through
`PutLogEvents` requests.
:type log_group_name: string
:param log_group_name:
:type filter_name: string
:param filter_name: The name of the metric filter.
:type filter_pattern: string
:param filter_pattern:
:type metric_transformations: list
:param metric_transformations:
"""
params = {
'logGroupName': log_group_name,
'filterName': filter_name,
'filterPattern': filter_pattern,
'metricTransformations': metric_transformations,
}
return self.make_request(action='PutMetricFilter',
body=json.dumps(params))
def register_device(self, identity_pool_id, identity_id, platform, token):
"""
Registers a device to receive push sync notifications.
:type identity_pool_id: string
:param identity_pool_id: A name-spaced GUID (for example, us-
east-1:23EC4050-6AEA-7089-A2DD-08002EXAMPLE) created by Amazon
Cognito. Here, the ID of the pool that the identity belongs to.
:type identity_id: string
:param identity_id: The unique ID for this identity.
:type platform: string
:param platform: The SNS platform type (e.g. GCM, SDM, APNS,
APNS_SANDBOX).
:type token: string
:param token: The push token.
"""
uri = '/identitypools/{0}/identity/{1}/device'.format(
identity_pool_id, identity_id)
params = {
'Platform': platform,
'Token': token,
}
headers = {}
query_params = {}
return self.make_request('POST',
uri,
expected_status=200,
data=json.dumps(params),
headers=headers,
params=query_params)
def _custom_policy(resource,
expires=None,
valid_after=None,
ip_address=None):
"""
Creates a custom policy string based on the supplied parameters.
"""
condition = {}
# SEE: http://docs.amazonwebservices.com/AmazonCloudFront/latest/DeveloperGuide/RestrictingAccessPrivateContent.html#CustomPolicy
# The 'DateLessThan' property is required.
if not expires:
# Defaults to ONE day
expires = int(time.time()) + 86400
condition["DateLessThan"] = {"AWS:EpochTime": expires}
if valid_after:
condition["DateGreaterThan"] = {"AWS:EpochTime": valid_after}
if ip_address:
if '/' not in ip_address:
ip_address += "/32"
condition["IpAddress"] = {"AWS:SourceIp": ip_address}
policy = {
"Statement": [{
"Resource": resource,
"Condition": condition
}]
}
return json.dumps(policy, separators=(",", ":"))
def register_application_revision(self,
application_name,
revision,
description=None):
"""
Registers with AWS CodeDeploy a revision for the specified
application.
:type application_name: string
:param application_name: The name of an existing AWS CodeDeploy
application within the AWS user account.
:type description: string
:param description: A comment about the revision.
:type revision: dict
:param revision: Information about the application revision to
register, including the revision's type and its location.
"""
params = {
'applicationName': application_name,
'revision': revision,
}
if description is not None:
params['description'] = description
return self.make_request(action='RegisterApplicationRevision',
body=json.dumps(params))
def add_attachments_to_set(self, attachments, attachment_set_id=None):
"""
Adds one or more attachments to an attachment set. If an
`AttachmentSetId` is not specified, a new attachment set is
created, and the ID of the set is returned in the response. If
an `AttachmentSetId` is specified, the attachments are added
to the specified set, if it exists.
An attachment set is a temporary container for attachments
that are to be added to a case or case communication. The set
is available for one hour after it is created; the
`ExpiryTime` returned in the response indicates when the set
expires. The maximum number of attachments in a set is 3, and
the maximum size of any attachment in the set is 5 MB.
:type attachment_set_id: string
:param attachment_set_id: The ID of the attachment set. If an
`AttachmentSetId` is not specified, a new attachment set is
created, and the ID of the set is returned in the response. If an
`AttachmentSetId` is specified, the attachments are added to the
specified set, if it exists.
:type attachments: list
:param attachments: One or more attachments to add to the set. The
limit is 3 attachments per set, and the size limit is 5 MB per
attachment.
