This documentation is for Version 1 of the Amazon CLI only. For documentation related to Version 2 of the Amazon CLI, see the Version 2 User Guide.
Amazon EC2 examples using Amazon CLI
The following code examples show you how to perform actions and implement common scenarios by using the Amazon Command Line Interface with Amazon EC2.
Actions are code excerpts from larger programs and must be run in context. While actions show you how to call individual service functions, you can see actions in context in their related scenarios.
Each example includes a link to the complete source code, where you can find instructions on how to set up and run the code in context.
Topics
Actions
The following code example shows how to use accept-address-transfer
.
- Amazon CLI
-
To accept an Elastic IP address transferred to your account
The following
accept-address-transfer
example accepts the transfer of the specified Elastic IP address to your account.aws ec2 accept-address-transfer \ --address
100.21.184.216
Output:
{ "AddressTransfer": { "PublicIp": "100.21.184.216", "AllocationId": "eipalloc-09ad461b0d03f6aaf", "TransferAccountId": "123456789012", "TransferOfferExpirationTimestamp": "2023-02-22T20:51:10.000Z", "TransferOfferAcceptedTimestamp": "2023-02-22T22:52:54.000Z", "AddressTransferStatus": "accepted" } }
For more information, see Transfer Elastic IP addresses
in the Amazon VPC User Guide. -
For API details, see AcceptAddressTransfer
in Amazon CLI Command Reference.
-
The following code example shows how to use accept-reserved-instances-exchange-quote
.
- Amazon CLI
-
To perform a Convertible Reserved Instance exchange
This example performs an exchange of the specified Convertible Reserved Instances.
Command:
aws ec2 accept-reserved-instances-exchange-quote --reserved-instance-ids
7b8750c3-397e-4da4-bbcb-a45ebexample
--target-configurationsOfferingId=b747b472-423c-48f3-8cee-679bcexample
Output:
{ "ExchangeId": "riex-e68ed3c1-8bc8-4c17-af77-811afexample" }
-
For API details, see AcceptReservedInstancesExchangeQuote
in Amazon CLI Command Reference.
-
The following code example shows how to use accept-transit-gateway-peering-attachment
.
- Amazon CLI
-
To accept a transit gateway peering attachment
The following
accept-transit-gateway-peering-attachment
example accepts the specified transit gateway peering attachment. The--region
parameter specifies the Region that the accepter transit gateway is located in.aws ec2 accept-transit-gateway-peering-attachment \ --transit-gateway-attachment-id
tgw-attach-4455667788aabbccd
\ --regionus-east-2
Output:
{ "TransitGatewayPeeringAttachment": { "TransitGatewayAttachmentId": "tgw-attach-4455667788aabbccd", "RequesterTgwInfo": { "TransitGatewayId": "tgw-123abc05e04123abc", "OwnerId": "123456789012", "Region": "us-west-2" }, "AccepterTgwInfo": { "TransitGatewayId": "tgw-11223344aabbcc112", "OwnerId": "123456789012", "Region": "us-east-2" }, "State": "pending", "CreationTime": "2019-12-09T11:38:31.000Z" } }
For more information, see Transit Gateway Peering Attachments
in the Transit Gateways Guide. -
For API details, see AcceptTransitGatewayPeeringAttachment
in Amazon CLI Command Reference.
-
The following code example shows how to use accept-transit-gateway-vpc-attachment
.
- Amazon CLI
-
To accept a request to attach a VPC to a transit gateway.
The following
accept-transit-gateway-vpc-attachment
example accepts the request forte specified attachment.aws ec2 accept-transit-gateway-vpc-attachment \ --transit-gateway-attachment-id
tgw-attach-0a34fe6b4fEXAMPLE
Output:
{ "TransitGatewayVpcAttachment": { "TransitGatewayAttachmentId": "tgw-attach-0a34fe6b4fEXAMPLE", "TransitGatewayId": "tgw-0262a0e521EXAMPLE", "VpcId": "vpc-07e8ffd50fEXAMPLE", "VpcOwnerId": "123456789012", "State": "pending", "SubnetIds": [ "subnet-0752213d59EXAMPLE" ], "CreationTime": "2019-07-10T17:33:46.000Z", "Options": { "DnsSupport": "enable", "Ipv6Support": "disable" } } }
For more information, see Transit Gateway Attachments to a VPC
in the Transit Gateways Guide. -
For API details, see AcceptTransitGatewayVpcAttachment
in Amazon CLI Command Reference.
-
The following code example shows how to use accept-vpc-endpoint-connections
.
- Amazon CLI
-
To accept an interface endpoint connection request
This example accepts the specified endpoint connection request for the specified endpoint service.
Command:
aws ec2 accept-vpc-endpoint-connections --service-id
vpce-svc-03d5ebb7d9579a2b3
--vpc-endpoint-idsvpce-0c1308d7312217abc
Output:
{ "Unsuccessful": [] }
-
For API details, see AcceptVpcEndpointConnections
in Amazon CLI Command Reference.
-
The following code example shows how to use accept-vpc-peering-connection
.
- Amazon CLI
-
To accept a VPC peering connection
This example accepts the specified VPC peering connection request.
Command:
aws ec2 accept-vpc-peering-connection --vpc-peering-connection-id
pcx-1a2b3c4d
Output:
{ "VpcPeeringConnection": { "Status": { "Message": "Provisioning", "Code": "provisioning" }, "Tags": [], "AccepterVpcInfo": { "OwnerId": "444455556666", "VpcId": "vpc-44455566", "CidrBlock": "10.0.1.0/28" }, "VpcPeeringConnectionId": "pcx-1a2b3c4d", "RequesterVpcInfo": { "OwnerId": "444455556666", "VpcId": "vpc-111abc45", "CidrBlock": "10.0.0.0/28" } } }
-
For API details, see AcceptVpcPeeringConnection
in Amazon CLI Command Reference.
-
The following code example shows how to use advertise-byoip-cidr
.
- Amazon CLI
-
To advertise an address range
The following
advertise-byoip-cidr
example advertises the specified public IPv4 address range.aws ec2 advertise-byoip-cidr \ --cidr
203.0.113.25/24
Output:
{ "ByoipCidr": { "Cidr": "203.0.113.25/24", "StatusMessage": "ipv4pool-ec2-1234567890abcdef0", "State": "provisioned" } }
-
For API details, see AdvertiseByoipCidr
in Amazon CLI Command Reference.
-
The following code example shows how to use allocate-address
.
- Amazon CLI
-
Example 1: To allocate an Elastic IP address from Amazon's address pool
The following
allocate-address
example allocates an Elastic IP address. Amazon EC2 selects the address from Amazon's address pool.aws ec2 allocate-address
Output:
{ "PublicIp": "70.224.234.241", "AllocationId": "eipalloc-01435ba59eEXAMPLE", "PublicIpv4Pool": "amazon", "NetworkBorderGroup": "us-west-2", "Domain": "vpc" }
For more information, see Elastic IP addresses
in the Amazon EC2 User Guide. Example 2: To allocate an Elastic IP address and associate it with a network border group
The following
allocate-address
example allocates an Elastic IP address and associates it with the specified network border group.aws ec2 allocate-address \ --network-border-group
us-west-2-lax-1
Output:
{ "PublicIp": "70.224.234.241", "AllocationId": "eipalloc-e03dd489ceEXAMPLE", "PublicIpv4Pool": "amazon", "NetworkBorderGroup": "us-west-2-lax-1", "Domain": "vpc" }
For more information, see Elastic IP addresses
in the Amazon EC2 User Guide. Example 3: To allocate an Elastic IP address from an address pool that you own
The following
allocate-address
example allocates an Elastic IP address from an address pool that you have brought to your Amazon Web Services account. Amazon EC2 selects the address from the address pool.aws ec2 allocate-address \ --public-ipv4-pool
ipv4pool-ec2-1234567890abcdef0
Output:
{ "AllocationId": "eipalloc-02463d08ceEXAMPLE", "NetworkBorderGroup": "us-west-2", "CustomerOwnedIp": "18.218.95.81", "CustomerOwnedIpv4Pool": "ipv4pool-ec2-1234567890abcdef0", "Domain": "vpc" "NetworkBorderGroup": "us-west-2", }
For more information, see Elastic IP addresses
in the Amazon EC2 User Guide. -
For API details, see AllocateAddress
in Amazon CLI Command Reference.
-
The following code example shows how to use allocate-hosts
.
- Amazon CLI
-
Example 1: To allocate a Dedicated Host
The following
allocate-hosts
example allocates a single Dedicated Host in theeu-west-1a
Availability Zone, onto which you can launchm5.large
instances. By default, the Dedicated Host accepts only target instance launches, and does not support host recovery.aws ec2 allocate-hosts \ --instance-type
m5.large
\ --availability-zoneeu-west-1a
\ --quantity1
Output:
{ "HostIds": [ "h-07879acf49EXAMPLE" ] }
Example 2: To allocate a Dedicated Host with auto-placement and host recovery enabled
The following
allocate-hosts
example allocates a single Dedicated Host in theeu-west-1a
Availability Zone with auto-placement and host recovery enabled.aws ec2 allocate-hosts \ --instance-type
m5.large
\ --availability-zoneeu-west-1a
\ --auto-placementon
\ --host-recoveryon
\ --quantity1
Output:
{ "HostIds": [ "h-07879acf49EXAMPLE" ] }
Example 3: To allocate a Dedicated Host with tags
The following
allocate-hosts
example allocates a single Dedicated Host and applies a tag with a key namedpurpose
and a value ofproduction
.aws ec2 allocate-hosts \ --instance-type
m5.large
\ --availability-zoneeu-west-1a
\ --quantity1
\ --tag-specifications 'ResourceType=dedicated-host,Tags={Key=purpose,Value=production}
'Output:
{ "HostIds": [ "h-07879acf49EXAMPLE" ] }
For more information, see Allocating Dedicated Hosts
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see AllocateHosts
in Amazon CLI Command Reference.
-
The following code example shows how to use allocate-ipam-pool-cidr
.
- Amazon CLI
-
To allocate a CIDR from an IPAM pool
The following
allocate-ipam-pool-cidr
example allocates a CIDR from an IPAM pool.(Linux):
aws ec2 allocate-ipam-pool-cidr \ --ipam-pool-id
ipam-pool-0533048da7d823723
\ --netmask-length24
(Windows):
aws ec2 allocate-ipam-pool-cidr
^
--ipam-pool-idipam-pool-0533048da7d823723
^
--netmask-length24
Output:
{ "IpamPoolAllocation": { "Cidr": "10.0.0.0/24", "IpamPoolAllocationId": "ipam-pool-alloc-018ecc28043b54ba38e2cd99943cebfbd", "ResourceType": "custom", "ResourceOwner": "123456789012" } }
For more information, see Manually allocate a CIDR to a pool to reserve IP address space
in the Amazon VPC IPAM User Guide. -
For API details, see AllocateIpamPoolCidr
in Amazon CLI Command Reference.
-
The following code example shows how to use apply-security-groups-to-client-vpn-target-network
.
- Amazon CLI
-
To apply security groups to a target network for a Client VPN endpoint
The following
apply-security-groups-to-client-vpn-target-network
example applies security groupsg-01f6e627a89f4db32
to the association between the specified target network and Client VPN endpoint.aws ec2 apply-security-groups-to-client-vpn-target-network \ --security-group-ids
sg-01f6e627a89f4db32
\ --vpc-idvpc-0e2110c2f324332e0
\ --client-vpn-endpoint-idcvpn-endpoint-123456789123abcde
Output:
{ "SecurityGroupIds": [ "sg-01f6e627a89f4db32" ] }
For more information, see Target Networks
in the Amazon Client VPN Administrator Guide. -
For API details, see ApplySecurityGroupsToClientVpnTargetNetwork
in Amazon CLI Command Reference.
-
The following code example shows how to use assign-ipv6-addresses
.
- Amazon CLI
-
To assign specific IPv6 addresses to a network interface
This example assigns the specified IPv6 addresses to the specified network interface.
Command:
aws ec2 assign-ipv6-addresses --network-interface-id
eni-38664473
--ipv6-addresses2001:db8:1234:1a00:3304:8879:34cf:4071
2001:db8:1234:1a00:9691:9503:25ad:1761
Output:
{ "AssignedIpv6Addresses": [ "2001:db8:1234:1a00:3304:8879:34cf:4071", "2001:db8:1234:1a00:9691:9503:25ad:1761" ], "NetworkInterfaceId": "eni-38664473" }
To assign IPv6 addresses that Amazon selects to a network interface
This example assigns two IPv6 addresses to the specified network interface. Amazon automatically assigns these IPv6 addresses from the available IPv6 addresses in the IPv6 CIDR block range of the subnet.
Command:
aws ec2 assign-ipv6-addresses --network-interface-id
eni-38664473
--ipv6-address-count2
Output:
{ "AssignedIpv6Addresses": [ "2001:db8:1234:1a00:3304:8879:34cf:4071", "2001:db8:1234:1a00:9691:9503:25ad:1761" ], "NetworkInterfaceId": "eni-38664473" }
-
For API details, see AssignIpv6Addresses
in Amazon CLI Command Reference.
-
The following code example shows how to use assign-private-ip-addresses
.
- Amazon CLI
-
To assign a specific secondary private IP address a network interface
This example assigns the specified secondary private IP address to the specified network interface. If the command succeeds, no output is returned.
Command:
aws ec2 assign-private-ip-addresses --network-interface-id
eni-e5aa89a3
--private-ip-addresses10.0.0.82
To assign secondary private IP addresses that Amazon EC2 selects to a network interface
This example assigns two secondary private IP addresses to the specified network interface. Amazon EC2 automatically assigns these IP addresses from the available IP addresses in the CIDR block range of the subnet the network interface is associated with. If the command succeeds, no output is returned.
Command:
aws ec2 assign-private-ip-addresses --network-interface-id
eni-e5aa89a3
--secondary-private-ip-address-count2
-
For API details, see AssignPrivateIpAddresses
in Amazon CLI Command Reference.
-
The following code example shows how to use assign-private-nat-gateway-address
.
- Amazon CLI
-
To assign private IP addresses to your private NAT gateway
The following
assign-private-nat-gateway-address
example assigns two private IP addresses to the specified private NAT gateway.aws ec2 assign-private-nat-gateway-address \ --nat-gateway-id
nat-1234567890abcdef0
\ --private-ip-address-count2
Output:
{ "NatGatewayId": "nat-1234567890abcdef0", "NatGatewayAddresses": [ { "NetworkInterfaceId": "eni-0065a61b324d1897a", "IsPrimary": false, "Status": "assigning" }, { "NetworkInterfaceId": "eni-0065a61b324d1897a", "IsPrimary": false, "Status": "assigning" } ] }
For more information, see NAT gateways
in the Amazon VPC User Guide. -
For API details, see AssignPrivateNatGatewayAddress
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-address
.
- Amazon CLI
-
To associate an Elastic IP addresses in EC2-Classic
This example associates an Elastic IP address with an instance in EC2-Classic. If the command succeeds, no output is returned.
Command:
aws ec2 associate-address --instance-id
i-07ffe74c7330ebf53
--public-ip198.51.100.0
To associate an Elastic IP address in EC2-VPC
This example associates an Elastic IP address with an instance in a VPC.
Command:
aws ec2 associate-address --instance-id
i-0b263919b6498b123
--allocation-ideipalloc-64d5890a
Output:
{ "AssociationId": "eipassoc-2bebb745" }
This example associates an Elastic IP address with a network interface.
Command:
aws ec2 associate-address --allocation-id
eipalloc-64d5890a
--network-interface-ideni-1a2b3c4d
This example associates an Elastic IP with a private IP address that's associated with a network interface.
Command:
aws ec2 associate-address --allocation-id
eipalloc-64d5890a
--network-interface-ideni-1a2b3c4d
--private-ip-address10.0.0.85
-
For API details, see AssociateAddress
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-client-vpn-target-network
.
- Amazon CLI
-
To associate a target network with a Client VPN endpoint
The following
associate-client-vpn-target-network
example associates a subnet with the specified Client VPN endpoint.aws ec2 associate-client-vpn-target-network \ --subnet-id
subnet-0123456789abcabca
\ --client-vpn-endpoint-idcvpn-endpoint-123456789123abcde
Output:
{ "AssociationId": "cvpn-assoc-12312312312312312", "Status": { "Code": "associating" } }
For more information, see Target Networks
in the Amazon Client VPN Administrator Guide. -
For API details, see AssociateClientVpnTargetNetwork
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-dhcp-options
.
- Amazon CLI
-
To associate a DHCP options set with your VPC
This example associates the specified DHCP options set with the specified VPC. If the command succeeds, no output is returned.
Command:
aws ec2 associate-dhcp-options --dhcp-options-id
dopt-d9070ebb
--vpc-idvpc-a01106c2
To associate the default DHCP options set with your VPC
This example associates the default DHCP options set with the specified VPC. If the command succeeds, no output is returned.
Command:
aws ec2 associate-dhcp-options --dhcp-options-id
default
--vpc-idvpc-a01106c2
-
For API details, see AssociateDhcpOptions
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-iam-instance-profile
.
- Amazon CLI
-
To associate an IAM instance profile with an instance
This example associates an IAM instance profile named
admin-role
with instancei-123456789abcde123
.Command:
aws ec2 associate-iam-instance-profile --instance-id
i-123456789abcde123
--iam-instance-profileName=admin-role
Output:
{ "IamInstanceProfileAssociation": { "InstanceId": "i-123456789abcde123", "State": "associating", "AssociationId": "iip-assoc-0e7736511a163c209", "IamInstanceProfile": { "Id": "AIPAJBLK7RKJKWDXVHIEC", "Arn": "arn:aws:iam::123456789012:instance-profile/admin-role" } } }
-
For API details, see AssociateIamInstanceProfile
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-instance-event-window
.
- Amazon CLI
-
Example 1: To associate one or more instances with an event window
The following
associate-instance-event-window
example associates one or more instances with an event window.aws ec2 associate-instance-event-window \ --region
us-east-1
\ --instance-event-window-idiew-0abcdef1234567890
\ --association-target"InstanceIds=i-1234567890abcdef0,i-0598c7d356eba48d7"
Output:
{ "InstanceEventWindow": { "InstanceEventWindowId": "iew-0abcdef1234567890", "Name": "myEventWindowName", "CronExpression": "* 21-23 * * 2,3", "AssociationTarget": { "InstanceIds": [ "i-1234567890abcdef0", "i-0598c7d356eba48d7" ], "Tags": [], "DedicatedHostIds": [] }, "State": "creating" } }
For event window constraints, see Considerations
in the Scheduled Events section of the Amazon EC2 User Guide. Example 2: To associate instance tags with an event window
The following
associate-instance-event-window
example associates instance tags with an event window. Enter aninstance-event-window-id
parameter to specify the event window. To associate instance tags, specify theassociation-target
parameter, and for the parameter value, specify one or more tags.aws ec2 associate-instance-event-window \ --region
us-east-1
\ --instance-event-window-idiew-0abcdef1234567890
\ --association-target"InstanceTags=[{Key=k2,Value=v2},{Key=k1,Value=v1}]"
Output:
{ "InstanceEventWindow": { "InstanceEventWindowId": "iew-0abcdef1234567890", "Name": "myEventWindowName", "CronExpression": "* 21-23 * * 2,3", "AssociationTarget": { "InstanceIds": [], "Tags": [ { "Key": "k2", "Value": "v2" }, { "Key": "k1", "Value": "v1" } ], "DedicatedHostIds": [] }, "State": "creating" } }
For event window constraints, see Considerations
in the Scheduled Events section of the Amazon EC2 User Guide. Example 3: To associate a Dedicated Host with an event window
The following
associate-instance-event-window
example associates a Dedicated Host with an event window. Enter aninstance-event-window-id
parameter to specify the event window. To associate a Dedicated Host, specify the--association-target
parameter, and for the parameter values, specify one of more Dedicated Host IDs.aws ec2 associate-instance-event-window \ --region
us-east-1
\ --instance-event-window-idiew-0abcdef1234567890
\ --association-target"DedicatedHostIds=h-029fa35a02b99801d"
Output:
{ "InstanceEventWindow": { "InstanceEventWindowId": "iew-0abcdef1234567890", "Name": "myEventWindowName", "CronExpression": "* 21-23 * * 2,3", "AssociationTarget": { "InstanceIds": [], "Tags": [], "DedicatedHostIds": [ "h-029fa35a02b99801d" ] }, "State": "creating" } }
For event window constraints, see Considerations
in the Scheduled Events section of the Amazon EC2 User Guide. -
For API details, see AssociateInstanceEventWindow
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-ipam-resource-discovery
.
- Amazon CLI
-
To associate a resource discovery with an IPAM
In this example, you are an IPAM delegated admin and a resource discovery has been created and shared with you by another Amazon account so that you can use IPAM to manage and monitor resource CIDRs owned by the other account.
Note
To complete this request, you'll need the resource discovery ID which you can get with describe-ipam-resource-discoveries
and the IPAM ID which you can get with describe-ipams .The resource discovery that you are associating must have first been shared with your account using Amazon RAM.The --region
you enter must match the home Region of the IPAM you are associating it with.The following
associate-ipam-resource-discovery
example associates a resource discovery with an IPAM.aws ec2 associate-ipam-resource-discovery \ --ipam-id
ipam-005f921c17ebd5107
\ --ipam-resource-discovery-idipam-res-disco-03e0406de76a044ee
\ --tag-specifications 'ResourceType=ipam-resource-discovery,Tags=[{Key=cost-center,Value=cc123}]
' \ --regionus-east-1
Output:
{ { "IpamResourceDiscoveryAssociation": { "OwnerId": "320805250157", "IpamResourceDiscoveryAssociationId": "ipam-res-disco-assoc-04382a6346357cf82", "IpamResourceDiscoveryAssociationArn": "arn:aws:ec2::320805250157:ipam-resource-discovery-association/ipam-res-disco-assoc-04382a6346357cf82", "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", "IpamId": "ipam-005f921c17ebd5107", "IpamArn": "arn:aws:ec2::320805250157:ipam/ipam-005f921c17ebd5107", "IpamRegion": "us-east-1", "IsDefault": false, "ResourceDiscoveryStatus": "active", "State": "associate-in-progress", "Tags": [] } } }
Once you associate a resource discovery, you can monitor and/or manage the IP addresses of resources created by the other accounts. For more information, see Integrate IPAM with accounts outside of your organization
in the Amazon VPC IPAM User Guide. -
For API details, see AssociateIpamResourceDiscovery
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-nat-gateway-address
.
- Amazon CLI
-
To associate an Elastic IP address with a public NAT gateway
The following
associate-nat-gateway-address
example associates the specified Elastic IP address with the specified public NAT gateway. Amazon automatically assigns a secondary private IPv4 address.aws ec2 associate-nat-gateway-address \ --nat-gateway-id
nat-1234567890abcdef0
\ --allocation-idseipalloc-0be6ecac95EXAMPLE
Output:
{ "NatGatewayId": "nat-1234567890abcdef0", "NatGatewayAddresses": [ { "AllocationId": "eipalloc-0be6ecac95EXAMPLE", "NetworkInterfaceId": "eni-09cc4b2558794f7f9", "IsPrimary": false, "Status": "associating" } ] }
For more information, see NAT gateways
in the Amazon VPC User Guide. -
For API details, see AssociateNatGatewayAddress
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-route-table
.