"""
params = {
'attachments': attachments,
}
if attachment_set_id is not None:
params['attachmentSetId'] = attachment_set_id
return self.make_request(action='AddAttachmentsToSet',
body=json.dumps(params))
def report_task_progress(self, task_id):
"""
Updates the AWS Data Pipeline service on the progress of the
calling task runner. When the task runner is assigned a task,
it should call ReportTaskProgress to acknowledge that it has
the task within 2 minutes. If the web service does not recieve
this acknowledgement within the 2 minute window, it will
assign the task in a subsequent PollForTask call. After this
initial acknowledgement, the task runner only needs to report
progress every 15 minutes to maintain its ownership of the
task. You can change this reporting time from 15 minutes by
specifying a `reportProgressTimeout` field in your pipeline.
If a task runner does not report its status after 5 minutes,
AWS Data Pipeline will assume that the task runner is unable
to process the task and will reassign the task in a subsequent
response to PollForTask. task runners should call
ReportTaskProgress every 60 seconds.
:type task_id: string
:param task_id: Identifier of the task assigned to the task runner.
This value is provided in the TaskObject that the service returns
with the response for the PollForTask action.
"""
params = {
'taskId': task_id,
}
return self.make_request(action='ReportTaskProgress',
body=json.dumps(params))
def list_tags_for_stream(self,
stream_name,
exclusive_start_tag_key=None,
limit=None):
"""
Lists the tags for the specified Amazon Kinesis stream.
:type stream_name: string
:param stream_name: The name of the stream.
:type exclusive_start_tag_key: string
:param exclusive_start_tag_key: The key to use as the starting point
for the list of tags. If this parameter is set, `ListTagsForStream`
gets all tags that occur after `ExclusiveStartTagKey`.
:type limit: integer
:param limit: The number of tags to return. If this number is less than
the total number of tags associated with the stream, `HasMoreTags`
is set to `True`. To list additional tags, set
`ExclusiveStartTagKey` to the last key in the response.
"""
params = {
'StreamName': stream_name,
}
if exclusive_start_tag_key is not None:
params['ExclusiveStartTagKey'] = exclusive_start_tag_key
if limit is not None:
params['Limit'] = limit
return self.make_request(action='ListTagsForStream',
body=json.dumps(params))
def disable_domain_transfer_lock(self, domain_name):
"""
This operation removes the transfer lock on the domain
(specifically the `clientTransferProhibited` status) to allow
domain transfers. We recommend you refrain from performing
this action unless you intend to transfer the domain to a
different registrar. Successful submission returns an
operation ID that you can use to track the progress and
completion of the action. If the request is not completed
successfully, the domain registrant will be notified by email.
:type domain_name: string
:param domain_name: The name of a domain.
Type: String
Default: None
Constraints: The domain name can contain only the letters a through z,
the numbers 0 through 9, and hyphen (-). Internationalized Domain
Names are not supported.
Required: Yes
"""
params = {'DomainName': domain_name, }
return self.make_request(action='DisableDomainTransferLock',
body=json.dumps(params))
def check_domain_availability(self, domain_name, idn_lang_code=None):
"""
This operation checks the availability of one domain name. You
can access this API without authenticating. Note that if the
availability status of a domain is pending, you must submit
another request to determine the availability of the domain
name.
:type domain_name: string
:param domain_name: The name of a domain.
Type: String
Default: None
Constraints: The domain name can contain only the letters a through z,
the numbers 0 through 9, and hyphen (-). Internationalized Domain
Names are not supported.
Required: Yes
:type idn_lang_code: string
:param idn_lang_code: Reserved for future use.
"""
params = {'DomainName': domain_name, }
if idn_lang_code is not None:
params['IdnLangCode'] = idn_lang_code
return self.make_request(action='CheckDomainAvailability',
body=json.dumps(params))
def list_key_policies(self, key_id, limit=None, marker=None):
"""
Retrieves a list of policies attached to a key.
:type key_id: string
:param key_id: Unique identifier of the key. This can be an ARN, an
alias, or a globally unique identifier.
:type limit: integer
:param limit: Specify this parameter only when paginating results to
indicate the maximum number of policies you want listed in the
response. If there are additional policies beyond the maximum you
specify, the `Truncated` response element will be set to `true.`
:type marker: string
:param marker: Use this parameter only when paginating results, and
only in a subsequent request after you've received a response where
the results are truncated. Set it to the value of the `NextMarker`
in the response you just received.
"""
params = {'KeyId': key_id, }
if limit is not None:
params['Limit'] = limit
if marker is not None:
params['Marker'] = marker
return self.make_request(action='ListKeyPolicies',
body=json.dumps(params))
def create_key(self, policy=None, description=None, key_usage=None):
"""
Creates a customer master key. Customer master keys can be
used to encrypt small amounts of data (less than 4K) directly,
but they are most commonly used to encrypt or envelope data
keys that are then used to encrypt customer data. For more
information about data keys, see GenerateDataKey and
GenerateDataKeyWithoutPlaintext.
:type policy: string
:param policy: Policy to be attached to the key. This is required and
delegates back to the account. The key is the root of trust.
:type description: string
:param description: Description of the key. We recommend that you
choose a description that helps your customer decide whether the
key is appropriate for a task.
:type key_usage: string
:param key_usage: Specifies the intended use of the key. Currently this
defaults to ENCRYPT/DECRYPT, and only symmetric encryption and
decryption are supported.
"""
params = {}
if policy is not None:
params['Policy'] = policy
if description is not None:
params['Description'] = description
if key_usage is not None:
params['KeyUsage'] = key_usage
return self.make_request(action='CreateKey',
body=json.dumps(params))
def create_alias(self, alias_name, target_key_id):
"""
Creates a display name for a customer master key. An alias can
be used to identify a key and should be unique. The console
enforces a one-to-one mapping between the alias and a key. An
alias name can contain only alphanumeric characters, forward
slashes (/), underscores (_), and dashes (-). An alias must
start with the word "alias" followed by a forward slash
(alias/). An alias that begins with "aws" after the forward
slash (alias/aws...) is reserved by Amazon Web Services (AWS).
:type alias_name: string
:param alias_name: String that contains the display name. Aliases that
begin with AWS are reserved.
:type target_key_id: string
:param target_key_id: An identifier of the key for which you are
creating the alias. This value cannot be another alias.
"""
params = {
'AliasName': alias_name,
'TargetKeyId': target_key_id,
}
return self.make_request(action='CreateAlias',
body=json.dumps(params))
def subscribe_sqs_queue(self, topic, queue):
"""
Subscribe an SQS queue to a topic.
This is convenience method that handles most of the complexity involved
in using an SQS queue as an endpoint for an SNS topic. To achieve this
the following operations are performed:
* The correct ARN is constructed for the SQS queue and that ARN is
then subscribed to the topic.
* A JSON policy document is contructed that grants permission to
the SNS topic to send messages to the SQS queue.
* This JSON policy is then associated with the SQS queue using
the queue's set_attribute method. If the queue already has
a policy associated with it, this process will add a Statement to
that policy. If no policy exists, a new policy will be created.
:type topic: string
:param topic: The ARN of the new topic.
:type queue: A boto Queue object
:param queue: The queue you wish to subscribe to the SNS Topic.