- Amazon CLI
-
To associate a route table with a subnet
This example associates the specified route table with the specified subnet.
Command:
aws ec2 associate-route-table --route-table-id
rtb-22574640
--subnet-idsubnet-9d4a7b6c
Output:
{ "AssociationId": "rtbassoc-781d0d1a" }
-
For API details, see AssociateRouteTable
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-subnet-cidr-block
.
- Amazon CLI
-
To associate an IPv6 CIDR block with a subnet
This example associates an IPv6 CIDR block with the specified subnet.
Command:
aws ec2 associate-subnet-cidr-block --subnet-id
subnet-5f46ec3b
--ipv6-cidr-block2001:db8:1234:1a00::/64
Output:
{ "SubnetId": "subnet-5f46ec3b", "Ipv6CidrBlockAssociation": { "Ipv6CidrBlock": "2001:db8:1234:1a00::/64", "AssociationId": "subnet-cidr-assoc-3aa54053", "Ipv6CidrBlockState": { "State": "associating" } } }
-
For API details, see AssociateSubnetCidrBlock
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-transit-gateway-multicast-domain
.
- Amazon CLI
-
To associate a transit gateway with a multicast domain
The following
associate-transit-gateway-multicast-domain
example associates the specified subnet and attachment with the specified multicast domain.aws ec2 associate-transit-gateway-multicast-domain \ --transit-gateway-multicast-domain-id
tgw-mcast-domain-0c4905cef79d6e597
\ --transit-gateway-attachment-idtgw-attach-028c1dd0f8f5cbe8e
\ --subnet-idssubnet-000de86e3b49c932a
\ --transit-gateway-multicast-domain-idtgw-mcast-domain-0c4905cef7EXAMPLE
Output:
{ "Associations": { "TransitGatewayMulticastDomainId": "tgw-mcast-domain-0c4905cef79d6e597", "TransitGatewayAttachmentId": "tgw-attach-028c1dd0f8f5cbe8e", "ResourceId": "vpc-01128d2c240c09bd5", "ResourceType": "vpc", "Subnets": [ { "SubnetId": "subnet-000de86e3b49c932a", "State": "associating" } ] } }
For more information, see Managing multicast domains
in the Transit Gateways Guide. -
For API details, see AssociateTransitGatewayMulticastDomain
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-transit-gateway-route-table
.
- Amazon CLI
-
To associate a transit gateway route table with a transit gateway attachment
The following example associates the specified transit gateway route table with the specified VPC attachment.
aws ec2 associate-transit-gateway-route-table \ --transit-gateway-route-table-id
tgw-rtb-002573ed1eEXAMPLE
\ --transit-gateway-attachment-idtgw-attach-0b5968d3b6EXAMPLE
Output:
{ "Association": { "TransitGatewayRouteTableId": "tgw-rtb-002573ed1eEXAMPLE", "TransitGatewayAttachmentId": "tgw-attach-0b5968d3b6EXAMPLE", "ResourceId": "vpc-0065acced4EXAMPLE", "ResourceType": "vpc", "State": "associating" } }
For more information, see Associate a Transit Gateway Route Table
in the Amazon Transit Gateways Guide. -
For API details, see AssociateTransitGatewayRouteTable
in Amazon CLI Command Reference.
-
The following code example shows how to use associate-vpc-cidr-block
.
- Amazon CLI
-
Example 1: To associate an Amazon-provided IPv6 CIDR block with a VPC
The following
associate-vpc-cidr-block
example associates an IPv6 CIDR block with the specified VPC.:aws ec2 associate-vpc-cidr-block \ --amazon-provided-ipv6-cidr-block \ --ipv6-cidr-block-network-border-group
us-west-2-lax-1
\ --vpc-idvpc-8EXAMPLE
Output:
{ "Ipv6CidrBlockAssociation": { "AssociationId": "vpc-cidr-assoc-0838ce7d9dEXAMPLE", "Ipv6CidrBlockState": { "State": "associating" }, "NetworkBorderGroup": "us-west-2-lax-1" }, "VpcId": "vpc-8EXAMPLE" }
Example 2:To associate an additional IPv4 CIDR block with a VPC
The following
associate-vpc-cidr-block
example associates the IPv4 CIDR block10.2.0.0/16
with the specified VPC.aws ec2 associate-vpc-cidr-block \ --vpc-id
vpc-1EXAMPLE
\ --cidr-block10.2.0.0/16
Output:
{ "CidrBlockAssociation": { "AssociationId": "vpc-cidr-assoc-2EXAMPLE", "CidrBlock": "10.2.0.0/16", "CidrBlockState": { "State": "associating" } }, "VpcId": "vpc-1EXAMPLE" }
-
For API details, see AssociateVpcCidrBlock
in Amazon CLI Command Reference.
-
The following code example shows how to use attach-classic-link-vpc
.
- Amazon CLI
-
To link (attach) an EC2-Classic instance to a VPC
This example links instance i-1234567890abcdef0 to VPC vpc-88888888 through the VPC security group sg-12312312.
Command:
aws ec2 attach-classic-link-vpc --instance-id
i-1234567890abcdef0
--vpc-idvpc-88888888
--groupssg-12312312
Output:
{ "Return": true }
-
For API details, see AttachClassicLinkVpc
in Amazon CLI Command Reference.
-
The following code example shows how to use attach-internet-gateway
.
- Amazon CLI
-
To attach an internet gateway to your VPC
The following
attach-internet-gateway
example attaches the specified internet gateway to the specific VPC.aws ec2 attach-internet-gateway \ --internet-gateway-id
igw-0d0fb496b3EXAMPLE
\ --vpc-idvpc-0a60eb65b4EXAMPLE
This command produces no output.
For more information, see Internet gateways
in the Amazon VPC User Guide. -
For API details, see AttachInternetGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use attach-network-interface
.
- Amazon CLI
-
Example 1: To attach a network interface to an instance
The following
attach-network-interface
example attaches the specified network interface to the specified instance.aws ec2 attach-network-interface \ --network-interface-id
eni-0dc56a8d4640ad10a
\ --instance-idi-1234567890abcdef0
\ --device-index1
Output:
{ "AttachmentId": "eni-attach-01a8fc87363f07cf9" }
For more information, see Elastic network interfaces
in the Amazon EC2 User Guide. Example 2: To attach a network interface to an instance with multiple network cards
The following
attach-network-interface
example attaches the specified network interface to the specified instance and network card.aws ec2 attach-network-interface \ --network-interface-id
eni-07483b1897541ad83
\ --instance-idi-01234567890abcdef
\ --network-card-index1
\ --device-index1
Output:
{ "AttachmentId": "eni-attach-0fbd7ee87a88cd06c" }
For more information, see Elastic network interfaces
in the Amazon EC2 User Guide. -
For API details, see AttachNetworkInterface
in Amazon CLI Command Reference.
-
The following code example shows how to use attach-verified-access-trust-provider
.
- Amazon CLI
-
To attach a trust provider to an instance
The following
attach-verified-access-trust-provider
example attaches the specified Verified Access trust provider to the specified Verified Access instance.aws ec2 attach-verified-access-trust-provider \ --verified-access-instance-id
vai-0ce000c0b7643abea
\ --verified-access-trust-provider-idvatp-0bb32de759a3e19e7
Output:
{ "VerifiedAccessTrustProvider": { "VerifiedAccessTrustProviderId": "vatp-0bb32de759a3e19e7", "Description": "", "TrustProviderType": "user", "UserTrustProviderType": "iam-identity-center", "PolicyReferenceName": "idc", "CreationTime": "2023-08-25T19:00:38", "LastUpdatedTime": "2023-08-25T19:00:38" }, "VerifiedAccessInstance": { "VerifiedAccessInstanceId": "vai-0ce000c0b7643abea", "Description": "", "VerifiedAccessTrustProviders": [ { "VerifiedAccessTrustProviderId": "vatp-0bb32de759a3e19e7", "TrustProviderType": "user", "UserTrustProviderType": "iam-identity-center" } ], "CreationTime": "2023-08-25T18:27:56", "LastUpdatedTime": "2023-08-25T18:27:56" } }
For more information, see Verified Access instances
in the Amazon Verified Access User Guide. -
For API details, see AttachVerifiedAccessTrustProvider
in Amazon CLI Command Reference.
-
The following code example shows how to use attach-volume
.
- Amazon CLI
-
To attach a volume to an instance
This example command attaches a volume (
vol-1234567890abcdef0
) to an instance (i-01474ef662b89480
) as/dev/sdf
.Command:
aws ec2 attach-volume --volume-id
vol-1234567890abcdef0
--instance-idi-01474ef662b89480
--device/dev/sdf
Output:
{ "AttachTime": "YYYY-MM-DDTHH:MM:SS.000Z", "InstanceId": "i-01474ef662b89480", "VolumeId": "vol-1234567890abcdef0", "State": "attaching", "Device": "/dev/sdf" }
-
For API details, see AttachVolume
in Amazon CLI Command Reference.
-
The following code example shows how to use attach-vpn-gateway
.
- Amazon CLI
-
To attach a virtual private gateway to your VPC
The following
attach-vpn-gateway
example attaches the specified virtual private gateway to the specified VPC.aws ec2 attach-vpn-gateway \ --vpn-gateway-id
vgw-9a4cacf3
\ --vpc-idvpc-a01106c2
Output:
{ "VpcAttachment": { "State": "attaching", "VpcId": "vpc-a01106c2" } }
-
For API details, see AttachVpnGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use authorize-client-vpn-ingress
.
- Amazon CLI
-
To add an authorization rule for a Client VPN endpoint
The following
authorize-client-vpn-ingress
example adds an ingress authorization rule that permits all clients to access the internet (0.0.0.0/0
).aws ec2 authorize-client-vpn-ingress \ --client-vpn-endpoint-id
cvpn-endpoint-123456789123abcde
\ --target-network-cidr0.0.0.0/0
\ --authorize-all-groupsOutput:
{ "Status": { "Code": "authorizing" } }
For more information, see Authorization Rules
in the Amazon Client VPN Administrator Guide. -
For API details, see AuthorizeClientVpnIngress
in Amazon CLI Command Reference.
-
The following code example shows how to use authorize-security-group-egress
.
- Amazon CLI
-
To add a rule that allows outbound traffic to a specific address range
This example command adds a rule that grants access to the specified address ranges on TCP port 80.
Command (Linux):
aws ec2 authorize-security-group-egress --group-id
sg-1a2b3c4d
--ip-permissions IpProtocol=tcp,FromPort=80,ToPort=80,IpRanges='[{CidrIp=10.0.0.0/16}]'Command (Windows):
aws ec2 authorize-security-group-egress --group-id
sg-1a2b3c4d
--ip-permissionsIpProtocol=tcp,FromPort=80,ToPort=80,IpRanges=[{CidrIp=10.0.0.0/16}]
To add a rule that allows outbound traffic to a specific security group
This example command adds a rule that grants access to the specified security group on TCP port 80.
Command (Linux):
aws ec2 authorize-security-group-egress --group-id
sg-1a2b3c4d
--ip-permissions IpProtocol=tcp,FromPort=80,ToPort=80,UserIdGroupPairs='[{GroupId=sg-4b51a32f}]'Command (Windows):
aws ec2 authorize-security-group-egress --group-id
sg-1a2b3c4d
--ip-permissionsIpProtocol=tcp,FromPort=80,ToPort=80,UserIdGroupPairs=[{GroupId=sg-4b51a32f}]
-
For API details, see AuthorizeSecurityGroupEgress
in Amazon CLI Command Reference.
-
The following code example shows how to use authorize-security-group-ingress
.
- Amazon CLI
-
Example 1: To add a rule that allows inbound SSH traffic
The following
authorize-security-group-ingress
example adds a rule that allows inbound traffic on TCP port 22 (SSH).aws ec2 authorize-security-group-ingress \ --group-id
sg-1234567890abcdef0
\ --protocoltcp
\ --port22
\ --cidr203.0.113.0/24
Output:
{ "Return": true, "SecurityGroupRules": [ { "SecurityGroupRuleId": "sgr-01afa97ef3e1bedfc", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "tcp", "FromPort": 22, "ToPort": 22, "CidrIpv4": "203.0.113.0/24" } ] }
Example 2: To add a rule that allows inbound HTTP traffic from another security group
The following
authorize-security-group-ingress
example adds a rule that allows inbound access on TCP port 80 from the source security groupsg-1a2b3c4d
. The source group must be in the same VPC or in a peer VPC (requires a VPC peering connection). Incoming traffic is allowed based on the private IP addresses of instances that are associated with the source security group (not the public IP address or Elastic IP address).aws ec2 authorize-security-group-ingress \ --group-id
sg-1234567890abcdef0
\ --protocoltcp
\ --port80
\ --source-groupsg-1a2b3c4d
Output:
{ "Return": true, "SecurityGroupRules": [ { "SecurityGroupRuleId": "sgr-01f4be99110f638a7", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "tcp", "FromPort": 80, "ToPort": 80, "ReferencedGroupInfo": { "GroupId": "sg-1a2b3c4d", "UserId": "123456789012" } } ] }
Example 3: To add multiple rules in the same call
The following
authorize-security-group-ingress
example uses theip-permissions
parameter to add two inbound rules, one that enables inbound access on TCP port 3389 (RDP) and the other that enables ping/ICMP.aws ec2 authorize-security-group-ingress --group-id sg-1234567890abcdef0 --ip-permissions IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges="[{CidrIp=172.31.0.0/16}]" IpProtocol=icmp,FromPort=-1,ToPort=-1,IpRanges="[{CidrIp=172.31.0.0/16}]"
Output:
{ "Return": true, "SecurityGroupRules": [ { "SecurityGroupRuleId": "sgr-00e06e5d3690f29f3", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "tcp", "FromPort": 3389, "ToPort": 3389, "CidrIpv4": "172.31.0.0/16" }, { "SecurityGroupRuleId": "sgr-0a133dd4493944b87", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "tcp", "FromPort": -1, "ToPort": -1, "CidrIpv4": "172.31.0.0/16" } ] }
Example 4: To add a rule for ICMP traffic
The following
authorize-security-group-ingress
example uses theip-permissions
parameter to add an inbound rule that allows the ICMP messageDestination Unreachable: Fragmentation Needed and Don't Fragment was Set
(Type 3, Code 4) from anywhere.aws ec2 authorize-security-group-ingress --group-id sg-1234567890abcdef0 --ip-permissions IpProtocol=icmp,FromPort=3,ToPort=4,IpRanges="[{CidrIp=0.0.0.0/0}]"
Output:
{ "Return": true, "SecurityGroupRules": [ { "SecurityGroupRuleId": "sgr-0de3811019069b787", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "icmp", "FromPort": 3, "ToPort": 4, "CidrIpv4": "0.0.0.0/0" } ] }
Example 5: To add a rule for IPv6 traffic
The following
authorize-security-group-ingress
example uses theip-permissions
parameter to add an inbound rule that allows SSH access (port 22) from the IPv6 range2001:db8:1234:1a00::/64
.aws ec2 authorize-security-group-ingress --group-id sg-1234567890abcdef0 --ip-permissions IpProtocol=tcp,FromPort=22,ToPort=22,Ipv6Ranges="[{CidrIpv6=2001:db8:1234:1a00::/64}]"
Output:
{ "Return": true, "SecurityGroupRules": [ { "SecurityGroupRuleId": "sgr-0455bc68b60805563", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "tcp", "FromPort": 22, "ToPort": 22, "CidrIpv6": "2001:db8:1234:1a00::/64" } ] }
Example 6: To add a rule for ICMPv6 traffic
The following
authorize-security-group-ingress
example uses theip-permissions
parameter to add an inbound rule that allows ICMPv6 traffic from anywhere.aws ec2 authorize-security-group-ingress --group-id sg-1234567890abcdef0 --ip-permissions IpProtocol=icmpv6,Ipv6Ranges="[{CidrIpv6=::/0}]"
Output:
{ "Return": true, "SecurityGroupRules": [ { "SecurityGroupRuleId": "sgr-04b612d9363ab6327", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "icmpv6", "FromPort": -1, "ToPort": -1, "CidrIpv6": "::/0" } ] }
Example 7: Add a rule with a description
The following
authorize-security-group-ingress
example uses theip-permissions
parameter to add an inbound rule that allows RDP traffic from the specified IPv4 address range. The rule includes a description to help you identify it later.aws ec2 authorize-security-group-ingress --group-id sg-1234567890abcdef0 --ip-permissions IpProtocol=tcp,FromPort=3389,ToPort=3389,IpRanges="[{CidrIp=203.0.113.0/24,Description='RDP access from NY office'}]"
Output:
{ "Return": true, "SecurityGroupRules": [ { "SecurityGroupRuleId": "sgr-0397bbcc01e974db3", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "tcp", "FromPort": 3389, "ToPort": 3389, "CidrIpv4": "203.0.113.0/24", "Description": "RDP access from NY office" } ] }
Example 8: To add an inbound rule that uses a prefix list
The following
authorize-security-group-ingress
example uses theip-permissions
parameter to add an inbound rule that allows all traffic for the CIDR ranges in the specified prefix list.aws ec2 authorize-security-group-ingress --group-id sg-04a351bfe432d4e71 --ip-permissions IpProtocol=all,PrefixListIds="[{PrefixListId=pl-002dc3ec097de1514}]"
Output:
{ "Return": true, "SecurityGroupRules": [ { "SecurityGroupRuleId": "sgr-09c74b32f677c6c7c", "GroupId": "sg-1234567890abcdef0", "GroupOwnerId": "123456789012", "IsEgress": false, "IpProtocol": "-1", "FromPort": -1, "ToPort": -1, "PrefixListId": "pl-0721453c7ac4ec009" } ] }
For more information, see Security groups
in the Amazon VPC User Guide. -
For API details, see AuthorizeSecurityGroupIngress
in Amazon CLI Command Reference.
-
The following code example shows how to use bundle-instance
.
- Amazon CLI
-
To bundle an instance
This example bundles instance
i-1234567890abcdef0
to a bucket calledbundletasks
. Before you specify values for your access key IDs, review and follow the guidance in Best Practices for Managing Amazon Access Keys.Command:
aws ec2 bundle-instance --instance-id
i-1234567890abcdef0
--bucketbundletasks
--prefixwinami
--owner-akidAK12AJEXAMPLE
--owner-sakexample123example
Output:
{ "BundleTask": { "UpdateTime": "2015-09-15T13:30:35.000Z", "InstanceId": "i-1234567890abcdef0", "Storage": { "S3": { "Prefix": "winami", "Bucket": "bundletasks" } }, "State": "pending", "StartTime": "2015-09-15T13:30:35.000Z", "BundleId": "bun-294e041f" } }
-
For API details, see BundleInstance
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-bundle-task
.
- Amazon CLI
-
To cancel a bundle task
This example cancels bundle task
bun-2a4e041c
.Command:
aws ec2 cancel-bundle-task --bundle-id
bun-2a4e041c
Output:
{ "BundleTask": { "UpdateTime": "2015-09-15T13:27:40.000Z", "InstanceId": "i-1234567890abcdef0", "Storage": { "S3": { "Prefix": "winami", "Bucket": "bundletasks" } }, "State": "cancelling", "StartTime": "2015-09-15T13:24:35.000Z", "BundleId": "bun-2a4e041c" } }
-
For API details, see CancelBundleTask
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-capacity-reservation-fleets
.
- Amazon CLI
-
To cancel a Capacity Reservation Fleet
The following
cancel-capacity-reservation-fleets
example cancels the specified Capacity Reservation Fleet and the capacity it reserves. When you cancel a Fleet, its status changes tocancelled
, and it can no longer create new Capacity Reservations. Additionally, all of the individual Capacity Reservations in the Fleet are cancelled, and the instances that were previously running in the reserved capacity continue to run normally in shared capacity.aws ec2 cancel-capacity-reservation-fleets \ --capacity-reservation-fleet-ids
crf-abcdef01234567890
Output:
{ "SuccessfulFleetCancellations": [ { "CurrentFleetState": "cancelling", "PreviousFleetState": "active", "CapacityReservationFleetId": "crf-abcdef01234567890" } ], "FailedFleetCancellations": [] }
For more information about Capacity Reservation Fleets, see Capacity Reservation Fleets
in the Amazon EC2 User Guide. -
For API details, see CancelCapacityReservationFleets
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-capacity-reservation
.
- Amazon CLI
-
To cancel a capacity reservation
The following
cancel-capacity-reservation
example cancels the specified capacity reservation.aws ec2 cancel-capacity-reservation \ --capacity-reservation-id
cr-1234abcd56EXAMPLE
Output:
{ "Return": true }
For more information, see Canceling a Capacity Reservation
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see CancelCapacityReservation
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-conversion-task
.
- Amazon CLI
-
To cancel an active conversion of an instance or a volume
This example cancels the upload associated with the task ID import-i-fh95npoc. If the command succeeds, no output is returned.
Command:
aws ec2 cancel-conversion-task --conversion-task-id
import-i-fh95npoc
-
For API details, see CancelConversionTask
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-export-task
.
- Amazon CLI
-
To cancel an active export task
This example cancels an active export task with the task ID export-i-fgelt0i7. If the command succeeds, no output is returned.
Command:
aws ec2 cancel-export-task --export-task-id
export-i-fgelt0i7
-
For API details, see CancelExportTask
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-image-launch-permission
.
- Amazon CLI
-
To cancel having an AMI shared with your Amazon Web Services account
The following
cancel-image-launch-permission
example removes your account from the specified AMI's launch permissions.aws ec2 cancel-image-launch-permission \ --image-id
ami-0123456789example
\ --regionus-east-1
Output:
{ "Return": true }
For more information, see Cancel having an AMI shared with your Amazon Web Services account
in the Amazon EC2 User Guide. -
For API details, see CancelImageLaunchPermission
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-import-task
.
- Amazon CLI
-
To cancel an import task
The following
cancel-import-task
example cancels the specified import image task.aws ec2 cancel-import-task \ --import-task-id
import-ami-1234567890abcdef0
Output:
{ "ImportTaskId": "import-ami-1234567890abcdef0", "PreviousState": "active", "State": "deleting" }
-
For API details, see CancelImportTask
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-reserved-instances-listing
.
- Amazon CLI
-
To cancel a Reserved Instance listing
The following
cancel-reserved-instances-listing
example cancels the specified Reserved Instance listing.aws ec2 cancel-reserved-instances-listing \ --reserved-instances-listing-id
5ec28771-05ff-4b9b-aa31-9e57dexample
-
For API details, see CancelReservedInstancesListing
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-spot-fleet-requests
.
- Amazon CLI
-
Example 1: To cancel a Spot fleet request and terminate the associated instances
The following
cancel-spot-fleet-requests
example cancels a Spot Fleet request and terminates the associated On-Demand Instances and Spot Instances.aws ec2 cancel-spot-fleet-requests \ --spot-fleet-request-ids
sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE
\ --terminate-instancesOutput:
{ "SuccessfulFleetRequests": [ { "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", "CurrentSpotFleetRequestState": "cancelled_terminating", "PreviousSpotFleetRequestState": "active" } ], "UnsuccessfulFleetRequests": [] }
For more information, see Cancel a Spot Fleet request
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. Example 2: To cancel a Spot fleet request without terminating the associated instances
The following
cancel-spot-fleet-requests
example cancels a Spot Fleet request without terminating the associated On-Demand Instances and Spot Instances.aws ec2 cancel-spot-fleet-requests \ --spot-fleet-request-ids
sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE
\ --no-terminate-instancesOutput:
{ "SuccessfulFleetRequests": [ { "SpotFleetRequestId": "sfr-73fbd2ce-aa30-494c-8788-1cee4EXAMPLE", "CurrentSpotFleetRequestState": "cancelled_running", "PreviousSpotFleetRequestState": "active" } ], "UnsuccessfulFleetRequests": [] }
For more information, see Cancel a Spot Fleet request
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see CancelSpotFleetRequests
in Amazon CLI Command Reference.
-
The following code example shows how to use cancel-spot-instance-requests
.
- Amazon CLI
-
To cancel Spot Instance requests
This example command cancels a Spot Instance request.
Command:
aws ec2 cancel-spot-instance-requests --spot-instance-request-ids
sir-08b93456
Output:
{ "CancelledSpotInstanceRequests": [ { "State": "cancelled", "SpotInstanceRequestId": "sir-08b93456" } ] }
-
For API details, see CancelSpotInstanceRequests
in Amazon CLI Command Reference.
-
The following code example shows how to use confirm-product-instance
.
- Amazon CLI
-
To confirm the product instance
This example determines whether the specified product code is associated with the specified instance.
Command:
aws ec2 confirm-product-instance --product-code
774F4FF8
--instance-idi-1234567890abcdef0
Output:
{ "OwnerId": "123456789012" }
-
For API details, see ConfirmProductInstance
in Amazon CLI Command Reference.
-
The following code example shows how to use copy-fpga-image
.
- Amazon CLI
-
To copy an Amazon FPGA image
This example copies the specified AFI from the
us-east-1
region to the current region (eu-west-1
).Command:
aws ec2 copy-fpga-image --name
copy-afi
--source-fpga-image-idafi-0d123e123bfc85abc
--source-regionus-east-1
--regioneu-west-1
Output:
{ "FpgaImageId": "afi-06b12350a123fbabc" }
-
For API details, see CopyFpgaImage
in Amazon CLI Command Reference.
-
The following code example shows how to use copy-image
.
- Amazon CLI
-
Example 1: To copy an AMI to another Region
The following
copy-image
example command copies the specified AMI from theus-west-2
Region to theus-east-1
Region and adds a short description.aws ec2 copy-image \ --region
us-east-1
\ --nameami-name
\ --source-regionus-west-2
\ --source-image-idami-066877671789bd71b
\ --description"This is my copied image."
Output:
{ "ImageId": "ami-0123456789abcdefg" }
For more information, see Copy an AMI
in the Amazon EC2 User Guide. Example 2: To copy an AMI to another Region and encrypt the backing snapshot
The following
copy-image
command copies the specified AMI from theus-west-2
Region to the current Region and encrypts the backing snapshot using the specified KMS key.aws ec2 copy-image \ --source-region
us-west-2
\ --nameami-name
\ --source-image-idami-066877671789bd71b
\ --encrypted \ --kms-key-idalias/my-kms-key
Output:
{ "ImageId": "ami-0123456789abcdefg" }
For more information, see Copy an AMI
in the Amazon EC2 User Guide. Example 3: To include your user-defined AMI tags when copying an AMI
The following
copy-image
command uses the--copy-image-tags
parameter to copy your user-defined AMI tags when copying the AMI.aws ec2 copy-image \ --region
us-east-1
\ --nameami-name
\ --source-regionus-west-2
\ --source-image-idami-066877671789bd71b
\ --description"This is my copied image."
--copy-image-tagsOutput:
{ "ImageId": "ami-0123456789abcdefg" }
For more information, see Copy an AMI
in the Amazon EC2 User Guide. -
For API details, see CopyImage
in Amazon CLI Command Reference.
-
The following code example shows how to use copy-snapshot
.
- Amazon CLI
-
Example 1: To copy a snapshot to another Region
The following
copy-snapshot
example command copies the specified snapshot from theus-west-2
Region to theus-east-1
Region and adds a short description.aws ec2 copy-snapshot \ --region
us-east-1
\ --source-regionus-west-2
\ --source-snapshot-idsnap-066877671789bd71b
\ --description"This is my copied snapshot."
Output:
{ "SnapshotId": "snap-066877671789bd71b" }
For more information, see Copy an Amazon EBS snapshot
in the Amazon EC2 User Guide. Example 2: To copy an unencrypted snapshot and encrypt the new snapshot
The following
copy-snapshot
command copies the specified unencrypted snapshot from theus-west-2
Region to the current Region and encrypts the new snapshot using the specified KMS key.aws ec2 copy-snapshot \ --source-region
us-west-2
\ --source-snapshot-idsnap-066877671789bd71b
\ --encrypted \ --kms-key-idalias/my-kms-key
Output:
{ "SnapshotId": "snap-066877671789bd71b" }
For more information, see Copy an Amazon EBS snapshot
in the Amazon EC2 User Guide. -
For API details, see CopySnapshot
in Amazon CLI Command Reference.
-
The following code example shows how to use create-capacity-reservation-fleet
.
- Amazon CLI
-
To create a Capacity Reservation Fleet
The following
create-capacity-reservation-fleet
example creates a Capacity Reservation Fleet for the instance type specified in the request, up to the specified total target capacity. The number of instances for which the Capacity Reservation Fleet reserves capacity depends on the total target capacity and instance type weights that you specify in the request. Specify the instance types to use and a priority for each of the designated instance types.aws ec2 create-capacity-reservation-fleet \ --total-target-capacity
24
\ --allocation-strategyprioritized
\ --instance-match-criteriaopen
\ --tenancydefault
\ --end-date2022-12-31T23:59:59.000Z
\ --instance-type-specificationsfile://instanceTypeSpecification.json
Contents of
instanceTypeSpecification.json
:[ { "InstanceType": "m5.xlarge", "InstancePlatform": "Linux/UNIX", "Weight": 3.0, "AvailabilityZone":"us-east-1a", "EbsOptimized": true, "Priority" : 1 } ]
Output:
{ "Status": "submitted", "TotalFulfilledCapacity": 0.0, "CapacityReservationFleetId": "crf-abcdef01234567890", "TotalTargetCapacity": 24 }
For more information about Capacity Reservation Fleets, see Capacity Reservation Fleets
in the Amazon EC2 User Guide. For more information about instance type weight and total target capacity, see Instance type weight
and Total target capacity in the Amazon EC2 User Guide. For more information about designating priority for specified instance types, see Allocation strategy
and Instance type priority in the Amazon EC2 User Guide. -
For API details, see CreateCapacityReservationFleet
in Amazon CLI Command Reference.
-
The following code example shows how to use create-capacity-reservation
.
- Amazon CLI
-
Example 1: To create a Capacity Reservation
The following
create-capacity-reservation
example creates a capacity reservation in theeu-west-1a
Availability Zone, into which you can launch threet2.medium
instances running a Linux/Unix operating system. By default, the capacity reservation is created with open instance matching criteria and no support for ephemeral storage, and it remains active until you manually cancel it.aws ec2 create-capacity-reservation \ --availability-zone
eu-west-1a
\ --instance-typet2.medium
\ --instance-platformLinux/UNIX
\ --instance-count3
Output:
{ "CapacityReservation": { "CapacityReservationId": "cr-1234abcd56EXAMPLE ", "EndDateType": "unlimited", "AvailabilityZone": "eu-west-1a", "InstanceMatchCriteria": "open", "EphemeralStorage": false, "CreateDate": "2019-08-16T09:27:35.000Z", "AvailableInstanceCount": 3, "InstancePlatform": "Linux/UNIX", "TotalInstanceCount": 3, "State": "active", "Tenancy": "default", "EbsOptimized": false, "InstanceType": "t2.medium" } }
Example 2: To create a Capacity Reservation that automatically ends at a specified date/time
The following
create-capacity-reservation
example creates a capacity reservation in theeu-west-1a
Availability Zone, into which you can launch threem5.large
instances running a Linux/Unix operating system. This capacity reservation automatically ends on 08/31/2019 at 23:59:59.aws ec2 create-capacity-reservation \ --availability-zone
eu-west-1a
\ --instance-typem5.large
\ --instance-platformLinux/UNIX
\ --instance-count3
\ --end-date-typelimited
\ --end-date2019-08-31T23:59:59Z
Output:
{ "CapacityReservation": { "CapacityReservationId": "cr-1234abcd56EXAMPLE ", "EndDateType": "limited", "AvailabilityZone": "eu-west-1a", "EndDate": "2019-08-31T23:59:59.000Z", "InstanceMatchCriteria": "open", "EphemeralStorage": false, "CreateDate": "2019-08-16T10:15:53.000Z", "AvailableInstanceCount": 3, "InstancePlatform": "Linux/UNIX", "TotalInstanceCount": 3, "State": "active", "Tenancy": "default", "EbsOptimized": false, "InstanceType": "m5.large" } }
Example 3: To create a Capacity Reservation that accepts only targeted instance launches
The following
create-capacity-reservation
example creates a capacity reservation that accepts only targeted instance launches.aws ec2 create-capacity-reservation \ --availability-zone
eu-west-1a
\ --instance-typem5.large
\ --instance-platformLinux/UNIX
\ --instance-count3
\ --instance-match-criteriatargeted
Output:
{ "CapacityReservation": { "CapacityReservationId": "cr-1234abcd56EXAMPLE ", "EndDateType": "unlimited", "AvailabilityZone": "eu-west-1a", "InstanceMatchCriteria": "targeted", "EphemeralStorage": false, "CreateDate": "2019-08-16T10:21:57.000Z", "AvailableInstanceCount": 3, "InstancePlatform": "Linux/UNIX", "TotalInstanceCount": 3, "State": "active", "Tenancy": "default", "EbsOptimized": false, "InstanceType": "m5.large" } }
For more information, see Creating a Capacity Reservation
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see CreateCapacityReservation
in Amazon CLI Command Reference.
-
The following code example shows how to use create-carrier-gateway
.
- Amazon CLI
-
To create a carrier gateway
The following
create-carrier-gateway
example creates a carrier gateway for the specified VPC.aws ec2 create-carrier-gateway \ --vpc-id
vpc-0c529aEXAMPLE1111
Output:
{ "CarrierGateway": { "CarrierGatewayId": "cagw-0465cdEXAMPLE1111", "VpcId": "vpc-0c529aEXAMPLE1111", "State": "pending", "OwnerId": "123456789012" } }
For more information, see Carrier gateways
in the Amazon Wavelength User Guide. -
For API details, see CreateCarrierGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use create-client-vpn-endpoint
.
- Amazon CLI
-
To create a Client VPN endpoint
The following
create-client-vpn-endpoint
example creates a Client VPN endpoint that uses mutual authentication and specifies a value for the client CIDR block.aws ec2 create-client-vpn-endpoint \ --client-cidr-block
"172.31.0.0/16"
\ --server-certificate-arnarn:aws:acm:ap-south-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-11111EXAMPLE
\ --authentication-optionsType=certificate-authentication,MutualAuthentication={ClientRootCertificateChainArn=arn:aws:acm:ap-south-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-22222EXAMPLE}
\ --connection-log-optionsEnabled=false
Output:
{ "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "Status": { "Code": "pending-associate" }, "DnsName": "cvpn-endpoint-123456789123abcde.prod.clientvpn.ap-south-1.amazonaws.com" }
For more information, see Client VPN Endpoints
in the Amazon Client VPN Administrator Guide. -
For API details, see CreateClientVpnEndpoint
in Amazon CLI Command Reference.
-
The following code example shows how to use create-client-vpn-route
.
- Amazon CLI
-
To create a route for a Client VPN endpoint
The following
create-client-vpn-route
example adds a route to the internet (0.0.0.0/0
) for the specified subnet of the Client VPN endpoint.aws ec2 create-client-vpn-route \ --client-vpn-endpoint-id
cvpn-endpoint-123456789123abcde
\ --destination-cidr-block0.0.0.0/0
\ --target-vpc-subnet-idsubnet-0123456789abcabca
Output:
{ "Status": { "Code": "creating" } }
For more information, see Routes
in the Amazon Client VPN Administrator Guide. -
For API details, see CreateClientVpnRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use create-coip-cidr
.
- Amazon CLI
-
To create a range of customer-owned IP (CoIP) addresses
The following
create-coip-cidr
example creates the specified range of CoIP addresses in the specified CoIP pool.aws ec2 create-coip-cidr \ --cidr
15.0.0.0/24
\ --coip-pool-idipv4pool-coip-1234567890abcdefg
Output:
{ "CoipCidr": { "Cidr": "15.0.0.0/24", "CoipPoolId": "ipv4pool-coip-1234567890abcdefg", "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890" } }
For more information, see Customer-owned IP addresses
in the Amazon Outposts User Guide. -
For API details, see CreateCoipCidr
in Amazon CLI Command Reference.
-
The following code example shows how to use create-coip-pool
.
- Amazon CLI
-
To create a pool of customer-owned IP (CoIP) addresses
The following
create-coip-pool
example creates a CoIP pool for CoIP addresses in the specified local gateway route table.aws ec2 create-coip-pool \ --local-gateway-route-table-id
lgw-rtb-abcdefg1234567890
Output:
{ "CoipPool": { "PoolId": "ipv4pool-coip-1234567890abcdefg", "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", "PoolArn": "arn:aws:ec2:us-west-2:123456789012:coip-pool/ipv4pool-coip-1234567890abcdefg" } }
For more information, see Customer-owned IP addresses
in the Amazon Outposts User Guide. -
For API details, see CreateCoipPool
in Amazon CLI Command Reference.
-
The following code example shows how to use create-customer-gateway
.
- Amazon CLI
-
To create a customer gateway
This example creates a customer gateway with the specified IP address for its outside interface.
Command:
aws ec2 create-customer-gateway --type
ipsec.1
--public-ip12.1.2.3
--bgp-asn65534
Output:
{ "CustomerGateway": { "CustomerGatewayId": "cgw-0e11f167", "IpAddress": "12.1.2.3", "State": "available", "Type": "ipsec.1", "BgpAsn": "65534" } }
-
For API details, see CreateCustomerGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use create-default-subnet
.
- Amazon CLI
-
To create a default subnet
This example creates a default subnet in Availability Zone
us-east-2a
.Command:
aws ec2 create-default-subnet --availability-zone us-east-2a { "Subnet": { "AvailabilityZone": "us-east-2a", "Tags": [], "AvailableIpAddressCount": 4091, "DefaultForAz": true, "Ipv6CidrBlockAssociationSet": [], "VpcId": "vpc-1a2b3c4d", "State": "available", "MapPublicIpOnLaunch": true, "SubnetId": "subnet-1122aabb", "CidrBlock": "172.31.32.0/20", "AssignIpv6AddressOnCreation": false } }
-
For API details, see CreateDefaultSubnet
in Amazon CLI Command Reference.
-
The following code example shows how to use create-default-vpc
.
- Amazon CLI
-
To create a default VPC
This example creates a default VPC.
Command:
aws ec2 create-default-vpc
Output:
{ "Vpc": { "VpcId": "vpc-8eaae5ea", "InstanceTenancy": "default", "Tags": [], "Ipv6CidrBlockAssociationSet": [], "State": "pending", "DhcpOptionsId": "dopt-af0c32c6", "CidrBlock": "172.31.0.0/16", "IsDefault": true } }
-
For API details, see CreateDefaultVpc
in Amazon CLI Command Reference.
-
The following code example shows how to use create-dhcp-options
.
- Amazon CLI
-
To create a set of DHCP options
The following
create-dhcp-options
example creates a set of DHCP options that specifies the domain name, the domain name servers, and the NetBIOS node type.aws ec2 create-dhcp-options \ --dhcp-configuration \
"Key=domain-name-servers,Values=10.2.5.1,10.2.5.2"
\"Key=domain-name,Values=example.com"
\"Key=netbios-node-type,Values=2"
Output:
{ "DhcpOptions": { "DhcpConfigurations": [ { "Key": "domain-name", "Values": [ { "Value": "example.com" } ] }, { "Key": "domain-name-servers", "Values": [ { "Value": "10.2.5.1" }, { "Value": "10.2.5.2" } ] }, { "Key": "netbios-node-type", "Values": [ { "Value": "2" } ] } ], "DhcpOptionsId": "dopt-06d52773eff4c55f3" } }
-
For API details, see CreateDhcpOptions
in Amazon CLI Command Reference.
-
The following code example shows how to use create-egress-only-internet-gateway
.
- Amazon CLI
-
To create an egress-only Internet gateway
This example creates an egress-only Internet gateway for the specified VPC.
Command:
aws ec2 create-egress-only-internet-gateway --vpc-id
vpc-0c62a468
Output:
{ "EgressOnlyInternetGateway": { "EgressOnlyInternetGatewayId": "eigw-015e0e244e24dfe8a", "Attachments": [ { "State": "attached", "VpcId": "vpc-0c62a468" } ] } }
-
For API details, see CreateEgressOnlyInternetGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use create-fleet
.
- Amazon CLI
-
Example 1: To create an EC2 Fleet that launches Spot Instances as the default purchasing model
The following
create-fleet
example creates an EC2 Fleet using the minimum parameters required to launch a fleet: a launch template, target capacity, and default purchasing model. The launch template is identified by its launch template ID and version number. The target capacity for the fleet is 2 instances, and the default purchasing model isspot
, which results in the fleet launching 2 Spot Instances.When you create an EC2 Fleet, use a JSON file to specify information about the instances to launch.
aws ec2 create-fleet \ --cli-input-json
file://file_name.json
Contents of file_name.json:
{ "LaunchTemplateConfigs": [ { "LaunchTemplateSpecification": { "LaunchTemplateId": "lt-0e8c754449b27161c", "Version": "1" } } ], "TargetCapacitySpecification": { "TotalTargetCapacity": 2, "DefaultTargetCapacityType": "spot" } }
Output:
{ "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE" }
Example 2: To create an EC2 Fleet that launches On-Demand Instances as the default purchasing model
The following
create-fleet
example creates an EC2 Fleet using the minimum parameters required to launch a fleet: a launch template, target capacity, and default purchasing model. The launch template is identified by its launch template ID and version number. The target capacity for the fleet is 2 instances, and the default purchasing model ison-demand
, which results in the fleet launching 2 On-Demand Instances.When you create an EC2 Fleet, use a JSON file to specify information about the instances to launch.
aws ec2 create-fleet \ --cli-input-json
file://file_name.json
Contents of file_name.json:
{ "LaunchTemplateConfigs": [ { "LaunchTemplateSpecification": { "LaunchTemplateId": "lt-0e8c754449b27161c", "Version": "1" } } ], "TargetCapacitySpecification": { "TotalTargetCapacity": 2, "DefaultTargetCapacityType": "on-demand" } }
Output:
{ "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE" }
Example 3: To create an EC2 Fleet that launches On-Demand Instances as the primary capacity
The following
create-fleet
example creates an EC2 Fleet that specifies the total target capacity of 2 instances for the fleet, and a target capacity of 1 On-Demand Instance. The default purchasing model isspot
. The fleet launches 1 On-Demand Instance as specified, but needs to launch one more instance to fulfil the total target capacity. The purchasing model for the difference is calculated asTotalTargetCapacity
-OnDemandTargetCapacity
=DefaultTargetCapacityType
, which results in the fleet launching 1 Spot Instance.When you create an EC2 Fleet, use a JSON file to specify information about the instances to launch.
aws ec2 create-fleet \ --cli-input-json
file://file_name.json
Contents of file_name.json:
{ "LaunchTemplateConfigs": [ { "LaunchTemplateSpecification": { "LaunchTemplateId": "lt-0e8c754449b27161c", "Version": "1" } } ], "TargetCapacitySpecification": { "TotalTargetCapacity": 2, "OnDemandTargetCapacity":1, "DefaultTargetCapacityType": "spot" } }
Output:
{ "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE" }
Example 4: To create an EC2 Fleet that launches Spot Instances using the lowest-price allocation strategy
If the allocation strategy for Spot Instances is not specified, the default allocation strategy, which is
lowest-price
, is used. The followingcreate-fleet
example creates an EC2 Fleet using thelowest-price
allocation strategy. The three launch specifications, which override the launch template, have different instance types but the same weighted capacity and subnet. The total target capacity is 2 instances and the default purchasing model isspot
. The EC2 Fleet launches 2 Spot Instances using the instance type of the launch specification with the lowest price.When you create an EC2 Fleet, use a JSON file to specify information about the instances to launch.
aws ec2 create-fleet \ --cli-input-json
file://file_name.jsonContents
of
file_name.json::
{
"LaunchTemplateConfigs":[
{
"LaunchTemplateSpecification":{
"LaunchTemplateId": "lt-0e8c754449b271
61c", "Version": "1"},
"Overrides":[
{
"InstanceType": "c4.large", "WeightedCapacity":1,
"SubnetId":"subnet-a4f6c5d3"
},
{
"InstanceType": "c3.large", "WeightedCapacity":1,
"SubnetId":"subnet-a4f6c5d3"
},
{
"InstanceType": "c5.large", "WeightedCapacity":1,
"SubnetId":"subnet-a4f6c5d3"
}
]
}
],
"TargetCapacitySpecification":{
"TotalTargetCapacity":2,
"DefaultTargetCapacityType":"spot"
}
}
Output:
{ "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE" }
-
For API details, see CreateFleet
in Amazon CLI Command Reference.
-
The following code example shows how to use create-flow-logs
.
- Amazon CLI
-
Example 1: To create a flow log
The following
create-flow-logs
example creates a flow log that captures all rejected traffic for the specified network interface. The flow logs are delivered to a log group in CloudWatch Logs using the permissions in the specified IAM role.aws ec2 create-flow-logs \ --resource-type
NetworkInterface
\ --resource-idseni-11223344556677889
\ --traffic-typeREJECT
\ --log-group-namemy-flow-logs
\ --deliver-logs-permission-arnarn:aws:iam::123456789101:role/publishFlowLogs
Output:
{ "ClientToken": "so0eNA2uSHUNlHI0S2cJ305GuIX1CezaRdGtexample", "FlowLogIds": [ "fl-12345678901234567" ], "Unsuccessful": [] }
For more information, see VPC Flow Logs
in the Amazon VPC User Guide. Example 2: To create a flow log with a custom format
The following
create-flow-logs
example creates a flow log that captures all traffic for the specified VPC and delivers the flow logs to an Amazon S3 bucket. The--log-format
parameter specifies a custom format for the flow log records. To run this command on Windows, change the single quotes (') to double quotes (").aws ec2 create-flow-logs \ --resource-type
VPC
\ --resource-idsvpc-00112233344556677
\ --traffic-typeALL
\ --log-destination-types3
\ --log-destinationarn:aws:s3:::flow-log-bucket/my-custom-flow-logs/
\ --log-format '${version} ${vpc-id} ${subnet-id} ${instance-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${tcp-flags} ${type} ${pkt-srcaddr} ${pkt-dstaddr}
'For more information, see VPC Flow Logs
in the Amazon VPC User Guide. Example 3: To create a flow log with a one-minute maximum aggregation interval
The following
create-flow-logs
example creates a flow log that captures all traffic for the specified VPC and delivers the flow logs to an Amazon S3 bucket. The--max-aggregation-interval
parameter specifies a maximum aggregation interval of 60 seconds (1 minute).aws ec2 create-flow-logs \ --resource-type
VPC
\ --resource-idsvpc-00112233344556677
\ --traffic-typeALL
\ --log-destination-types3
\ --log-destinationarn:aws:s3:::flow-log-bucket/my-custom-flow-logs/
\ --max-aggregation-interval60
For more information, see VPC Flow Logs
in the Amazon VPC User Guide. -
For API details, see CreateFlowLogs
in Amazon CLI Command Reference.