"""
t = queue.id.split('/')
q_arn = queue.arn
sid = hashlib.md5((topic + q_arn).encode('utf-8')).hexdigest()
sid_exists = False
resp = self.subscribe(topic, 'sqs', q_arn)
attr = queue.get_attributes('Policy')
if 'Policy' in attr:
policy = json.loads(attr['Policy'])
else:
policy = {}
if 'Version' not in policy:
policy['Version'] = '2008-10-17'
if 'Statement' not in policy:
policy['Statement'] = []
# See if a Statement with the Sid exists already.
for s in policy['Statement']:
if s['Sid'] == sid:
sid_exists = True
if not sid_exists:
statement = {
'Action': 'SQS:SendMessage',
'Effect': 'Allow',
'Principal': {
'AWS': '*'
},
'Resource': q_arn,
'Sid': sid,
'Condition': {
'StringLike': {
'aws:SourceArn': topic
}
}
}
policy['Statement'].append(statement)
queue.set_attribute('Policy', json.dumps(policy))
return resp
def get_resource_config_history(self, resource_type, resource_id,
later_time=None, earlier_time=None,
chronological_order=None, limit=None,
next_token=None):
"""
Returns a list of configuration items for the specified
resource. The list contains details about each state of the
resource during the specified time interval. You can specify a
`limit` on the number of results returned on the page. If a
limit is specified, a `nextToken` is returned as part of the
result that you can use to continue this request.
:type resource_type: string
:param resource_type: The resource type.
:type resource_id: string
:param resource_id: The ID of the resource (for example., `sg-xxxxxx`).
:type later_time: timestamp
:param later_time: The time stamp that indicates a later time. If not
specified, current time is taken.
:type earlier_time: timestamp
:param earlier_time: The time stamp that indicates an earlier time. If
not specified, the action returns paginated results that contain
configuration items that start from when the first configuration
item was recorded.
:type chronological_order: string
:param chronological_order: The chronological order for configuration
items listed. By default the results are listed in reverse
chronological order.
:type limit: integer
:param limit: The maximum number of configuration items returned in
each page. The default is 10. You cannot specify a limit greater
than 100.
:type next_token: string
:param next_token: An optional parameter used for pagination of the
results.
"""
params = {
'resourceType': resource_type,
'resourceId': resource_id,
}
if later_time is not None:
params['laterTime'] = later_time
if earlier_time is not None:
params['earlierTime'] = earlier_time
if chronological_order is not None:
params['chronologicalOrder'] = chronological_order
if limit is not None:
params['limit'] = limit
if next_token is not None:
params['nextToken'] = next_token
return self.make_request(action='GetResourceConfigHistory',
body=json.dumps(params))
def create_hsm(self,
subnet_id,
ssh_key,
iam_role_arn,
subscription_type,
eni_ip=None,
external_id=None,
client_token=None,
syslog_ip=None):
"""
Creates an uninitialized HSM instance. Running this command
provisions an HSM appliance and will result in charges to your
AWS account for the HSM.
:type subnet_id: string
:param subnet_id: The identifier of the subnet in your VPC in which to
place the HSM.
:type ssh_key: string
:param ssh_key: The SSH public key to install on the HSM.
:type eni_ip: string
:param eni_ip: The IP address to assign to the HSM's ENI.
:type iam_role_arn: string
:param iam_role_arn: The ARN of an IAM role to enable the AWS CloudHSM
service to allocate an ENI on your behalf.
:type external_id: string
:param external_id: The external ID from **IamRoleArn**, if present.
:type subscription_type: string
:param subscription_type: The subscription type.
:type client_token: string
:param client_token: A user-defined token to ensure idempotence.
Subsequent calls to this action with the same token will be
ignored.
:type syslog_ip: string
:param syslog_ip: The IP address for the syslog monitoring server.
"""
params = {
'SubnetId': subnet_id,
'SshKey': ssh_key,
'IamRoleArn': iam_role_arn,
'SubscriptionType': subscription_type,
}
if eni_ip is not None:
params['EniIp'] = eni_ip
if external_id is not None:
params['ExternalId'] = external_id
if client_token is not None:
params['ClientToken'] = client_token
if syslog_ip is not None:
params['SyslogIp'] = syslog_ip
return self.make_request(action='CreateHsm', body=json.dumps(params))