-
The following code example shows how to use create-fpga-image
.
- Amazon CLI
-
To create an Amazon FPGA image
This example creates an AFI from the specified tarball in the specified bucket.
Command:
aws ec2 create-fpga-image --name
my-afi
--descriptiontest-afi
--input-storage-locationBucket=my-fpga-bucket,Key=dcp/17_12_22-103226.Developer_CL.tar
--logs-storage-locationBucket=my-fpga-bucket,Key=logs
Output:
{ "FpgaImageId": "afi-0d123e123bfc85abc", "FpgaImageGlobalId": "agfi-123cb27b5e84a0abc" }
-
For API details, see CreateFpgaImage
in Amazon CLI Command Reference.
-
The following code example shows how to use create-image
.
- Amazon CLI
-
Example 1: To create an AMI from an Amazon EBS-backed instance
The following
create-image
example creates an AMI from the specified instance.aws ec2 create-image \ --instance-id
i-1234567890abcdef0
\ --name"My server"
\ --description"An AMI for my server"
Output:
{ "ImageId": "ami-abcdef01234567890" }
For more information about specifying a block device mapping for your AMI, see Specifying a block device mapping for an AMI
in the Amazon EC2 User Guide. Example 2: To create an AMI from an Amazon EBS-backed instance without reboot
The following
create-image
example creates an AMI and sets the --no-reboot parameter, so that the instance is not rebooted before the image is created.aws ec2 create-image \ --instance-id
i-1234567890abcdef0
\ --name"My server"
\ --no-rebootOutput:
{ "ImageId": "ami-abcdef01234567890" }
For more information about specifying a block device mapping for your AMI, see Specifying a block device mapping for an AMI
in the Amazon EC2 User Guide. Example 3: To tag an AMI and snapshots on creation
The following
create-image
example creates an AMI, and tags the AMI and the snapshots with the same tagcost-center=cc123
aws ec2 create-image \ --instance-id
i-1234567890abcdef0
\ --name"My server"
\ --tag-specifications"ResourceType=image,Tags=[{Key=cost-center,Value=cc123}]"
"ResourceType=snapshot,Tags=[{Key=cost-center,Value=cc123}]"
Output:
{ "ImageId": "ami-abcdef01234567890" }
For more information about tagging your resources on creation, see Add tags on resource creation
in the Amazon EC2 User Guide. -
For API details, see CreateImage
in Amazon CLI Command Reference.
-
The following code example shows how to use create-instance-connect-endpoint
.
- Amazon CLI
-
To create an EC2 Instance Connect Endpoint
The following
create-instance-connect-endpoint
example creates an EC2 Instance Connect Endpoint in the specified subnet.aws ec2 create-instance-connect-endpoint \ --region
us-east-1
\ --subnet-idsubnet-0123456789example
Output:
{ "VpcId": "vpc-0123abcd", "InstanceConnectEndpointArn": "arn:aws:ec2:us-east-1:111111111111:instance-connect-endpoint/eice-0123456789example", "AvailabilityZone": "us-east-1a", "NetworkInterfaceIds": [ "eni-0123abcd" ], "PreserveClientIp": true, "Tags": [], "FipsDnsName": "eice-0123456789example.0123abcd.fips.ec2-instance-connect-endpoint.us-east-1.amazonaws.com", "StateMessage": "", "State": "create-complete", "DnsName": "eice-0123456789example.0123abcd.ec2-instance-connect-endpoint.us-east-1.amazonaws.com", "SubnetId": "subnet-0123abcd", "OwnerId": "111111111111", "SecurityGroupIds": [ "sg-0123abcd" ], "InstanceConnectEndpointId": "eice-0123456789example", "CreatedAt": "2023-04-07T15:43:53.000Z" }
For more information, see Create an EC2 Instance Connect Endpoint
in the Amazon EC2 User Guide. -
For API details, see CreateInstanceConnectEndpoint
in Amazon CLI Command Reference.
-
The following code example shows how to use create-instance-event-window
.
- Amazon CLI
-
Example 1: To create an event window with a time range
The following
create-instance-event-window
example creates an event window with a time range. You can't also specify thecron-expression
parameter.aws ec2 create-instance-event-window \ --region
us-east-1
\ --time-rangeStartWeekDay=monday,StartHour=2,EndWeekDay=wednesday,EndHour=8
\ --tag-specifications"ResourceType=instance-event-window,Tags=[{Key=K1,Value=V1}]"
\ --namemyEventWindowName
Output:
{ "InstanceEventWindow": { "InstanceEventWindowId": "iew-0abcdef1234567890", "TimeRanges": [ { "StartWeekDay": "monday", "StartHour": 2, "EndWeekDay": "wednesday", "EndHour": 8 } ], "Name": "myEventWindowName", "State": "creating", "Tags": [ { "Key": "K1", "Value": "V1" } ] } }
For event window constraints, see Considerations
in the Scheduled Events section of the Amazon EC2 User Guide. Example 2: To create an event window with a cron expression
The following
create-instance-event-window
example creates an event window with a cron expression. You can't also specify thetime-range
parameter.aws ec2 create-instance-event-window \ --region
us-east-1
\ --cron-expression"* 21-23 * * 2,3"
\ --tag-specifications"ResourceType=instance-event-window,Tags=[{Key=K1,Value=V1}]"
\ --namemyEventWindowName
Output:
{ "InstanceEventWindow": { "InstanceEventWindowId": "iew-0abcdef1234567890", "Name": "myEventWindowName", "CronExpression": "* 21-23 * * 2,3", "State": "creating", "Tags": [ { "Key": "K1", "Value": "V1" } ] } }
For event window constraints, see Considerations
in the Scheduled Events section of the Amazon EC2 User Guide. -
For API details, see CreateInstanceEventWindow
in Amazon CLI Command Reference.
-
The following code example shows how to use create-instance-export-task
.
- Amazon CLI
-
To export an instance
This example command creates a task to export the instance i-1234567890abcdef0 to the Amazon S3 bucket myexportbucket.
Command:
aws ec2 create-instance-export-task --description
"RHEL5 instance"
--instance-idi-1234567890abcdef0
--target-environmentvmware
--export-to-s3-taskDiskImageFormat=vmdk,ContainerFormat=ova,S3Bucket=myexportbucket,S3Prefix=RHEL5
Output:
{ "ExportTask": { "State": "active", "InstanceExportDetails": { "InstanceId": "i-1234567890abcdef0", "TargetEnvironment": "vmware" }, "ExportToS3Task": { "S3Bucket": "myexportbucket", "S3Key": "RHEL5export-i-fh8sjjsq.ova", "DiskImageFormat": "vmdk", "ContainerFormat": "ova" }, "Description": "RHEL5 instance", "ExportTaskId": "export-i-fh8sjjsq" } }
-
For API details, see CreateInstanceExportTask
in Amazon CLI Command Reference.
-
The following code example shows how to use create-internet-gateway
.
- Amazon CLI
-
To create an internet gateway
The following
create-internet-gateway
example creates an internet gateway with the tagName=my-igw
.aws ec2 create-internet-gateway \ --tag-specifications
ResourceType=internet-gateway,Tags=[{Key=Name,Value=my-igw}]
Output:
{ "InternetGateway": { "Attachments": [], "InternetGatewayId": "igw-0d0fb496b3994d755", "OwnerId": "123456789012", "Tags": [ { "Key": "Name", "Value": "my-igw" } ] } }
For more information, see Internet gateways
in the Amazon VPC User Guide. -
For API details, see CreateInternetGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use create-ipam-pool
.
- Amazon CLI
-
To create an IPAM pool
The following
create-ipam-pool
example creates an IPAM pool.(Linux):
aws ec2 create-ipam-pool \ --ipam-scope-id
ipam-scope-02fc38cd4c48e7d38
\ --address-familyipv4
\ --auto-import \ --allocation-min-netmask-length16
\ --allocation-max-netmask-length26
\ --allocation-default-netmask-length24
\ --allocation-resource-tags"Key=Environment,Value=Preprod"
\ --tag-specifications 'ResourceType=ipam-pool,Tags=[{Key=Name,Value="Preprod pool"}]
'(Windows):
aws ec2 create-ipam-pool
^
--ipam-scope-idipam-scope-02fc38cd4c48e7d38
^
--address-familyipv4
^
--auto-import^
--allocation-min-netmask-length16
^
--allocation-max-netmask-length26
^
--allocation-default-netmask-length24
^
--allocation-resource-tags"Key=Environment,Value=Preprod"
^
--tag-specifications ResourceType=ipam-pool,Tags=[{Key=Name,Value="Preprod pool"}]Output:
{ "IpamPool": { "OwnerId": "123456789012", "IpamPoolId": "ipam-pool-0533048da7d823723", "IpamPoolArn": "arn:aws:ec2::123456789012:ipam-pool/ipam-pool-0533048da7d823723", "IpamScopeArn": "arn:aws:ec2::123456789012:ipam-scope/ipam-scope-02fc38cd4c48e7d38", "IpamScopeType": "private", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-08440e7a3acde3908", "IpamRegion": "us-east-1", "Locale": "None", "PoolDepth": 1, "State": "create-in-progress", "AutoImport": true, "AddressFamily": "ipv4", "AllocationMinNetmaskLength": 16, "AllocationMaxNetmaskLength": 26, "AllocationDefaultNetmaskLength": 24, "AllocationResourceTags": [ { "Key": "Environment", "Value": "Preprod" } ], "Tags": [ { "Key": "Name", "Value": "Preprod pool" } ] } }
For more information, see Plan for IP address provisioning
in the Amazon VPC IPAM User Guide. -
For API details, see CreateIpamPool
in Amazon CLI Command Reference.
-
The following code example shows how to use create-ipam-resource-discovery
.
- Amazon CLI
-
To create a resource discovery
In this example, you're a delegated IPAM admin who wants to create and share a resource discovery with the IPAM admin in another Amazon Organization so that the admin in the other organization can manage and monitor the IP addresses of resources in your organization.
Important
This example includes both the
--region
and--operating-regions
options because, while they are optional, they must be configured in a particular way to successfully integrate a resource discovery with an IPAM. *--operating-regions
must match the Regions where you have resources that you want IPAM to discover. If there are Regions where you do not want IPAM to manage the IP addresses (for example for compliance reasons), do not include them. *--region
must match the home Region of the IPAM you want to associate it with. You must create the resource discovery in the same Region that the IPAM was created in. For example, if the IPAM you are associating with was created in us-east-1, include--region us-east-1
in the request.Both the--region
and--operating-regions
options default to the Region you're running the command in if you don't specify them.In this example, the operating Regions of the IPAM we're integrating with include
us-west-1
,us-west-2
, andap-south-1
. When we create the resource discovery, we want IPAM to discover the resource IP addresses inus-west-1
andus-west-2
but notap-south-1
. So we are including only--operating-regions RegionName='us-west-1' RegionName='us-west-2'
in the request.The following
create-ipam-resource-discovery
example creates an IPAM resource discovery.aws ec2 create-ipam-resource-discovery \ --description '
Example-resource-discovery
' \ --tag-specifications 'ResourceType=ipam-resource-discovery,Tags=[{Key=cost-center,Value=cc123}]
' \ --operating-regions RegionName='us-west-1' RegionName='us-west-2' \ --regionus-east-1
Output:
{ "IpamResourceDiscovery":{ "OwnerId": "149977607591", "IpamResourceDiscoveryId": "ipam-res-disco-0257046d8aa78b8bc", "IpamResourceDiscoveryArn": "arn:aws:ec2::149977607591:ipam-resource-discovery/ipam-res-disco-0257046d8aa78b8bc", "IpamResourceDiscoveryRegion": "us-east-1", "Description": "'Example-resource-discovery'", "OperatingRegions":[ {"RegionName": "us-west-1"}, {"RegionName": "us-west-2"}, {"RegionName": "us-east-1"} ], "IsDefault": false, "State": "create-in-progress", "Tags": [ { "Key": "cost-center", "Value": "cc123" } ] }
Once you create a resource discovery, you may want to share it with another IPAM delegated admin, which you can do with create-resource-share
. For more information, see Integrate IPAM with accounts outside of your organization in the Amazon VPC IPAM User Guide. -
For API details, see CreateIpamResourceDiscovery
in Amazon CLI Command Reference.
-
The following code example shows how to use create-ipam-scope
.
- Amazon CLI
-
To create an IPAM scope
The following
create-ipam-scope
example creates an IPAM scope.(Linux):
aws ec2 create-ipam-scope \ --ipam-id
ipam-08440e7a3acde3908
\ --description"Example description"
\ --tag-specifications 'ResourceType=ipam-scope,Tags=[{Key=Name,Value="Example name value"}]
'(Windows):
aws ec2 create-ipam-scope
^
--ipam-idipam-08440e7a3acde3908
^
--description"Example description"
^
--tag-specifications ResourceType=ipam-scope,Tags=[{Key=Name,Value="Example name value"}]Output:
{ "IpamScope": { "OwnerId": "123456789012", "IpamScopeId": "ipam-scope-01c1ebab2b63bd7e4", "IpamScopeArn": "arn:aws:ec2::123456789012:ipam-scope/ipam-scope-01c1ebab2b63bd7e4", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-08440e7a3acde3908", "IpamRegion": "us-east-1", "IpamScopeType": "private", "IsDefault": false, "Description": "Example description", "PoolCount": 0, "State": "create-in-progress", "Tags": [ { "Key": "Name", "Value": "Example name value" } ] } }
For more information, see Create additional scopes
in the Amazon VPC IPAM User Guide. -
For API details, see CreateIpamScope
in Amazon CLI Command Reference.
-
The following code example shows how to use create-ipam
.
- Amazon CLI
-
To create an IPAM
The following
create-ipam
example creates an IPAM.(Linux):
aws ec2 create-ipam \ --description
"Example description"
\ --operating-regions"RegionName=us-east-2"
"RegionName=us-west-1"
\ --tag-specifications 'ResourceType=ipam,Tags=[{Key=Name,Value=ExampleIPAM}]
'(Windows):
aws ec2 create-ipam
^
--description"Example description"
^
--operating-regions"RegionName=us-east-2"
"RegionName=us-west-1"
^
--tag-specificationsResourceType=ipam,Tags=[{Key=Name,Value=ExampleIPAM}]
Output:
{ "Ipam": { "OwnerId": "123456789012", "IpamId": "ipam-036486dfa6af58ee0", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-036486dfa6af58ee0", "IpamRegion": "us-east-1", "PublicDefaultScopeId": "ipam-scope-071b8042b0195c183", "PrivateDefaultScopeId": "ipam-scope-0807405dece705a30", "ScopeCount": 2, "OperatingRegions": [ { "RegionName": "us-east-2" }, { "RegionName": "us-west-1" }, { "RegionName": "us-east-1" } ], "State": "create-in-progress", "Tags": [ { "Key": "Name", "Value": "ExampleIPAM" } ] } }
For more information, see Create an IPAM
in the Amazon VPC IPAM User Guide. -
For API details, see CreateIpam
in Amazon CLI Command Reference.
-
The following code example shows how to use create-key-pair
.
- Amazon CLI
-
To create a key pair
This example creates a key pair named
MyKeyPair
.Command:
aws ec2 create-key-pair --key-name
MyKeyPair
The output is an ASCII version of the private key and key fingerprint. You need to save the key to a file.
For more information, see Using Key Pairs in the Amazon Command Line Interface User Guide.
-
For API details, see CreateKeyPair
in Amazon CLI Command Reference.
-
The following code example shows how to use create-launch-template-version
.
- Amazon CLI
-
To create a launch template version
This example creates a new launch template version based on version 1 of the launch template and specifies a different AMI ID.
Command:
aws ec2 create-launch-template-version --launch-template-id
lt-0abcd290751193123
--version-descriptionWebVersion2
--source-version1
--launch-template-data '{"ImageId":"ami-c998b6b2"}
'Output:
{ "LaunchTemplateVersion": { "VersionDescription": "WebVersion2", "LaunchTemplateId": "lt-0abcd290751193123", "LaunchTemplateName": "WebServers", "VersionNumber": 2, "CreatedBy": "arn:aws:iam::123456789012:root", "LaunchTemplateData": { "ImageId": "ami-c998b6b2", "InstanceType": "t2.micro", "NetworkInterfaces": [ { "Ipv6Addresses": [ { "Ipv6Address": "2001:db8:1234:1a00::123" } ], "DeviceIndex": 0, "SubnetId": "subnet-7b16de0c", "AssociatePublicIpAddress": true } ] }, "DefaultVersion": false, "CreateTime": "2017-12-01T13:35:46.000Z" } }
-
For API details, see CreateLaunchTemplateVersion
in Amazon CLI Command Reference.
-
The following code example shows how to use create-launch-template
.
- Amazon CLI
-
Example 1: To create a launch template
The following
create-launch-template
example creates a launch template that specifies the subnet in which to launch the instance , assigns a public IP address and an IPv6 address to the instance, and creates a tag for the instance.aws ec2 create-launch-template \ --launch-template-name
TemplateForWebServer
\ --version-descriptionWebVersion1
\ --launch-template-data '{"NetworkInterfaces":[{"AssociatePublicIpAddress":true,"DeviceIndex":0,"Ipv6AddressCount":1,"SubnetId":"subnet-7b16de0c"}],"ImageId":"ami-8c1be5f6","InstanceType":"t2.small","TagSpecifications":[{"ResourceType":"instance","Tags":[{"Key":"purpose","Value":"webserver"}]}]}
'Output:
{ "LaunchTemplate": { "LatestVersionNumber": 1, "LaunchTemplateId": "lt-01238c059e3466abc", "LaunchTemplateName": "TemplateForWebServer", "DefaultVersionNumber": 1, "CreatedBy": "arn:aws:iam::123456789012:user/Bob", "CreateTime": "2019-01-27T09:13:24.000Z" } }
For more information, see Launching an Instance from a Launch Template in the Amazon Elastic Compute Cloud User Guide. For information about quoting JSON-formatted parameters, see Quoting Strings in the Amazon Command Line Interface User Guide.
Example 2: To create a launch template for Amazon EC2 Auto Scaling
The following
create-launch-template
example creates a launch template with multiple tags and a block device mapping to specify an additional EBS volume when an instance launches. Specify a value forGroups
that corresponds to security groups for the VPC that your Auto Scaling group will launch instances into. Specify the VPC and subnets as properties of the Auto Scaling group.aws ec2 create-launch-template \ --launch-template-name
TemplateForAutoScaling
\ --version-descriptionAutoScalingVersion1
\ --launch-template-data '{"NetworkInterfaces":[{"DeviceIndex":0,"AssociatePublicIpAddress":true,"Groups":["sg-7c227019,sg-903004f8"],"DeleteOnTermination":true}],"ImageId":"ami-b42209de","InstanceType":"m4.large","TagSpecifications":[{"ResourceType":"instance","Tags":[{"Key":"environment","Value":"production"},{"Key":"purpose","Value":"webserver"}]},{"ResourceType":"volume","Tags":[{"Key":"environment","Value":"production"},{"Key":"cost-center","Value":"cc123"}]}],"BlockDeviceMappings":[{"DeviceName":"/dev/sda1","Ebs":{"VolumeSize":100}}]}
' --regionus-east-1
Output:
{ "LaunchTemplate": { "LatestVersionNumber": 1, "LaunchTemplateId": "lt-0123c79c33a54e0abc", "LaunchTemplateName": "TemplateForAutoScaling", "DefaultVersionNumber": 1, "CreatedBy": "arn:aws:iam::123456789012:user/Bob", "CreateTime": "2019-04-30T18:16:06.000Z" } }
For more information, see Creating a Launch Template for an Auto Scaling Group in the Amazon EC2 Auto Scaling User Guide. For information about quoting JSON-formatted parameters, see Quoting Strings in the Amazon Command Line Interface User Guide.
Example 3: To create a launch template that specifies encryption of EBS volumes
The following
create-launch-template
example creates a launch template that includes encrypted EBS volumes created from an unencrypted snapshot. It also tags the volumes during creation. If encryption by default is disabled, you must specify the"Encrypted"
option as shown in the following example. If you use the"KmsKeyId"
option to specify a customer managed CMK, you also must specify the"Encrypted"
option even if encryption by default is enabled.aws ec2 create-launch-template \ --launch-template-name
TemplateForEncryption
\ --launch-template-datafile://config.json
Contents of
config.json
:{ "BlockDeviceMappings":[ { "DeviceName":"/dev/sda1", "Ebs":{ "VolumeType":"gp2", "DeleteOnTermination":true, "SnapshotId":"snap-066877671789bd71b", "Encrypted":true, "KmsKeyId":"arn:aws:kms:us-east-1:012345678910:key/abcd1234-a123-456a-a12b-a123b4cd56ef" } } ], "ImageId":"ami-00068cd7555f543d5", "InstanceType":"c5.large", "TagSpecifications":[ { "ResourceType":"volume", "Tags":[ { "Key":"encrypted", "Value":"yes" } ] } ] }
Output:
{ "LaunchTemplate": { "LatestVersionNumber": 1, "LaunchTemplateId": "lt-0d5bd51bcf8530abc", "LaunchTemplateName": "TemplateForEncryption", "DefaultVersionNumber": 1, "CreatedBy": "arn:aws:iam::123456789012:user/Bob", "CreateTime": "2020-01-07T19:08:36.000Z" } }
For more information, see Restoring an Amazon EBS Volume from a Snapshot and Encryption by Default in the Amazon Elastic Compute Cloud User Guide.
-
For API details, see CreateLaunchTemplate
in Amazon CLI Command Reference.
-
The following code example shows how to use create-local-gateway-route-table-virtual-interface-group-association
.
- Amazon CLI
-
To associate a local gateway route table with a virtual interfaces (VIFs) group
The following
create-local-gateway-route-table-virtual-interface-group-association
example creates an association between the specified local gateway route table and VIF group.aws ec2 create-local-gateway-route-table-virtual-interface-group-association \ --local-gateway-route-table-id
lgw-rtb-exampleidabcd1234
\ --local-gateway-virtual-interface-group-idlgw-vif-grp-exampleid0123abcd
Output:
{ "LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": "lgw-vif-grp-assoc-exampleid12345678", "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-exampleid0123abcd", "LocalGatewayId": "lgw-exampleid11223344", "LocalGatewayRouteTableId": "lgw-rtb-exampleidabcd1234", "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-exampleidabcd1234", "OwnerId": "111122223333", "State": "pending", "Tags": [] } }
For more information, see VIF group associations
in the Amazon Outposts User Guide. -
For API details, see CreateLocalGatewayRouteTableVirtualInterfaceGroupAssociation
in Amazon CLI Command Reference.
-
The following code example shows how to use create-local-gateway-route-table-vpc-association
.
- Amazon CLI
-
To associate a VPC with a route table
The following
create-local-gateway-route-table-vpc-association
example associates the specified VPC with the specified local gateway route table.aws ec2 create-local-gateway-route-table-vpc-association \ --local-gateway-route-table-id
lgw-rtb-059615ef7dEXAMPLE
\ --vpc-idvpc-07ef66ac71EXAMPLE
Output:
{ "LocalGatewayRouteTableVpcAssociation": { "LocalGatewayRouteTableVpcAssociationId": "lgw-vpc-assoc-0ee765bcc8EXAMPLE", "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE", "LocalGatewayId": "lgw-09b493aa7cEXAMPLE", "VpcId": "vpc-07ef66ac71EXAMPLE", "State": "associated" } }
-
For API details, see CreateLocalGatewayRouteTableVpcAssociation
in Amazon CLI Command Reference.
-
The following code example shows how to use create-local-gateway-route-table
.
- Amazon CLI
-
To create a local gateway route table
The following
create-local-gateway-route-table
example creates a local gateway route table with the direct VPC routing mode.aws ec2 create-local-gateway-route-table \ --local-gateway-id
lgw-1a2b3c4d5e6f7g8h9
\ --modedirect-vpc-routing
Output:
{ "LocalGatewayRouteTable": { "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-abcdefg1234567890", "LocalGatewayId": "lgw-1a2b3c4d5e6f7g8h9", "OutpostArn": "arn:aws:outposts:us-west-2:111122223333:outpost/op-021345abcdef67890", "OwnerId": "111122223333", "State": "pending", "Tags": [], "Mode": "direct-vpc-routing" } }
For more information, see Local gateway route tables
in the Amazon Outposts User Guide. -
For API details, see CreateLocalGatewayRouteTable
in Amazon CLI Command Reference.
-
The following code example shows how to use create-local-gateway-route
.
- Amazon CLI
-
To create a static route for a local gateway route table
The following
create-local-gateway-route
example creates the specified route in the specified local gateway route table.aws ec2 create-local-gateway-route \ --destination-cidr-block
0.0.0.0/0
\ --local-gateway-route-table-idlgw-rtb-059615ef7dEXAMPLE
Output:
{ "Route": { "DestinationCidrBlock": "0.0.0.0/0", "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-07145b276bEXAMPLE", "Type": "static", "State": "deleted", "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE" } }
-
For API details, see CreateLocalGatewayRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use create-managed-prefix-list
.
- Amazon CLI
-
To create a prefix list
The following
create-managed-prefix-list
example creates an IPv4 prefix list with a maximum of 10 entries, and creates 2 entries in the prefix list.aws ec2 create-managed-prefix-list \ --address-family
IPv4
\ --max-entries10
\ --entriesCidr=10.0.0.0/16,Description=vpc-a
Cidr=10.2.0.0/16,Description=vpc-b
\ --prefix-list-namevpc-cidrs
Output:
{ "PrefixList": { "PrefixListId": "pl-0123456abcabcabc1", "AddressFamily": "IPv4", "State": "create-in-progress", "PrefixListArn": "arn:aws:ec2:us-west-2:123456789012:prefix-list/pl-0123456abcabcabc1", "PrefixListName": "vpc-cidrs", "MaxEntries": 10, "Version": 1, "Tags": [], "OwnerId": "123456789012" } }
For more information, see Managed prefix lists
in the Amazon VPC User Guide. -
For API details, see CreateManagedPrefixList
in Amazon CLI Command Reference.
-
The following code example shows how to use create-nat-gateway
.
- Amazon CLI
-
Example 1: To create a public NAT gateway
The following
create-nat-gateway
example creates a public NAT gateway in the specified subnet and associates the Elastic IP address with the specified allocation ID. When you create a public NAT gateway, you must associate an Elastic IP address.aws ec2 create-nat-gateway \ --subnet-id
subnet-0250c25a1fEXAMPLE
\ --allocation-ideipalloc-09ad461b0dEXAMPLE
Output:
{ "NatGateway": { "CreateTime": "2021-12-01T22:22:38.000Z", "NatGatewayAddresses": [ { "AllocationId": "eipalloc-09ad461b0dEXAMPLE" } ], "NatGatewayId": "nat-0c61bf8a12EXAMPLE", "State": "pending", "SubnetId": "subnet-0250c25a1fEXAMPLE", "VpcId": "vpc-0a60eb65b4EXAMPLE", "ConnectivityType": "public" } }
For more information, see NAT gateways
in the Amazon VPC User Guide. Example 2: To create a private NAT gateway
The following
create-nat-gateway
example creates a private NAT gateway in the specified subnet. A private NAT gateway does not have an associated Elastic IP address.aws ec2 create-nat-gateway \ --subnet-id
subnet-0250c25a1fEXAMPLE
\ --connectivity-typeprivate
Output:
{ "NatGateway": { "CreateTime": "2021-12-01T22:26:00.000Z", "NatGatewayAddresses": [ {} ], "NatGatewayId": "nat-011b568379EXAMPLE", "State": "pending", "SubnetId": "subnet-0250c25a1fEXAMPLE", "VpcId": "vpc-0a60eb65b4EXAMPLE", "ConnectivityType": "private" } }
For more information, see NAT gateways
in the Amazon VPC User Guide. -
For API details, see CreateNatGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use create-network-acl-entry
.
- Amazon CLI
-
To create a network ACL entry
This example creates an entry for the specified network ACL. The rule allows ingress traffic from any IPv4 address (0.0.0.0/0) on UDP port 53 (DNS) into any associated subnet. If the command succeeds, no output is returned.
Command:
aws ec2 create-network-acl-entry --network-acl-id
acl-5fb85d36
--ingress --rule-number100
--protocoludp
--port-rangeFrom=53,To=53
--cidr-block0.0.0.0/0
--rule-actionallow
This example creates a rule for the specified network ACL that allows ingress traffic from any IPv6 address (::/0) on TCP port 80 (HTTP).
Command:
aws ec2 create-network-acl-entry --network-acl-id
acl-5fb85d36
--ingress --rule-number120
--protocoltcp
--port-rangeFrom=80,To=80
--ipv6-cidr-block::/0
--rule-actionallow
-
For API details, see CreateNetworkAclEntry
in Amazon CLI Command Reference.
-
The following code example shows how to use create-network-acl
.
- Amazon CLI
-
To create a network ACL
This example creates a network ACL for the specified VPC.
Command:
aws ec2 create-network-acl --vpc-id
vpc-a01106c2
Output:
{ "NetworkAcl": { "Associations": [], "NetworkAclId": "acl-5fb85d36", "VpcId": "vpc-a01106c2", "Tags": [], "Entries": [ { "CidrBlock": "0.0.0.0/0", "RuleNumber": 32767, "Protocol": "-1", "Egress": true, "RuleAction": "deny" }, { "CidrBlock": "0.0.0.0/0", "RuleNumber": 32767, "Protocol": "-1", "Egress": false, "RuleAction": "deny" } ], "IsDefault": false } }
-
For API details, see CreateNetworkAcl
in Amazon CLI Command Reference.
-
The following code example shows how to use create-network-insights-access-scope
.
- Amazon CLI
-
To create a Network Access Scope
The following
create-network-insights-access-scope
example creates a Network Access Scope.aws ec2 create-network-insights-access-scope \ --cli-input-json
file://access-scope-file.json
Contents of
access-scope-file.json
:{ "MatchPaths": [ { "Source": { "ResourceStatement": { "Resources": [ "vpc-abcd12e3" ] } } } ], "ExcludePaths": [ { "Source": { "ResourceStatement": { "ResourceTypes": [ "AWS::EC2::InternetGateway" ] } } } ] }
Output:
{ "NetworkInsightsAccessScope": { "NetworkInsightsAccessScopeId": "nis-123456789abc01234", "NetworkInsightsAccessScopeArn": "arn:aws:ec2:us-east-1:123456789012:network-insights-access-scope/nis-123456789abc01234", "CreatedDate": "2022-01-25T19:20:28.796000+00:00", "UpdatedDate": "2022-01-25T19:20:28.797000+00:00" }, "NetworkInsightsAccessScopeContent": { "NetworkInsightsAccessScopeId": "nis-123456789abc01234", "MatchPaths": [ { "Source": { "ResourceStatement": { "Resources": [ "vpc-abcd12e3" ] } } } ], "ExcludePaths": [ { "Source": { "ResourceStatement": { "ResourceTypes": [ "AWS::EC2::InternetGateway" ] } } } ] } }
For more information, see Getting started with Network Access Analyzer using the Amazon CLI
in the Network Access Analyzer Guide. -
For API details, see CreateNetworkInsightsAccessScope
in Amazon CLI Command Reference.
-
The following code example shows how to use create-network-insights-path
.
- Amazon CLI
-
To create a path
The following
create-network-insights-path
example creates a path. The source is the specified internet gateway and the destination is the specified EC2 instance. To determine whether the destination is reachable using the specified protocol and port, analyze the path using thestart-network-insights-analysis
command.aws ec2 create-network-insights-path \ --source
igw-0797cccdc9d73b0e5
\ --destinationi-0495d385ad28331c7
\ --destination-port22
\ --protocolTCP
Output:
{ "NetworkInsightsPaths": { "NetworkInsightsPathId": "nip-0b26f224f1d131fa8", "NetworkInsightsPathArn": "arn:aws:ec2:us-east-1:123456789012:network-insights-path/nip-0b26f224f1d131fa8", "CreatedDate": "2021-01-20T22:43:46.933Z", "Source": "igw-0797cccdc9d73b0e5", "Destination": "i-0495d385ad28331c7", "Protocol": "tcp" } }
For more information, see Getting started using the Amazon CLI
in the Reachability Analyzer Guide. -
For API details, see CreateNetworkInsightsPath
in Amazon CLI Command Reference.
-
The following code example shows how to use create-network-interface-permission
.
- Amazon CLI
-
To create a network interface permission
This example grants permission to account
123456789012
to attach network interfaceeni-1a2b3c4d
to an instance.Command:
aws ec2 create-network-interface-permission --network-interface-id
eni-1a2b3c4d
--aws-account-id123456789012
--permissionINSTANCE-ATTACH
Output:
{ "InterfacePermission": { "PermissionState": { "State": "GRANTED" }, "NetworkInterfacePermissionId": "eni-perm-06fd19020ede149ea", "NetworkInterfaceId": "eni-1a2b3c4d", "Permission": "INSTANCE-ATTACH", "AwsAccountId": "123456789012" } }
-
For API details, see CreateNetworkInterfacePermission
in Amazon CLI Command Reference.
-
The following code example shows how to use create-network-interface
.
- Amazon CLI
-
Example 1: To specify an IPv4 address for a network interface
The following
create-network-interface
example creates a network interface for the specified subnet with the specified primary IPv4 address.aws ec2 create-network-interface \ --subnet-id
subnet-00a24d0d67acf6333
\ --description"my network interface"
\ --groupssg-09dfba7ed20cda78b
\ --private-ip-address10.0.8.17
Output:
{ "NetworkInterface": { "AvailabilityZone": "us-west-2a", "Description": "my network interface", "Groups": [ { "GroupName": "my-security-group", "GroupId": "sg-09dfba7ed20cda78b" } ], "InterfaceType": "interface", "Ipv6Addresses": [], "MacAddress": "06:6a:0f:9a:49:37", "NetworkInterfaceId": "eni-0492b355f0cf3b3f8", "OwnerId": "123456789012", "PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal", "PrivateIpAddress": "10.0.8.17", "PrivateIpAddresses": [ { "Primary": true, "PrivateDnsName": "ip-10-0-8-17.us-west-2.compute.internal", "PrivateIpAddress": "10.0.8.17" } ], "RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE", "RequesterManaged": false, "SourceDestCheck": true, "Status": "pending", "SubnetId": "subnet-00a24d0d67acf6333", "TagSet": [], "VpcId": "vpc-02723a0feeeb9d57b" } }
Example 2: To create a network interface with an IPv4 address and an IPv6 address
The following
create-network-interface
example creates a network interface for the specified subnet with an IPv4 address and an IPv6 address that are selected by Amazon EC2.aws ec2 create-network-interface \ --subnet-id
subnet-00a24d0d67acf6333
\ --description"my dual stack network interface"
\ --ipv6-address-count1
\ --groupssg-09dfba7ed20cda78b
Output:
{ "NetworkInterface": { "AvailabilityZone": "us-west-2a", "Description": "my dual stack network interface", "Groups": [ { "GroupName": "my-security-group", "GroupId": "sg-09dfba7ed20cda78b" } ], "InterfaceType": "interface", "Ipv6Addresses": [ { "Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7", "IsPrimaryIpv6": false } ], "MacAddress": "06:b8:68:d2:b2:2d", "NetworkInterfaceId": "eni-05da417453f9a84bf", "OwnerId": "123456789012", "PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal", "PrivateIpAddress": "10.0.8.18", "PrivateIpAddresses": [ { "Primary": true, "PrivateDnsName": "ip-10-0-8-18.us-west-2.compute.internal", "PrivateIpAddress": "10.0.8.18" } ], "RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE", "RequesterManaged": false, "SourceDestCheck": true, "Status": "pending", "SubnetId": "subnet-00a24d0d67acf6333", "TagSet": [], "VpcId": "vpc-02723a0feeeb9d57b", "Ipv6Address": "2600:1f13:cfe:3650:a1dc:237c:393a:4ba7" } }
Example 3: To create a network interface with connection tracking configuration options
The following
create-network-interface
example creates a network interface and configures the idle connection tracking timeouts.aws ec2 create-network-interface \ --subnet-id
subnet-00a24d0d67acf6333
\ --groupssg-02e57dbcfe0331c1b
\ --connection-tracking-specificationTcpEstablishedTimeout=86400,UdpTimeout=60
Output:
{ "NetworkInterface": { "AvailabilityZone": "us-west-2a", "ConnectionTrackingConfiguration": { "TcpEstablishedTimeout": 86400, "UdpTimeout": 60 }, "Description": "", "Groups": [ { "GroupName": "my-security-group", "GroupId": "sg-02e57dbcfe0331c1b" } ], "InterfaceType": "interface", "Ipv6Addresses": [], "MacAddress": "06:4c:53:de:6d:91", "NetworkInterfaceId": "eni-0c133586e08903d0b", "OwnerId": "123456789012", "PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal", "PrivateIpAddress": "10.0.8.94", "PrivateIpAddresses": [ { "Primary": true, "PrivateDnsName": "ip-10-0-8-94.us-west-2.compute.internal", "PrivateIpAddress": "10.0.8.94" } ], "RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE", "RequesterManaged": false, "SourceDestCheck": true, "Status": "pending", "SubnetId": "subnet-00a24d0d67acf6333", "TagSet": [], "VpcId": "vpc-02723a0feeeb9d57b" } }
Example 4: To create an Elastic Fabric Adapter
The following
create-network-interface
example creates an EFA.aws ec2 create-network-interface \ --interface-type
efa
\ --subnet-idsubnet-00a24d0d67acf6333
\ --description"my efa"
\ --groupssg-02e57dbcfe0331c1b
Output:
{ "NetworkInterface": { "AvailabilityZone": "us-west-2a", "Description": "my efa", "Groups": [ { "GroupName": "my-efa-sg", "GroupId": "sg-02e57dbcfe0331c1b" } ], "InterfaceType": "efa", "Ipv6Addresses": [], "MacAddress": "06:d7:a4:f7:4d:57", "NetworkInterfaceId": "eni-034acc2885e862b65", "OwnerId": "123456789012", "PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal", "PrivateIpAddress": "10.0.8.180", "PrivateIpAddresses": [ { "Primary": true, "PrivateDnsName": "ip-10-0-8-180.us-west-2.compute.internal", "PrivateIpAddress": "10.0.8.180" } ], "RequesterId": "AIDA4Z3Y7GSXTMEXAMPLE", "RequesterManaged": false, "SourceDestCheck": true, "Status": "pending", "SubnetId": "subnet-00a24d0d67acf6333", "TagSet": [], "VpcId": "vpc-02723a0feeeb9d57b" } }
For more information, see Elastic network interfaces
in the Amazon EC2 User Guide. -
For API details, see CreateNetworkInterface
in Amazon CLI Command Reference.
-
The following code example shows how to use create-placement-group
.
- Amazon CLI
-
To create a placement group
This example command creates a placement group with the specified name.
Command:
aws ec2 create-placement-group --group-name
my-cluster
--strategycluster
To create a partition placement group
This example command creates a partition placement group named
HDFS-Group-A
with five partitions.Command:
aws ec2 create-placement-group --group-name
HDFS-Group-A
--strategypartition
--partition-count5
-
For API details, see CreatePlacementGroup
in Amazon CLI Command Reference.
-
The following code example shows how to use create-replace-root-volume-task
.
- Amazon CLI
-
Example 1: To restore a root volume to its initial launch state
The following
create-replace-root-volume-task
example restores the root volume of instance i-0123456789abcdefa to its initial launch state.aws ec2 create-replace-root-volume-task \ --instance-id
i-0123456789abcdefa
Output:
{ "ReplaceRootVolumeTask": { "InstanceId": "i-0123456789abcdefa", "ReplaceRootVolumeTaskId": "replacevol-0111122223333abcd", "TaskState": "pending", "StartTime": "2022-03-14T15:06:38Z", "Tags": [] } }
For more information, see Replace a root volume
in the Amazon Elastic Compute Cloud User Guide. Example 2: To restore a root volume to a specific snapshot
The following
create-replace-root-volume-task
example restores the root volume of instance i-0123456789abcdefa to snapshot snap-0abcdef1234567890.aws ec2 create-replace-root-volume-task \ --instance-id
i-0123456789abcdefa
\ --snapshot-idsnap-0abcdef1234567890
Output:
{ "ReplaceRootVolumeTask": { "InstanceId": "i-0123456789abcdefa", "ReplaceRootVolumeTaskId": "replacevol-0555566667777abcd", "TaskState": "pending", "StartTime": "2022-03-14T15:16:28Z", "Tags": [] } }
For more information, see Replace a root volume
in the Amazon Elastic Compute Cloud User Guide. -
For API details, see CreateReplaceRootVolumeTask
in Amazon CLI Command Reference.
-
The following code example shows how to use create-reserved-instances-listing
.
- Amazon CLI
-
To list a Reserved Instance in the Reserved Instance Marketplace
The following
create-reserved-instances-listing
example creates a listing for the specified Reserved Instance in the Reserved Instance Marketplace.aws ec2 create-reserved-instances-listing \ --reserved-instances-id
5ec28771-05ff-4b9b-aa31-9e57dexample
\ --instance-count3
\ --price-schedulesCurrencyCode=USD,Price=25.50
\ --client-token550e8400-e29b-41d4-a716-446655440000
-
For API details, see CreateReservedInstancesListing
in Amazon CLI Command Reference.
-
The following code example shows how to use create-restore-image-task
.
- Amazon CLI
-
To restore an AMI from an S3 bucket
The following
create-restore-image-task
example restores an AMI from an S3 bucket. Use the values forS3ObjectKey `` and ``Bucket
from thedescribe-store-image-tasks
output, specify the object key of the AMI and the name of the S3 bucket to which the AMI was copied, and specify the name for the restored AMI. The name must be unique for AMIs in the Region for this account. The restored AMI will receive a new AMI ID.aws ec2 create-restore-image-task \ --object-key
ami-1234567890abcdef0.bin
\ --bucketmy-ami-bucket
\ --name"New AMI Name"
Output:
{ "ImageId": "ami-0eab20fe36f83e1a8" }
For more information about storing and restoring an AMI using S3, see Store and restore an AMI using S3 <https://docs.aws.amazon.com/AmazonEC2/latest/UserGuide/ami-store-restore.html> in the Amazon EC2 User Guide.
-
For API details, see CreateRestoreImageTask
in Amazon CLI Command Reference.
-
The following code example shows how to use create-route-table
.
- Amazon CLI
-
To create a route table
This example creates a route table for the specified VPC.
Command:
aws ec2 create-route-table --vpc-id
vpc-a01106c2
Output:
{ "RouteTable": { "Associations": [], "RouteTableId": "rtb-22574640", "VpcId": "vpc-a01106c2", "PropagatingVgws": [], "Tags": [], "Routes": [ { "GatewayId": "local", "DestinationCidrBlock": "10.0.0.0/16", "State": "active" } ] } }
-
For API details, see CreateRouteTable
in Amazon CLI Command Reference.
-
The following code example shows how to use create-route
.
- Amazon CLI
-
To create a route
This example creates a route for the specified route table. The route matches all IPv4 traffic (
0.0.0.0/0
) and routes it to the specified Internet gateway. If the command succeeds, no output is returned.Command:
aws ec2 create-route --route-table-id
rtb-22574640
--destination-cidr-block0.0.0.0/0
--gateway-idigw-c0a643a9
This example command creates a route in route table rtb-g8ff4ea2. The route matches traffic for the IPv4 CIDR block 10.0.0.0/16 and routes it to VPC peering connection, pcx-111aaa22. This route enables traffic to be directed to the peer VPC in the VPC peering connection. If the command succeeds, no output is returned.
Command:
aws ec2 create-route --route-table-id
rtb-g8ff4ea2
--destination-cidr-block10.0.0.0/16
--vpc-peering-connection-idpcx-1a2b3c4d
This example creates a route in the specified route table that matches all IPv6 traffic (
::/0
) and routes it to the specified egress-only Internet gateway.Command:
aws ec2 create-route --route-table-id
rtb-dce620b8
--destination-ipv6-cidr-block::/0
--egress-only-internet-gateway-ideigw-01eadbd45ecd7943f
-
For API details, see CreateRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use create-security-group
.
- Amazon CLI
-
To create a security group for EC2-Classic
This example creates a security group named
MySecurityGroup
.Command:
aws ec2 create-security-group --group-name
MySecurityGroup
--description"My security group"
Output:
{ "GroupId": "sg-903004f8" }
To create a security group for EC2-VPC
This example creates a security group named
MySecurityGroup
for the specified VPC.Command:
aws ec2 create-security-group --group-name
MySecurityGroup
--description"My security group"
--vpc-idvpc-1a2b3c4d
Output:
{ "GroupId": "sg-903004f8" }
For more information, see Using Security Groups in the Amazon Command Line Interface User Guide.
-
For API details, see CreateSecurityGroup
in Amazon CLI Command Reference.
-
The following code example shows how to use create-snapshot
.
- Amazon CLI
-
To create a snapshot
This example command creates a snapshot of the volume with a volume ID of
vol-1234567890abcdef0
and a short description to identify the snapshot.Command:
aws ec2 create-snapshot --volume-id
vol-1234567890abcdef0
--description"This is my root volume snapshot"
Output:
{ "Description": "This is my root volume snapshot", "Tags": [], "Encrypted": false, "VolumeId": "vol-1234567890abcdef0", "State": "pending", "VolumeSize": 8, "StartTime": "2018-02-28T21:06:01.000Z", "Progress": "", "OwnerId": "012345678910", "SnapshotId": "snap-066877671789bd71b" }
To create a snapshot with tags
This example command creates a snapshot and applies two tags: purpose=prod and costcenter=123.
Command:
aws ec2 create-snapshot --volume-id
vol-1234567890abcdef0
--description 'Prod backup
' --tag-specifications 'ResourceType=snapshot,Tags=[{Key=purpose,Value=prod},{Key=costcenter,Value=123}]
'Output:
{ "Description": "Prod backup", "Tags": [ { "Value": "prod", "Key": "purpose" }, { "Value": "123", "Key": "costcenter" } ], "Encrypted": false, "VolumeId": "vol-1234567890abcdef0", "State": "pending", "VolumeSize": 8, "StartTime": "2018-02-28T21:06:06.000Z", "Progress": "", "OwnerId": "012345678910", "SnapshotId": "snap-09ed24a70bc19bbe4" }
-
For API details, see CreateSnapshot
in Amazon CLI Command Reference.
-
The following code example shows how to use create-snapshots
.
- Amazon CLI
-
Example 1: To create a multi-volume snapshot
The following
create-snapshots
example creates snapshots of all volumes attached to the specified instance.aws ec2 create-snapshots \ --instance-specification
InstanceId=i-1234567890abcdef0
\ --description"This is snapshot of a volume from my-instance"
Output:
{ "Snapshots": [ { "Description": "This is a snapshot of a volume from my-instance", "Tags": [], "Encrypted": false, "VolumeId": "vol-0a01d2d5a34697479", "State": "pending", "VolumeSize": 16, "StartTime": "2019-08-05T16:58:19.000Z", "Progress": "", "OwnerId": "123456789012", "SnapshotId": "snap-07f30e3909aa0045e" }, { "Description": "This is a snapshot of a volume from my-instance", "Tags": [], "Encrypted": false, "VolumeId": "vol-02d0d4947008cb1a2", "State": "pending", "VolumeSize": 20, "StartTime": "2019-08-05T16:58:19.000Z", "Progress": "", "OwnerId": "123456789012", "SnapshotId": "snap-0ec20b602264aad48" }, ... ] }
Example 2: To create a multi-volume snapshot with tags from the source volume
The following
create-snapshots
example creates snapshots of all volumes attached to the specified instance and copies the tags from each volume to its corresponding snapshot.aws ec2 create-snapshots \ --instance-specification
InstanceId=i-1234567890abcdef0
\ --copy-tags-from-sourcevolume
\ --description"This is snapshot of a volume from my-instance"
Output:
{ "Snapshots": [ { "Description": "This is a snapshot of a volume from my-instance", "Tags": [ { "Key": "Name", "Value": "my-volume" } ], "Encrypted": false, "VolumeId": "vol-02d0d4947008cb1a2", "State": "pending", "VolumeSize": 20, "StartTime": "2019-08-05T16:53:04.000Z", "Progress": "", "OwnerId": "123456789012", "SnapshotId": "snap-053bfaeb821a458dd" } ... ] }
Example 3: To create a multi-volume snapshot not including the root volume
The following
create-snapshots
example creates a snapshot of all volumes attached to the specified instance except for the root volume.aws ec2 create-snapshots \ --instance-specification
InstanceId=i-1234567890abcdef0,ExcludeBootVolume=true
See example 1 for sample output.
Example 4: To create a multi-volume snapshot and add tags
The following
create-snapshots
example creates snapshots of all volumes attached to the specified instance and adds two tags to each snapshot.aws ec2 create-snapshots \ --instance-specification
InstanceId=i-1234567890abcdef0
\ --tag-specifications 'ResourceType=snapshot,Tags=[{Key=Name,Value=backup},{Key=costcenter,Value=123}]
'See example 1 for sample output.
-
For API details, see CreateSnapshots
in Amazon CLI Command Reference.
-
The following code example shows how to use create-spot-datafeed-subscription
.
- Amazon CLI
-
To create a Spot Instance data feed
The following
create-spot-datafeed-subscription
example creates a Spot Instance data feed.aws ec2 create-spot-datafeed-subscription \ --bucket
my-bucket
\ --prefixspot-data-feed
Output:
{ "SpotDatafeedSubscription": { "Bucket": "my-bucket", "OwnerId": "123456789012", "Prefix": "spot-data-feed", "State": "Active" } }
The data feed is stored in the Amazon S3 bucket that you specified. The file names for this data feed have the following format.
my-bucket.s3.amazonaws.com/spot-data-feed/123456789012.YYYY-MM-DD-HH.n.abcd1234.gz
For more information, see Spot Instance data feed
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see CreateSpotDatafeedSubscription
in Amazon CLI Command Reference.
-
The following code example shows how to use create-store-image-task
.
- Amazon CLI
-
To store an AMI in an S3 bucket
The following
create-store-image-task
example stores an AMI in an S3 bucket. Specify the ID of the AMI and the name of the S3 bucket in which to store the AMI.aws ec2 create-store-image-task \ --image-id
ami-1234567890abcdef0
\ --bucketmy-ami-bucket
Output:
{ "ObjectKey": "ami-1234567890abcdef0.bin" }
For more information, see Store and restore an AMI using S3
in the Amazon EC2 User Guide. -
For API details, see CreateStoreImageTask
in Amazon CLI Command Reference.
-
The following code example shows how to use create-subnet-cidr-reservation
.
- Amazon CLI
-
To create a subnet CIDR reservation
The following
create-subnet-cidr-reservation
example creates a subnet CIDR reservation for the specified subnet and CIDR range.aws ec2 create-subnet-cidr-reservation \ --subnet-id
subnet-03c51e2eEXAMPLE
\ --reservation-typeprefix
\ --cidr10.1.0.20/26
Output:
{ "SubnetCidrReservation": { "SubnetCidrReservationId": "scr-044f977c4eEXAMPLE", "SubnetId": "subnet-03c51e2e6cEXAMPLE", "Cidr": "10.1.0.16/28", "ReservationType": "prefix", "OwnerId": "123456789012" } }
For more information, see Subnet CIDR reservations
in the Amazon VPC User Guide. -
For API details, see CreateSubnetCidrReservation
in Amazon CLI Command Reference.
-
The following code example shows how to use create-subnet
.
- Amazon CLI
-
Example 1: To create a subnet with an IPv4 CIDR block only
The following
create-subnet
example creates a subnet in the specified VPC with the specified IPv4 CIDR block.aws ec2 create-subnet \ --vpc-id
vpc-081ec835f3EXAMPLE
\ --cidr-block10.0.0.0/24
\ --tag-specificationsResourceType=subnet,Tags=[{Key=Name,Value=my-ipv4-only-subnet}]
Output:
{ "Subnet": { "AvailabilityZone": "us-west-2a", "AvailabilityZoneId": "usw2-az2", "AvailableIpAddressCount": 251, "CidrBlock": "10.0.0.0/24", "DefaultForAz": false, "MapPublicIpOnLaunch": false, "State": "available", "SubnetId": "subnet-0e99b93155EXAMPLE", "VpcId": "vpc-081ec835f3EXAMPLE", "OwnerId": "123456789012", "AssignIpv6AddressOnCreation": false, "Ipv6CidrBlockAssociationSet": [], "Tags": [ { "Key": "Name", "Value": "my-ipv4-only-subnet" } ], "SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0e99b93155EXAMPLE" } }
Example 2: To create a subnet with both IPv4 and IPv6 CIDR blocks
The following
create-subnet
example creates a subnet in the specified VPC with the specified IPv4 and IPv6 CIDR blocks.aws ec2 create-subnet \ --vpc-id
vpc-081ec835f3EXAMPLE
\ --cidr-block10.0.0.0/24
\ --ipv6-cidr-block2600:1f16:cfe:3660::/64
\ --tag-specificationsResourceType=subnet,Tags=[{Key=Name,Value=my-ipv4-ipv6-subnet}]
Output:
{ "Subnet": { "AvailabilityZone": "us-west-2a", "AvailabilityZoneId": "usw2-az2", "AvailableIpAddressCount": 251, "CidrBlock": "10.0.0.0/24", "DefaultForAz": false, "MapPublicIpOnLaunch": false, "State": "available", "SubnetId": "subnet-0736441d38EXAMPLE", "VpcId": "vpc-081ec835f3EXAMPLE", "OwnerId": "123456789012", "AssignIpv6AddressOnCreation": false, "Ipv6CidrBlockAssociationSet": [ { "AssociationId": "subnet-cidr-assoc-06c5f904499fcc623", "Ipv6CidrBlock": "2600:1f13:cfe:3660::/64", "Ipv6CidrBlockState": { "State": "associating" } } ], "Tags": [ { "Key": "Name", "Value": "my-ipv4-ipv6-subnet" } ], "SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-0736441d38EXAMPLE" } }
Example 3: To create a subnet with an IPv6 CIDR block only
The following
create-subnet
example creates a subnet in the specified VPC with the specified IPv6 CIDR block.aws ec2 create-subnet \ --vpc-id
vpc-081ec835f3EXAMPLE
\ --ipv6-native \ --ipv6-cidr-block2600:1f16:115:200::/64
\ --tag-specificationsResourceType=subnet,Tags=[{Key=Name,Value=my-ipv6-only-subnet}]
Output:
{ "Subnet": { "AvailabilityZone": "us-west-2a", "AvailabilityZoneId": "usw2-az2", "AvailableIpAddressCount": 0, "DefaultForAz": false, "MapPublicIpOnLaunch": false, "State": "available", "SubnetId": "subnet-03f720e7deEXAMPLE", "VpcId": "vpc-081ec835f3EXAMPLE", "OwnerId": "123456789012", "AssignIpv6AddressOnCreation": true, "Ipv6CidrBlockAssociationSet": [ { "AssociationId": "subnet-cidr-assoc-01ef639edde556709", "Ipv6CidrBlock": "2600:1f13:cfe:3660::/64", "Ipv6CidrBlockState": { "State": "associating" } } ], "Tags": [ { "Key": "Name", "Value": "my-ipv6-only-subnet" } ], "SubnetArn": "arn:aws:ec2:us-west-2:123456789012:subnet/subnet-03f720e7deEXAMPLE" } }
For more information, see VPCs and subnets
in the Amazon VPC User Guide. -
For API details, see CreateSubnet
in Amazon CLI Command Reference.
-
The following code example shows how to use create-tags
.
- Amazon CLI
-
Example 1: To add a tag to a resource
The following
create-tags
example adds the tagStack=production
to the specified image, or overwrites an existing tag for the AMI where the tag key isStack
.aws ec2 create-tags \ --resources
ami-1234567890abcdef0
\ --tagsKey=Stack,Value=production
For more information, see This is the topic title
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. Example 2: To add tags to multiple resources
The following
create-tags
example adds (or overwrites) two tags for an AMI and an instance. One of the tags has a key (webserver
) but no value (value is set to an empty string). The other tag has a key (stack
) and a value (Production
).aws ec2 create-tags \ --resources
ami-1a2b3c4d
i-1234567890abcdef0
\ --tagsKey=webserver,Value=
Key=stack,Value=Production
For more information, see This is the topic title
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. Example 3: To add tags containing special characters
The following
create-tags
example adds the tag[Group]=test
for an instance. The square brackets ([ and ]) are special characters, and must be escaped. The following examples also use the line continuation character appropriate for each environment.If you are using Windows, surround the element that has special characters with double quotes ("), and then precede each double quote character with a backslash (\) as follows:
aws ec2 create-tags
^
--resourcesi-1234567890abcdef0
^
--tags Key=\"[Group]\",Value=testIf you are using Windows PowerShell, surround the element the value that has special characters with double quotes ("), precede each double quote character with a backslash (\), and then surround the entire key and value structure with single quotes (') as follows:
aws ec2 create-tags
`
--resourcesi-1234567890abcdef0
`
--tags 'Key=\"[Group]\",Value=test
'If you are using Linux or OS X, surround the element that has special characters with double quotes ("), and then surround the entire key and value structure with single quotes (') as follows:
aws ec2 create-tags \ --resources
i-1234567890abcdef0
\ --tags 'Key="[Group]",Value=test
'For more information, see This is the topic title
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see CreateTags
in Amazon CLI Command Reference.
-
The following code example shows how to use create-traffic-mirror-filter-rule
.
- Amazon CLI
-
To create a filter rule for incoming TCP traffic
The following
create-traffic-mirror-filter-rule
example creates a rule that you can use to mirror all incoming TCP traffic. Before you run this command, usecreate-traffic-mirror-filter
to create the the Traffic Mirror filter.aws ec2 create-traffic-mirror-filter-rule \ --description
"TCP Rule"
\ --destination-cidr-block0.0.0.0/0
\ --protocol6
\ --rule-actionaccept
\ --rule-number1
\ --source-cidr-block0.0.0.0/0
\ --traffic-directioningress
\ --traffic-mirror-filter-idtmf-04812ff784b25ae67
Output:
{ "TrafficMirrorFilterRule": { "DestinationCidrBlock": "0.0.0.0/0", "TrafficMirrorFilterId": "tmf-04812ff784b25ae67", "TrafficMirrorFilterRuleId": "tmfr-02d20d996673f3732", "SourceCidrBlock": "0.0.0.0/0", "TrafficDirection": "ingress", "Description": "TCP Rule", "RuleNumber": 1, "RuleAction": "accept", "Protocol": 6 }, "ClientToken": "4752b573-40a6-4eac-a8a4-a72058761219" }
For more information, see Create a Traffic Mirror Filter
in the Amazon Traffic Mirroring Guide. -
For API details, see CreateTrafficMirrorFilterRule
in Amazon CLI Command Reference.
-
The following code example shows how to use create-traffic-mirror-filter
.
- Amazon CLI
-
To create a Traffic Mirror Filter
The following
create-traffic-mirror-filter
example creates a Traffic Mirror filter. After you create the filter, usecreate-traffic-mirror-filter-rule
to add rules to the filter.aws ec2 create-traffic-mirror-filter \ --description
"TCP Filter"
Output:
{ "ClientToken": "28908518-100b-4987-8233-8c744EXAMPLE", "TrafficMirrorFilter": { "TrafficMirrorFilterId": "tmf-04812ff784EXAMPLE", "Description": "TCP Filter", "EgressFilterRules": [], "IngressFilterRules": [], "Tags": [], "NetworkServices": [] } }
For more information, see Create a Traffic Mirror Filter
in the Amazon Traffic Mirroring Guide. -
For API details, see CreateTrafficMirrorFilter
in Amazon CLI Command Reference.
-
The following code example shows how to use create-traffic-mirror-session
.
- Amazon CLI
-
To create a Traffic Mirror Session
The following
create-traffic-mirror-session
command creates a traffic mirror sessions for the specified source and target for 25 bytes of the packet.aws ec2 create-traffic-mirror-session \ --description
"example session"
\ --traffic-mirror-target-idtmt-07f75d8feeEXAMPLE
\ --network-interface-ideni-070203f901EXAMPLE
\ --session-number1
\ --packet-length25
\ --traffic-mirror-filter-idtmf-04812ff784EXAMPLE
Output:
{ "TrafficMirrorSession": { "TrafficMirrorSessionId": "tms-08a33b1214EXAMPLE", "TrafficMirrorTargetId": "tmt-07f75d8feeEXAMPLE", "TrafficMirrorFilterId": "tmf-04812ff784EXAMPLE", "NetworkInterfaceId": "eni-070203f901EXAMPLE", "OwnerId": "111122223333", "PacketLength": 25, "SessionNumber": 1, "VirtualNetworkId": 7159709, "Description": "example session", "Tags": [] }, "ClientToken": "5236cffc-ee13-4a32-bb5b-388d9da09d96" }
For more information, see Create a Traffic Mirror Session
in the Amazon Traffic Mirroring Guide. -
For API details, see CreateTrafficMirrorSession
in Amazon CLI Command Reference.
-
The following code example shows how to use create-traffic-mirror-target
.
- Amazon CLI
-
To create a a Network Load Balancer Traffic Mirror target
The following
create-traffic-mirror-target
example creates a Network Load Balancer Traffic Mirror target.aws ec2 create-traffic-mirror-target \ --description
"Example Network Load Balancer Target"
\ --network-load-balancer-arnarn:aws:elasticloadbalancing:us-east-1:111122223333:loadbalancer/net/NLB/7cdec873EXAMPLE
Output:
{ "TrafficMirrorTarget": { "Type": "network-load-balancer", "Tags": [], "Description": "Example Network Load Balancer Target", "OwnerId": "111122223333", "NetworkLoadBalancerArn": "arn:aws:elasticloadbalancing:us-east-1:724145273726:loadbalancer/net/NLB/7cdec873EXAMPLE", "TrafficMirrorTargetId": "tmt-0dabe9b0a6EXAMPLE" }, "ClientToken": "d5c090f5-8a0f-49c7-8281-72c796a21f72" }
To create a network Traffic Mirror target
The following
create-traffic-mirror-target
example creates a network interface Traffic Mirror target.aws ec2 create-traffic-mirror-target --description "Network interface target" --network-interface-id eni-eni-01f6f631eEXAMPLE
Output:
{ "ClientToken": "5289a345-0358-4e62-93d5-47ef3061d65e", "TrafficMirrorTarget": { "Description": "Network interface target", "NetworkInterfaceId": "eni-01f6f631eEXAMPLE", "TrafficMirrorTargetId": "tmt-02dcdbe2abEXAMPLE", "OwnerId": "111122223333", "Type": "network-interface", "Tags": [] } }
For more information, see Create a Traffic Mirror Target
in the Amazon Traffic Mirroring Guide. -
For API details, see CreateTrafficMirrorTarget
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-connect-peer
.
- Amazon CLI
-
To create a Transit Gateway Connect peer
The following
create-transit-gateway-connect-peer
example creates a Connect peer.aws ec2 create-transit-gateway-connect-peer \ --transit-gateway-attachment-id
tgw-attach-0f0927767cEXAMPLE
\ --peer-address172.31.1.11
\ --inside-cidr-blocks169.254.6.0/29
Output:
{ "TransitGatewayConnectPeer": { "TransitGatewayAttachmentId": "tgw-attach-0f0927767cEXAMPLE", "TransitGatewayConnectPeerId": "tgw-connect-peer-0666adbac4EXAMPLE", "State": "pending", "CreationTime": "2021-10-13T03:35:17.000Z", "ConnectPeerConfiguration": { "TransitGatewayAddress": "10.0.0.234", "PeerAddress": "172.31.1.11", "InsideCidrBlocks": [ "169.254.6.0/29" ], "Protocol": "gre", "BgpConfigurations": [ { "TransitGatewayAsn": 64512, "PeerAsn": 64512, "TransitGatewayAddress": "169.254.6.2", "PeerAddress": "169.254.6.1", "BgpStatus": "down" }, { "TransitGatewayAsn": 64512, "PeerAsn": 64512, "TransitGatewayAddress": "169.254.6.3", "PeerAddress": "169.254.6.1", "BgpStatus": "down" } ] } } }
For more information, see Transit gateway Connect attachments and Transit Gateway Connect peers
in the Transit Gateways Guide. -
For API details, see CreateTransitGatewayConnectPeer
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-connect
.
- Amazon CLI
-
To create a transit gateway Connect attachment
The following
create-transit-gateway-connect
example creates a Connect attachment, with the "gre" protocol, for the specified attachment.aws ec2 create-transit-gateway-connect \ --transport-transit-gateway-attachment-id
tgw-attach-0a89069f57EXAMPLE
\ --options"Protocol=gre"
Output:
{ "TransitGatewayConnect": { "TransitGatewayAttachmentId": "tgw-attach-037012e5dcEXAMPLE", "TransportTransitGatewayAttachmentId": "tgw-attach-0a89069f57EXAMPLE", "TransitGatewayId": "tgw-02f776b1a7EXAMPLE", "State": "pending", "CreationTime": "2021-03-09T19:59:17+00:00", "Options": { "Protocol": "gre" } } }
For more information, see Transit gateway Connect attachments and Transit Gateway Connect peers
in the Transit Gateways Guide. -
For API details, see CreateTransitGatewayConnect
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-multicast-domain
.
- Amazon CLI
-
Example 1: To create an IGMP multicast domain
The following
create-transit-gateway-multicast-domain
example creates a multicast domain for the specified transit gateway. With static sources disabled, any instances in subnets associated with the multicast domain can send multicast traffic. If at least one member uses the IGMP protocol, you must enable IGMPv2 support.aws ec2 create-transit-gateway-multicast-domain \ --transit-gateway-id
tgw-0bf0bffefaEXAMPLE
\ --optionsStaticSourcesSupport=disable,Igmpv2Support=enable
Output:
{ "TransitGatewayMulticastDomain": { "TransitGatewayMulticastDomainId": "tgw-mcast-domain-0c9e29e2a7EXAMPLE", "TransitGatewayId": "tgw-0bf0bffefaEXAMPLE", "TransitGatewayMulticastDomainArn": "arn:aws:ec2:us-west-2:123456789012:transit-gateway-multicast-domain/tgw-mcast-domain-0c9e29e2a7EXAMPLE", "OwnerId": "123456789012", "Options": { "Igmpv2Support": "enable", "StaticSourcesSupport": "disable", "AutoAcceptSharedAssociations": "disable" }, "State": "pending", "CreationTime": "2021-09-29T22:17:13.000Z" } }
Example 2: To create a static multicast domain
The following
create-transit-gateway-multicast-domain
example creates a multicast domain for the specified transit gateway. With static sources enabled, you must statically add sources.aws ec2 create-transit-gateway-multicast-domain \ --transit-gateway-id
tgw-0bf0bffefaEXAMPLE
\ --optionsStaticSourcesSupport=enable,Igmpv2Support=disable
Output:
{ "TransitGatewayMulticastDomain": { "TransitGatewayMulticastDomainId": "tgw-mcast-domain-000fb24d04EXAMPLE", "TransitGatewayId": "tgw-0bf0bffefaEXAMPLE", "TransitGatewayMulticastDomainArn": "arn:aws:ec2:us-west-2:123456789012:transit-gateway-multicast-domain/tgw-mcast-domain-000fb24d04EXAMPLE", "OwnerId": "123456789012", "Options": { "Igmpv2Support": "disable", "StaticSourcesSupport": "enable", "AutoAcceptSharedAssociations": "disable" }, "State": "pending", "CreationTime": "2021-09-29T22:20:19.000Z" } }
For more information, see Managing multicast domains
in the Transit Gateways Guide. -
For API details, see CreateTransitGatewayMulticastDomain
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-peering-attachment
.
- Amazon CLI
-
To create a transit gateway peering attachment
The following
create-transit-gateway-peering-attachment
example creates a peering attachment request between the two specified transit gateways.aws ec2 create-transit-gateway-peering-attachment \ --transit-gateway-id
tgw-123abc05e04123abc
\ --peer-transit-gateway-idtgw-11223344aabbcc112
\ --peer-account-id123456789012
\ --peer-regionus-east-2
Output:
{ "TransitGatewayPeeringAttachment": { "TransitGatewayAttachmentId": "tgw-attach-4455667788aabbccd", "RequesterTgwInfo": { "TransitGatewayId": "tgw-123abc05e04123abc", "OwnerId": "123456789012", "Region": "us-west-2" }, "AccepterTgwInfo": { "TransitGatewayId": "tgw-11223344aabbcc112", "OwnerId": "123456789012", "Region": "us-east-2" }, "State": "initiatingRequest", "CreationTime": "2019-12-09T11:38:05.000Z" } }
For more information, see Transit Gateway Peering Attachments
in the Transit Gateways Guide. -
For API details, see CreateTransitGatewayPeeringAttachment
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-policy-table
.
- Amazon CLI
-
To create a transit gateway policy table
The following
create-transit-gateway-policy-table
example creates a transit gateway policy table for the specified transit gateway.aws ec2 create-transit-gateway-policy-table \ --transit-gateway-id
tgw-067f8505c18f0bd6e
Output:
{ "TransitGatewayPolicyTable": { "TransitGatewayPolicyTableId": "tgw-ptb-0a16f134b78668a81", "TransitGatewayId": "tgw-067f8505c18f0bd6e", "State": "pending", "CreationTime": "2023-11-28T16:36:43+00:00" } }
For more information, see Transit gateway policy tables
in the Transit Gateway User Guide. -
For API details, see CreateTransitGatewayPolicyTable
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-prefix-list-reference
.
- Amazon CLI
-
To create a reference to a prefix list
The following
create-transit-gateway-prefix-list-reference
example creates a reference to the specified prefix list in the specified transit gateway route table.aws ec2 create-transit-gateway-prefix-list-reference \ --transit-gateway-route-table-id
tgw-rtb-0123456789abcd123
\ --prefix-list-idpl-11111122222222333
\ --transit-gateway-attachment-idtgw-attach-aaaaaabbbbbb11111
Output:
{ "TransitGatewayPrefixListReference": { "TransitGatewayRouteTableId": "tgw-rtb-0123456789abcd123", "PrefixListId": "pl-11111122222222333", "PrefixListOwnerId": "123456789012", "State": "pending", "Blackhole": false, "TransitGatewayAttachment": { "TransitGatewayAttachmentId": "tgw-attach-aaaaaabbbbbb11111", "ResourceType": "vpc", "ResourceId": "vpc-112233445566aabbc" } } }
For more information, see Prefix list references
in the Transit Gateways Guide. -
For API details, see CreateTransitGatewayPrefixListReference
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-route-table
.
- Amazon CLI
-
To create a Transit Gateway Route Table
The following
create-transit-gateway-route-table
example creates a route table for the specified transit gateway.aws ec2 create-transit-gateway-route-table \ --transit-gateway-id
tgw-0262a0e521EXAMPLE
Output:
{ "TransitGatewayRouteTable": { "TransitGatewayRouteTableId": "tgw-rtb-0960981be7EXAMPLE", "TransitGatewayId": "tgw-0262a0e521EXAMPLE", "State": "pending", "DefaultAssociationRouteTable": false, "DefaultPropagationRouteTable": false, "CreationTime": "2019-07-10T19:01:46.000Z" } }
For more information, see Create a transit gateway route table
in the Transit Gateways Guide. -
For API details, see CreateTransitGatewayRouteTable
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-route
.
- Amazon CLI
-
To create a transit gateway route
The following
create-transit-gateway-route
example creates a route, with the specified destination, for the specified route table.aws ec2 create-transit-gateway-route \ --destination-cidr-block
10.0.2.0/24
\ --transit-gateway-route-table-idtgw-rtb-0b6f6aaa01EXAMPLE
\ --transit-gateway-attachment-idtgw-attach-0b5968d3b6EXAMPLE
Output:
{ "Route": { "DestinationCidrBlock": "10.0.2.0/24", "TransitGatewayAttachments": [ { "ResourceId": "vpc-0065acced4EXAMPLE", "TransitGatewayAttachmentId": "tgw-attach-0b5968d3b6EXAMPLE", "ResourceType": "vpc" } ], "Type": "static", "State": "active" } }
For more information, see Transit gateway route tables
in the Transit Gateways Guide. -
For API details, see CreateTransitGatewayRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway-vpc-attachment
.
- Amazon CLI
-
Example 1: To associate a transit gateway with a VPC
The following
create-transit-gateway-vpc-attachment
example creates a transit gateway attachment to the specified VPC.aws ec2 create-transit-gateway-vpc-attachment \ --transit-gateway-id
tgw-0262a0e521EXAMPLE
\ --vpc-idvpc-07e8ffd50f49335df
\ --subnet-idsubnet-0752213d59EXAMPLE
Output:
{ "TransitGatewayVpcAttachment": { "TransitGatewayAttachmentId": "tgw-attach-0a34fe6b4fEXAMPLE", "TransitGatewayId": "tgw-0262a0e521EXAMPLE", "VpcId": "vpc-07e8ffd50fEXAMPLE", "VpcOwnerId": "111122223333", "State": "pending", "SubnetIds": [ "subnet-0752213d59EXAMPLE" ], "CreationTime": "2019-07-10T17:33:46.000Z", "Options": { "DnsSupport": "enable", "Ipv6Support": "disable" } } }
For more information, see Create a transit gateway attachment to a VPC
in the Transit Gateways Guide. Example 2: To associate a transit gateway with multiple subnets in a VPC
The following
create-transit-gateway-vpc-attachment
example creates a transit gateway attachment to the specified VPC and subnets.aws ec2 create-transit-gateway-vpc-attachment \ --transit-gateway-id
tgw-02f776b1a7EXAMPLE
\ --vpc-idvpc-3EXAMPLE
\ --subnet-ids"subnet-dEXAMPLE"
"subnet-6EXAMPLE"
Output:
{ "TransitGatewayVpcAttachment": { "TransitGatewayAttachmentId": "tgw-attach-0e141e0bebEXAMPLE", "TransitGatewayId": "tgw-02f776b1a7EXAMPLE", "VpcId": "vpc-3EXAMPLE", "VpcOwnerId": "111122223333", "State": "pending", "SubnetIds": [ "subnet-6EXAMPLE", "subnet-dEXAMPLE" ], "CreationTime": "2019-12-17T20:07:52.000Z", "Options": { "DnsSupport": "enable", "Ipv6Support": "disable" } } }
For more information, see Create a transit gateway attachment to a VPC
in the Transit Gateways Guide. -
For API details, see CreateTransitGatewayVpcAttachment
in Amazon CLI Command Reference.
-
The following code example shows how to use create-transit-gateway
.
- Amazon CLI
-
To create a transit gateway
The following
create-transit-gateway
example creates a transit gateway.aws ec2 create-transit-gateway \ --description
MyTGW
\ --optionsAmazonSideAsn=64516,AutoAcceptSharedAttachments=enable,DefaultRouteTableAssociation=enable,DefaultRouteTablePropagation=enable,VpnEcmpSupport=enable,DnsSupport=enable
Output:
{ "TransitGateway": { "TransitGatewayId": "tgw-0262a0e521EXAMPLE", "TransitGatewayArn": "arn:aws:ec2:us-east-2:111122223333:transit-gateway/tgw-0262a0e521EXAMPLE", "State": "pending", "OwnerId": "111122223333", "Description": "MyTGW", "CreationTime": "2019-07-10T14:02:12.000Z", "Options": { "AmazonSideAsn": 64516, "AutoAcceptSharedAttachments": "enable", "DefaultRouteTableAssociation": "enable", "AssociationDefaultRouteTableId": "tgw-rtb-018774adf3EXAMPLE", "DefaultRouteTablePropagation": "enable", "PropagationDefaultRouteTableId": "tgw-rtb-018774adf3EXAMPLE", "VpnEcmpSupport": "enable", "DnsSupport": "enable" } } }
For more information, see Create a transit gateway
in the Transit Gateways Guide. -
For API details, see CreateTransitGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use create-verified-access-endpoint
.
- Amazon CLI
-
To create a Verified Access endpoint
The following
create-verified-access-endpoint
example creates a Verified Access endpoint for the speciied Verified Access group. The specified network interface and security group must belong to the same VPC.aws ec2 create-verified-access-endpoint \ --verified-access-group-id
vagr-0dbe967baf14b7235
\ --endpoint-typenetwork-interface
\ --attachment-typevpc
\ --domain-certificate-arnarn:aws:acm:us-east-2:123456789012:certificate/eb065ea0-26f9-4e75-a6ce-0a1a7EXAMPLE
\ --application-domainexample.com
\ --endpoint-domain-prefixmy-ava-app
\ --security-group-idssg-004915970c4c8f13a
\ --network-interface-optionsNetworkInterfaceId=eni-0aec70418c8d87a0f,Protocol=https,Port=443
\ --tag-specificationsResourceType=verified-access-endpoint,Tags=[{Key=Name,Value=my-va-endpoint}]
Output:
{ "VerifiedAccessEndpoint": { "VerifiedAccessInstanceId": "vai-0ce000c0b7643abea", "VerifiedAccessGroupId": "vagr-0dbe967baf14b7235", "VerifiedAccessEndpointId": "vae-066fac616d4d546f2", "ApplicationDomain": "example.com", "EndpointType": "network-interface", "AttachmentType": "vpc", "DomainCertificateArn": "arn:aws:acm:us-east-2:123456789012:certificate/eb065ea0-26f9-4e75-a6ce-0a1a7EXAMPLE", "EndpointDomain": "my-ava-app.edge-00c3372d53b1540bb.vai-0ce000c0b7643abea.prod.verified-access.us-east-2.amazonaws.com", "SecurityGroupIds": [ "sg-004915970c4c8f13a" ], "NetworkInterfaceOptions": { "NetworkInterfaceId": "eni-0aec70418c8d87a0f", "Protocol": "https", "Port": 443 }, "Status": { "Code": "pending" }, "Description": "", "CreationTime": "2023-08-25T20:54:43", "LastUpdatedTime": "2023-08-25T20:54:43", "Tags": [ { "Key": "Name", "Value": "my-va-endpoint" } ] } }
For more information, see Verified Access endpoints
in the Amazon Verified Access User Guide. -
For API details, see CreateVerifiedAccessEndpoint
in Amazon CLI Command Reference.
-
The following code example shows how to use create-verified-access-group
.
- Amazon CLI
-
To create a Verified Access group
The following
create-verified-access-group
example creates a Verified Access group for the specified Verified Access instance.aws ec2 create-verified-access-group \ --verified-access-instance-id
vai-0ce000c0b7643abea
\ --tag-specificationsResourceType=verified-access-group,Tags=[{Key=Name,Value=my-va-group}]
Output:
{ "VerifiedAccessGroup": { "VerifiedAccessGroupId": "vagr-0dbe967baf14b7235", "VerifiedAccessInstanceId": "vai-0ce000c0b7643abea", "Description": "", "Owner": "123456789012", "VerifiedAccessGroupArn": "arn:aws:ec2:us-east-2:123456789012:verified-access-group/vagr-0dbe967baf14b7235", "CreationTime": "2023-08-25T19:55:19", "LastUpdatedTime": "2023-08-25T19:55:19", "Tags": [ { "Key": "Name", "Value": "my-va-group" } ] } }
For more information, see Verified Access groups
in the Amazon Verified Access User Guide. -
For API details, see CreateVerifiedAccessGroup
in Amazon CLI Command Reference.
-
The following code example shows how to use create-verified-access-instance
.
- Amazon CLI
-
To create a Verified Access instance
The following
create-verified-access-instance
example creates a Verified Access instance with a Name tag.aws ec2 create-verified-access-instance \ --tag-specifications
ResourceType=verified-access-instance,Tags=[{Key=Name,Value=my-va-instance}]
Output:
{ "VerifiedAccessInstance": { "VerifiedAccessInstanceId": "vai-0ce000c0b7643abea", "Description": "", "VerifiedAccessTrustProviders": [], "CreationTime": "2023-08-25T18:27:56", "LastUpdatedTime": "2023-08-25T18:27:56", "Tags": [ { "Key": "Name", "Value": "my-va-instance" } ] } }
For more information, see Verified Access instances
in the Amazon Verified Access User Guide. -
For API details, see CreateVerifiedAccessInstance
in Amazon CLI Command Reference.
-
The following code example shows how to use create-verified-access-trust-provider
.
- Amazon CLI
-
To create a Verified Access trust provider
The following
create-verified-access-trust-provider
example sets up a Verified Access trust provider using Amazon Identity Center.aws ec2 create-verified-access-trust-provider \ --trust-provider-type
user
\ --user-trust-provider-typeiam-identity-center
\ --policy-reference-nameidc
\ --tag-specificationsResourceType=verified-access-trust-provider,Tags=[{Key=Name,Value=my-va-trust-provider}]
Output:
{ "VerifiedAccessTrustProvider": { "VerifiedAccessTrustProviderId": "vatp-0bb32de759a3e19e7", "Description": "", "TrustProviderType": "user", "UserTrustProviderType": "iam-identity-center", "PolicyReferenceName": "idc", "CreationTime": "2023-08-25T18:40:36", "LastUpdatedTime": "2023-08-25T18:40:36", "Tags": [ { "Key": "Name", "Value": "my-va-trust-provider" } ] } }
For more information, see Trust providers for Verified Access
in the Amazon Verified Access User Guide. -
For API details, see CreateVerifiedAccessTrustProvider
in Amazon CLI Command Reference.
-
The following code example shows how to use create-volume
.
- Amazon CLI
-
To create an empty General Purpose SSD (gp2) volume
The following
create-volume
example creates an 80 GiB General Purpose SSD (gp2) volume in the specified Availability Zone. Note that the current Region must beus-east-1
, or you can add the--region
parameter to specify the Region for the command.aws ec2 create-volume \ --volume-type
gp2
\ --size80
\ --availability-zoneus-east-1a
Output:
{ "AvailabilityZone": "us-east-1a", "Tags": [], "Encrypted": false, "VolumeType": "gp2", "VolumeId": "vol-1234567890abcdef0", "State": "creating", "Iops": 240, "SnapshotId": "", "CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z", "Size": 80 }
If you do not specify a volume type, the default volume type is
gp2
.aws ec2 create-volume \ --size
80
\ --availability-zoneus-east-1a
Example 2: To create a Provisioned IOPS SSD (io1) volume from a snapshot
The following
create-volume
example creates a Provisioned IOPS SSD (io1) volume with 1000 provisioned IOPS in the specified Availability Zone using the specified snapshot.aws ec2 create-volume \ --volume-type
io1
\ --iops1000
\ --snapshot-idsnap-066877671789bd71b
\ --availability-zoneus-east-1a
Output:
{ "AvailabilityZone": "us-east-1a", "Tags": [], "Encrypted": false, "VolumeType": "io1", "VolumeId": "vol-1234567890abcdef0", "State": "creating", "Iops": 1000, "SnapshotId": "snap-066877671789bd71b", "CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z", "Size": 500 }
Example 3: To create an encrypted volume
The following
create-volume
example creates an encrypted volume using the default CMK for EBS encryption. If encryption by default is disabled, you must specify the--encrypted
parameter as follows.aws ec2 create-volume \ --size
80
\ --encrypted \ --availability-zoneus-east-1a
Output:
{ "AvailabilityZone": "us-east-1a", "Tags": [], "Encrypted": true, "VolumeType": "gp2", "VolumeId": "vol-1234567890abcdef0", "State": "creating", "Iops": 240, "SnapshotId": "", "CreateTime": "YYYY-MM-DDTHH:MM:SS.000Z", "Size": 80 }
If encryption by default is enabled, the following example command creates an encrypted volume, even without the
--encrypted
parameter.aws ec2 create-volume \ --size
80
\ --availability-zoneus-east-1a
If you use the
--kms-key-id
parameter to specify a customer managed CMK, you must specify the--encrypted
parameter even if encryption by default is enabled.aws ec2 create-volume \ --volume-type
gp2
\ --size80
\ --encrypted \ --kms-key-id0ea3fef3-80a7-4778-9d8c-1c0c6EXAMPLE
\ --availability-zoneus-east-1a
Example 4: To create a volume with tags
The following
create-volume
example creates a volume and adds two tags.aws ec2 create-volume \ --availability-zone
us-east-1a
\ --volume-typegp2
\ --size80
\ --tag-specifications 'ResourceType=volume,Tags=[{Key=purpose,Value=production},{Key=cost-center,Value=cc123}]
'-
For API details, see CreateVolume
in Amazon CLI Command Reference.
-
The following code example shows how to use create-vpc-endpoint-connection-notification
.
- Amazon CLI
-
To create an endpoint connection notification
This example creates a notification for a specific endpoint service that alerts you when interface endpoints have connected to your service and when endpoints have been accepted for your service.
Command:
aws ec2 create-vpc-endpoint-connection-notification --connection-notification-arn
arn:aws:sns:us-east-2:123456789012:VpceNotification
--connection-eventsConnect
Accept
--service-idvpce-svc-1237881c0d25a3abc
Output:
{ "ConnectionNotification": { "ConnectionNotificationState": "Enabled", "ConnectionNotificationType": "Topic", "ServiceId": "vpce-svc-1237881c0d25a3abc", "ConnectionEvents": [ "Accept", "Connect" ], "ConnectionNotificationId": "vpce-nfn-008776de7e03f5abc", "ConnectionNotificationArn": "arn:aws:sns:us-east-2:123456789012:VpceNotification" } }
-
For API details, see CreateVpcEndpointConnectionNotification
in Amazon CLI Command Reference.
-
The following code example shows how to use create-vpc-endpoint-service-configuration
.
- Amazon CLI
-
Example 1: To create an endpoint service configuration for an interface endpoint
The following
create-vpc-endpoint-service-configuration
example creates a VPC endpoint service configuration using the Network Load Balancernlb-vpce
. This example also specifies that requests to connect to the service through an interface endpoint must be accepted.aws ec2 create-vpc-endpoint-service-configuration \ --network-load-balancer-arns
arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/nlb-vpce/e94221227f1ba532
\ --acceptance-requiredOutput:
{ "ServiceConfiguration": { "ServiceType": [ { "ServiceType": "Interface" } ], "NetworkLoadBalancerArns": [ "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/net/nlb-vpce/e94221227f1ba532" ], "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-03d5ebb7d9579a2b3", "ServiceState": "Available", "ServiceId": "vpce-svc-03d5ebb7d9579a2b3", "AcceptanceRequired": true, "AvailabilityZones": [ "us-east-1d" ], "BaseEndpointDnsNames": [ "vpce-svc-03d5ebb7d9579a2b3.us-east-1.vpce.amazonaws.com" ] } }
Example 2: To create an endpoint service configuration for a Gateway Load Balancer endpoint
The following
create-vpc-endpoint-service-configuration
example creates a VPC endpoint service configuration using the Gateway Load BalancerGWLBService
. Requests to connect to the service through a Gateway Load Balancer endpoint are automatically accepted.aws ec2 create-vpc-endpoint-service-configuration \ --gateway-load-balancer-arns
arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/gwy/GWLBService/123123123123abcc
\ --no-acceptance-requiredOutput:
{ "ServiceConfiguration": { "ServiceType": [ { "ServiceType": "GatewayLoadBalancer" } ], "ServiceId": "vpce-svc-123123a1c43abc123", "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123", "ServiceState": "Available", "AvailabilityZones": [ "us-east-1d" ], "AcceptanceRequired": false, "ManagesVpcEndpoints": false, "GatewayLoadBalancerArns": [ "arn:aws:elasticloadbalancing:us-east-1:123456789012:loadbalancer/gwy/GWLBService/123123123123abcc" ] } }
For more information, see VPC endpoint services
in the Amazon VPC User Guide. -
For API details, see CreateVpcEndpointServiceConfiguration
in Amazon CLI Command Reference.
-
The following code example shows how to use create-vpc-endpoint
.
- Amazon CLI
-
Example 1: To create a gateway endpoint
The following
create-vpc-endpoint
example creates a gateway VPC endpoint between VPCvpc-1a2b3c4d
and Amazon S3 in theus-east-1
region, and associates route tablertb-11aa22bb
with the endpoint.aws ec2 create-vpc-endpoint \ --vpc-id
vpc-1a2b3c4d
\ --service-namecom.amazonaws.us-east-1.s3
\ --route-table-idsrtb-11aa22bb
Output:
{ "VpcEndpoint": { "PolicyDocument": "{\"Version\":\"2008-10-17\",\"Statement\":[{\"Sid\":\"\",\"Effect\":\"Allow\",\"Principal\":\"\*\",\"Action\":\"\*\",\"Resource\":\"\*\"}]}", "VpcId": "vpc-1a2b3c4d", "State": "available", "ServiceName": "com.amazonaws.us-east-1.s3", "RouteTableIds": [ "rtb-11aa22bb" ], "VpcEndpointId": "vpc-1a2b3c4d", "CreationTimestamp": "2015-05-15T09:40:50Z" } }
For more information, see Creating a gateway endpoint
in the AmazonPrivateLink Guide. Example 2: To create an interface endpoint
The following
create-vpc-endpoint
example creates an interface VPC endpoint between VPCvpc-1a2b3c4d
and Amazon S3 in theus-east-1
region. The command creates the endpoint in subnetsubnet-1a2b3c4d
, associates it with security groupsg-1a2b3c4d
, and adds a tag with a key of "Service" and a Value of "S3".aws ec2 create-vpc-endpoint \ --vpc-id
vpc-1a2b3c4d
\ --vpc-endpoint-typeInterface
\ --service-namecom.amazonaws.us-east-1.s3
\ --subnet-idssubnet-7b16de0c
\ --security-group-idsg-1a2b3c4d
\ --tag-specificationsResourceType=vpc-endpoint,Tags=[{Key=service,Value=S3}]
Output:
{ "VpcEndpoint": { "VpcEndpointId": "vpce-1a2b3c4d5e6f1a2b3", "VpcEndpointType": "Interface", "VpcId": "vpc-1a2b3c4d", "ServiceName": "com.amazonaws.us-east-1.s3", "State": "pending", "RouteTableIds": [], "SubnetIds": [ "subnet-1a2b3c4d" ], "Groups": [ { "GroupId": "sg-1a2b3c4d", "GroupName": "default" } ], "PrivateDnsEnabled": false, "RequesterManaged": false, "NetworkInterfaceIds": [ "eni-0b16f0581c8ac6877" ], "DnsEntries": [ { "DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg.s3.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" }, { "DnsName": "*.vpce-1a2b3c4d5e6f1a2b3-9hnenorg-us-east-1c.s3.us-east-1.vpce.amazonaws.com", "HostedZoneId": "Z7HUB22UULQXV" } ], "CreationTimestamp": "2021-03-05T14:46:16.030000+00:00", "Tags": [ { "Key": "service", "Value": "S3" } ], "OwnerId": "123456789012" } }
For more information, see Creating an interface endpoint
in the User Guide for AmazonPrivateLink. Example 3: To create a Gateway Load Balancer endpoint
The following
create-vpc-endpoint
example creates a Gateway Load Balancer endpoint between VPCvpc-111122223333aabbc
and and a service that is configured using a Gateway Load Balancer.aws ec2 create-vpc-endpoint \ --service-name
com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123
\ --vpc-endpoint-typeGatewayLoadBalancer
\ --vpc-idvpc-111122223333aabbc
\ --subnet-idssubnet-0011aabbcc2233445
Output:
{ "VpcEndpoint": { "VpcEndpointId": "vpce-aabbaabbaabbaabba", "VpcEndpointType": "GatewayLoadBalancer", "VpcId": "vpc-111122223333aabbc", "ServiceName": "com.amazonaws.vpce.us-east-1.vpce-svc-123123a1c43abc123", "State": "pending", "SubnetIds": [ "subnet-0011aabbcc2233445" ], "RequesterManaged": false, "NetworkInterfaceIds": [ "eni-01010120203030405" ], "CreationTimestamp": "2020-11-11T08:06:03.522Z", "OwnerId": "123456789012" } }
For more information, see Gateway Load Balancer endpoints
in the User Guide for AmazonPrivateLink. -
For API details, see CreateVpcEndpoint
in Amazon CLI Command Reference.
-
The following code example shows how to use create-vpc-peering-connection
.
- Amazon CLI
-
To create a VPC peering connection between your VPCs
This example requests a peering connection between your VPCs vpc-1a2b3c4d and vpc-11122233.
Command:
aws ec2 create-vpc-peering-connection --vpc-id
vpc-1a2b3c4d
--peer-vpc-idvpc-11122233
Output:
{ "VpcPeeringConnection": { "Status": { "Message": "Initiating Request to 444455556666", "Code": "initiating-request" }, "Tags": [], "RequesterVpcInfo": { "OwnerId": "444455556666", "VpcId": "vpc-1a2b3c4d", "CidrBlock": "10.0.0.0/28" }, "VpcPeeringConnectionId": "pcx-111aaa111", "ExpirationTime": "2014-04-02T16:13:36.000Z", "AccepterVpcInfo": { "OwnerId": "444455556666", "VpcId": "vpc-11122233" } } }
To create a VPC peering connection with a VPC in another account
This example requests a peering connection between your VPC (vpc-1a2b3c4d), and a VPC (vpc-11122233) that belongs Amazon account 123456789012.
Command:
aws ec2 create-vpc-peering-connection --vpc-id
vpc-1a2b3c4d
--peer-vpc-idvpc-11122233
--peer-owner-id123456789012
To create a VPC peering connection with a VPC in a different region
This example requests a peering connection between your VPC in the current region (vpc-1a2b3c4d), and a VPC (vpc-11122233) in your account in the
us-west-2
region.Command:
aws ec2 create-vpc-peering-connection --vpc-id
vpc-1a2b3c4d
--peer-vpc-idvpc-11122233
--peer-regionus-west-2
This example requests a peering connection between your VPC in the current region (vpc-1a2b3c4d), and a VPC (vpc-11122233) that belongs Amazon account 123456789012 that's in the
us-west-2
region.Command:
aws ec2 create-vpc-peering-connection --vpc-id
vpc-1a2b3c4d
--peer-vpc-idvpc-11122233
--peer-owner-id123456789012
--peer-regionus-west-2
-
For API details, see CreateVpcPeeringConnection
in Amazon CLI Command Reference.
-
The following code example shows how to use create-vpc
.
- Amazon CLI
-
Example 1: To create a VPC
The following
create-vpc
example creates a VPC with the specified IPv4 CIDR block and a Name tag.aws ec2 create-vpc \ --cidr-block
10.0.0.0/16
\ --tag-specificationsResourceType=vpc,Tags=[{Key=Name,Value=MyVpc}]
Output:
{ "Vpc": { "CidrBlock": "10.0.0.0/16", "DhcpOptionsId": "dopt-5EXAMPLE", "State": "pending", "VpcId": "vpc-0a60eb65b4EXAMPLE", "OwnerId": "123456789012", "InstanceTenancy": "default", "Ipv6CidrBlockAssociationSet": [], "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-07501b79ecEXAMPLE", "CidrBlock": "10.0.0.0/16", "CidrBlockState": { "State": "associated" } } ], "IsDefault": false, "Tags": [ { "Key": "Name", "Value": MyVpc" } ] } }
Example 2: To create a VPC with dedicated tenancy
The following
create-vpc
example creates a VPC with the specified IPv4 CIDR block and dedicated tenancy.aws ec2 create-vpc \ --cidr-block
10.0.0.0/16
\ --instance-tenancydedicated
Output:
{ "Vpc": { "CidrBlock": "10.0.0.0/16", "DhcpOptionsId": "dopt-19edf471", "State": "pending", "VpcId": "vpc-0a53287fa4EXAMPLE", "OwnerId": "111122223333", "InstanceTenancy": "dedicated", "Ipv6CidrBlockAssociationSet": [], "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-00b24cc1c2EXAMPLE", "CidrBlock": "10.0.0.0/16", "CidrBlockState": { "State": "associated" } } ], "IsDefault": false } }
Example 3: To create a VPC with an IPv6 CIDR block
The following
create-vpc
example creates a VPC with an Amazon-provided IPv6 CIDR block.aws ec2 create-vpc \ --cidr-block
10.0.0.0/16
\ --amazon-provided-ipv6-cidr-blockOutput:
{ "Vpc": { "CidrBlock": "10.0.0.0/16", "DhcpOptionsId": "dopt-dEXAMPLE", "State": "pending", "VpcId": "vpc-0fc5e3406bEXAMPLE", "OwnerId": "123456789012", "InstanceTenancy": "default", "Ipv6CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-068432c60bEXAMPLE", "Ipv6CidrBlock": "", "Ipv6CidrBlockState": { "State": "associating" }, "Ipv6Pool": "Amazon", "NetworkBorderGroup": "us-west-2" } ], "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-0669f8f9f5EXAMPLE", "CidrBlock": "10.0.0.0/16", "CidrBlockState": { "State": "associated" } } ], "IsDefault": false } }
Example 4: To create a VPC with a CIDR from an IPAM pool
The following
create-vpc
example creates a VPC with a CIDR from an Amazon VPC IP Address Manager (IPAM) pool.Linux and macOS:
aws ec2 create-vpc \ --ipv4-ipam-pool-id
ipam-pool-0533048da7d823723
\ --tag-specifications ResourceType=vpc,Tags='[{Key=Environment,Value="Preprod"},{Key=Owner,Value="Build Team"}]'Windows:
aws ec2 create-vpc
^
--ipv4-ipam-pool-idipam-pool-0533048da7d823723
^
--tag-specifications ResourceType=vpc,Tags=[{Key=Environment,Value="Preprod"},{Key=Owner,Value="Build Team"}]Output:
{ "Vpc": { "CidrBlock": "10.0.1.0/24", "DhcpOptionsId": "dopt-2afccf50", "State": "pending", "VpcId": "vpc-010e1791024eb0af9", "OwnerId": "123456789012", "InstanceTenancy": "default", "Ipv6CidrBlockAssociationSet": [], "CidrBlockAssociationSet": [ { "AssociationId": "vpc-cidr-assoc-0a77de1d803226d4b", "CidrBlock": "10.0.1.0/24", "CidrBlockState": { "State": "associated" } } ], "IsDefault": false, "Tags": [ { "Key": "Environment", "Value": "Preprod" }, { "Key": "Owner", "Value": "Build Team" } ] } }
For more information, see Create a VPC that uses an IPAM pool CIDR
in the Amazon VPC IPAM User Guide. -
For API details, see CreateVpc
in Amazon CLI Command Reference.
-
The following code example shows how to use create-vpn-connection-route
.
- Amazon CLI
-
To create a static route for a VPN connection
This example creates a static route for the specified VPN connection. If the command succeeds, no output is returned.
Command:
aws ec2 create-vpn-connection-route --vpn-connection-id
vpn-40f41529
--destination-cidr-block11.12.0.0/16
-
For API details, see CreateVpnConnectionRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use create-vpn-connection
.
- Amazon CLI
-
Example 1: To create a VPN connection with dynamic routing
The following
create-vpn-connection
example creates a VPN connection between the specified virtual private gateway and the specified customer gateway, and applies tags to the VPN connection. The output includes the configuration information for your customer gateway device, in XML format.aws ec2 create-vpn-connection \ --type
ipsec.1
\ --customer-gateway-idcgw-001122334455aabbc
\ --vpn-gateway-idvgw-1a1a1a1a1a1a2b2b2
\ --tag-specification 'ResourceType=vpn-connection,Tags=[{Key=Name,Value=BGP-VPN}]
'Output:
{ "VpnConnection": { "CustomerGatewayConfiguration": "...configuration information...", "CustomerGatewayId": "cgw-001122334455aabbc", "Category": "VPN", "State": "pending", "VpnConnectionId": "vpn-123123123123abcab", "VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2", "Options": { "EnableAcceleration": false, "StaticRoutesOnly": false, "LocalIpv4NetworkCidr": "0.0.0.0/0", "RemoteIpv4NetworkCidr": "0.0.0.0/0", "TunnelInsideIpVersion": "ipv4", "TunnelOptions": [ {}, {} ] }, "Routes": [], "Tags": [ { "Key": "Name", "Value": "BGP-VPN" } ] } }
For more information, see How Amazon Site-to-Site VPN works
in the Amazon Site-to-Site VPN User Guide. Example 2: To create a VPN connection with static routing
The following
create-vpn-connection
example creates a VPN connection between the specified virtual private gateway and the specified customer gateway. The options specify static routing. The output includes the configuration information for your customer gateway device, in XML format.aws ec2 create-vpn-connection \ --type
ipsec.1
\ --customer-gateway-idcgw-001122334455aabbc
\ --vpn-gateway-idvgw-1a1a1a1a1a1a2b2b2
\ --options "{\"StaticRoutesOnly\":true}"Output:
{ "VpnConnection": { "CustomerGatewayConfiguration": "..configuration information...", "CustomerGatewayId": "cgw-001122334455aabbc", "Category": "VPN", "State": "pending", "VpnConnectionId": "vpn-123123123123abcab", "VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2", "Options": { "EnableAcceleration": false, "StaticRoutesOnly": true, "LocalIpv4NetworkCidr": "0.0.0.0/0", "RemoteIpv4NetworkCidr": "0.0.0.0/0", "TunnelInsideIpVersion": "ipv4", "TunnelOptions": [ {}, {} ] }, "Routes": [], "Tags": [] } }
For more information, see How Amazon Site-to-Site VPN works
in the Amazon Site-to-Site VPN User Guide. Example 3: To create a VPN connection and specify your own inside CIDR and pre-shared key
The following
create-vpn-connection
example creates a VPN connection and specifies the inside IP address CIDR block and a custom pre-shared key for each tunnel. The specified values are returned in theCustomerGatewayConfiguration
information.aws ec2 create-vpn-connection \ --type
ipsec.1
\ --customer-gateway-idcgw-001122334455aabbc
\ --vpn-gateway-idvgw-1a1a1a1a1a1a2b2b2
\ --options TunnelOptions='[{TunnelInsideCidr=169.254.12.0/30,PreSharedKey=ExamplePreSharedKey1},{TunnelInsideCidr=169.254.13.0/30,PreSharedKey=ExamplePreSharedKey2}]'Output:
{ "VpnConnection": { "CustomerGatewayConfiguration": "..configuration information...", "CustomerGatewayId": "cgw-001122334455aabbc", "Category": "VPN", "State": "pending", "VpnConnectionId": "vpn-123123123123abcab", "VpnGatewayId": "vgw-1a1a1a1a1a1a2b2b2", "Options": { "EnableAcceleration": false, "StaticRoutesOnly": false, "LocalIpv4NetworkCidr": "0.0.0.0/0", "RemoteIpv4NetworkCidr": "0.0.0.0/0", "TunnelInsideIpVersion": "ipv4", "TunnelOptions": [ { "OutsideIpAddress": "203.0.113.3", "TunnelInsideCidr": "169.254.12.0/30", "PreSharedKey": "ExamplePreSharedKey1" }, { "OutsideIpAddress": "203.0.113.5", "TunnelInsideCidr": "169.254.13.0/30", "PreSharedKey": "ExamplePreSharedKey2" } ] }, "Routes": [], "Tags": [] } }
For more information, see How Amazon Site-to-Site VPN works
in the Amazon Site-to-Site VPN User Guide. Example 4: To create a VPN connection that supports IPv6 traffic
The following
create-vpn-connection
example creates a VPN connection that supports IPv6 traffic between the specified transit gateway and specified customer gateway. The tunnel options for both tunnels specify that Amazon must initiate the IKE negotiation.aws ec2 create-vpn-connection \ --type
ipsec.1
\ --transit-gateway-idtgw-12312312312312312
\ --customer-gateway-idcgw-001122334455aabbc
\ --optionsTunnelInsideIpVersion=ipv6,TunnelOptions=[{StartupAction=start},{StartupAction=start}]
Output:
{ "VpnConnection": { "CustomerGatewayConfiguration": "..configuration information...", "CustomerGatewayId": "cgw-001122334455aabbc", "Category": "VPN", "State": "pending", "VpnConnectionId": "vpn-11111111122222222", "TransitGatewayId": "tgw-12312312312312312", "Options": { "EnableAcceleration": false, "StaticRoutesOnly": false, "LocalIpv6NetworkCidr": "::/0", "RemoteIpv6NetworkCidr": "::/0", "TunnelInsideIpVersion": "ipv6", "TunnelOptions": [ { "OutsideIpAddress": "203.0.113.3", "StartupAction": "start" }, { "OutsideIpAddress": "203.0.113.5", "StartupAction": "start" } ] }, "Routes": [], "Tags": [] } }
For more information, see How Amazon Site-to-Site VPN works
in the Amazon Site-to-Site VPN User Guide. -
For API details, see CreateVpnConnection
in Amazon CLI Command Reference.
-
The following code example shows how to use create-vpn-gateway
.
- Amazon CLI
-
To create a virtual private gateway
This example creates a virtual private gateway.
Command:
aws ec2 create-vpn-gateway --type
ipsec.1
Output:
{ "VpnGateway": { "AmazonSideAsn": 64512, "State": "available", "Type": "ipsec.1", "VpnGatewayId": "vgw-9a4cacf3", "VpcAttachments": [] } }
To create a virtual private gateway with a specific Amazon-side ASN
This example creates a virtual private gateway and specifies the Autonomous System Number (ASN) for the Amazon side of the BGP session.
Command:
aws ec2 create-vpn-gateway --type
ipsec.1
--amazon-side-asn65001
Output:
{ "VpnGateway": { "AmazonSideAsn": 65001, "State": "available", "Type": "ipsec.1", "VpnGatewayId": "vgw-9a4cacf3", "VpcAttachments": [] } }
-
For API details, see CreateVpnGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-carrier-gateway
.
- Amazon CLI
-
To delete your carrier gateway
The following
delete-carrier-gateway
example deletes the specified carrier gateway.aws ec2 delete-carrier-gateway \ --carrier-gateway-id
cagw-0465cdEXAMPLE1111
Output:
{ "CarrierGateway": { "CarrierGatewayId": "cagw-0465cdEXAMPLE1111", "VpcId": "vpc-0c529aEXAMPLE1111", "State": "deleting", "OwnerId": "123456789012" } }
For more information, see Carrier gateways
in the Amazon Virtual Private Cloud User Guide. -
For API details, see DeleteCarrierGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-client-vpn-endpoint
.
- Amazon CLI
-
To delete a Client VPN endpoint
The following
delete-client-vpn-endpoint
example deletes the specified Client VPN endpoint.aws ec2 delete-client-vpn-endpoint \ --client-vpn-endpoint-id
cvpn-endpoint-123456789123abcde
Output:
{ "Status": { "Code": "deleting" } }
For more information, see Client VPN Endpoints
in the Amazon Client VPN Administrator Guide. -
For API details, see DeleteClientVpnEndpoint
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-client-vpn-route
.
- Amazon CLI
-
To delete a route for a Client VPN endpoint
The following
delete-client-vpn-route
example deletes the0.0.0.0/0
route for the specified subnet of a Client VPN endpoint.aws ec2 delete-client-vpn-route \ --client-vpn-endpoint-id
cvpn-endpoint-123456789123abcde
\ --destination-cidr-block0.0.0.0/0
\ --target-vpc-subnet-idsubnet-0123456789abcabca
Output:
{ "Status": { "Code": "deleting" } }
For more information, see Routes
in the Amazon Client VPN Administrator Guide. -
For API details, see DeleteClientVpnRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-coip-cidr
.
- Amazon CLI
-
To delete a range of customer-owned IP (CoIP) addresses
The following
delete-coip-cidr
example deletes the specified range of CoIP addresses in the specified CoIP pool.aws ec2 delete-coip-cidr \ --cidr
14.0.0.0/24
\ --coip-pool-idipv4pool-coip-1234567890abcdefg
Output:
{ "CoipCidr": { "Cidr": "14.0.0.0/24", "CoipPoolId": "ipv4pool-coip-1234567890abcdefg", "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890" } }
For more information, see Customer-owned IP addresses
in the Amazon Outposts User Guide. -
For API details, see DeleteCoipCidr
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-coip-pool
.
- Amazon CLI
-
To delete a pool of customer-owned IP (CoIP) addresses
The following
delete-coip-pool
example deletes a CoIP pool of CoIP addresses.aws ec2 delete-coip-pool \ --coip-pool-id
ipv4pool-coip-1234567890abcdefg
Output:
{ "CoipPool": { "PoolId": "ipv4pool-coip-1234567890abcdefg", "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", "PoolArn": "arn:aws:ec2:us-west-2:123456789012:coip-pool/ipv4pool-coip-1234567890abcdefg" } }
For more information, see Customer-owned IP addresses
in the Amazon Outposts User Guide. -
For API details, see DeleteCoipPool
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-customer-gateway
.
- Amazon CLI
-
To delete a customer gateway
This example deletes the specified customer gateway. If the command succeeds, no output is returned.
Command:
aws ec2 delete-customer-gateway --customer-gateway-id
cgw-0e11f167
-
For API details, see DeleteCustomerGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-dhcp-options
.
- Amazon CLI
-
To delete a DHCP options set
This example deletes the specified DHCP options set. If the command succeeds, no output is returned.
Command:
aws ec2 delete-dhcp-options --dhcp-options-id
dopt-d9070ebb
-
For API details, see DeleteDhcpOptions
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-egress-only-internet-gateway
.
- Amazon CLI
-
To delete an egress-only Internet gateway
This example deletes the specified egress-only Internet gateway.
Command:
aws ec2 delete-egress-only-internet-gateway --egress-only-internet-gateway-id
eigw-01eadbd45ecd7943f
Output:
{ "ReturnCode": true }
-
For API details, see DeleteEgressOnlyInternetGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-fleets
.
- Amazon CLI
-
Example 1: To delete an EC2 Fleet and terminate the associated instances
The following
delete-fleets
example deletes the specified EC2 Fleet and terminates the associated On-Demand Instances and Spot Instances.aws ec2 delete-fleets \ --fleet-ids
fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE
\ --terminate-instancesOutput:
{ "SuccessfulFleetDeletions": [ { "CurrentFleetState": "deleted_terminating", "PreviousFleetState": "active", "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE" } ], "UnsuccessfulFleetDeletions": [] }
For more information, see Delete an EC2 Fleet
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. Example 2: To delete an EC2 Fleet without terminating the associated instances
The following
delete-fleets
example deletes the specified EC2 Fleet without terminating the associated On-Demand Instances and Spot Instances.aws ec2 delete-fleets \ --fleet-ids
fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE
\ --no-terminate-instancesOutput:
{ "SuccessfulFleetDeletions": [ { "CurrentFleetState": "deleted_running", "PreviousFleetState": "active", "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE" } ], "UnsuccessfulFleetDeletions": [] }
For more information, see Delete an EC2 Fleet
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DeleteFleets
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-flow-logs
.
- Amazon CLI
-
To delete a flow log
The following
delete-flow-logs
example deletes the specified flow log.aws ec2 delete-flow-logs --flow-log-id
fl-11223344556677889
Output:
{ "Unsuccessful": [] }
-
For API details, see DeleteFlowLogs
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-fpga-image
.
- Amazon CLI
-
To delete an Amazon FPGA image
This example deletes the specified AFI.
Command:
aws ec2 delete-fpga-image --fpga-image-id
afi-06b12350a123fbabc
Output:
{ "Return": true }
-
For API details, see DeleteFpgaImage
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-instance-connect-endpoint
.
- Amazon CLI
-
To delete an EC2 Instance Connect Endpoint
The following
delete-instance-connect-endpoint
example deletes the specified EC2 Instance Connect Endpoint.aws ec2 delete-instance-connect-endpoint \ --instance-connect-endpoint-id
eice-03f5e49b83924bbc7
Output:
{ "InstanceConnectEndpoint": { "OwnerId": "111111111111", "InstanceConnectEndpointId": "eice-0123456789example", "InstanceConnectEndpointArn": "arn:aws:ec2:us-east-1:111111111111:instance-connect-endpoint/eice-0123456789example", "State": "delete-in-progress", "StateMessage": "", "NetworkInterfaceIds": [], "VpcId": "vpc-0123abcd", "AvailabilityZone": "us-east-1d", "CreatedAt": "2023-02-07T12:05:37+00:00", "SubnetId": "subnet-0123abcd" } }
For more information, see Remove EC2 Instance Connect Endpoint
in the Amazon EC2 User Guide. -
For API details, see DeleteInstanceConnectEndpoint
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-instance-event-window
.
- Amazon CLI
-
Example 1: To delete an event window
The following
delete-instance-event-window
example deletes an event window.aws ec2 delete-instance-event-window \ --region
us-east-1
\ --instance-event-window-idiew-0abcdef1234567890
Output:
{ "InstanceEventWindowState": { "InstanceEventWindowId": "iew-0abcdef1234567890", "State": "deleting" } }
For event window constraints, see Considerations
in the Scheduled Events section of the Amazon EC2 User Guide. Example 2: To force delete an event window
The following
delete-instance-event-window
example force deletes an event window if the event window is currently associated with targets.aws ec2 delete-instance-event-window \ --region
us-east-1
\ --instance-event-window-idiew-0abcdef1234567890
\ --force-deleteOutput:
{ "InstanceEventWindowState": { "InstanceEventWindowId": "iew-0abcdef1234567890", "State": "deleting" } }
For event window constraints, see Considerations
in the Scheduled Events section of the Amazon EC2 User Guide. -
For API details, see DeleteInstanceEventWindow
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-internet-gateway
.
- Amazon CLI
-
To delete an internet gateway
The following
delete-internet-gateway
example deletes the specified internet gateway.aws ec2 delete-internet-gateway \ --internet-gateway-id
igw-0d0fb496b3EXAMPLE
This command produces no output.
For more information, see Internet gateways
in the Amazon VPC User Guide. -
For API details, see DeleteInternetGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-ipam-pool
.
- Amazon CLI
-
To delete an IPAM pool
In this example, you're a IPAM delegated admin who wants to delete an IPAM pool that you no longer need, but the pool has a CIDR provisioned to it. You cannot delete a pool if it has CIDRs provisioned to it unless you use the
--cascade
option, so you'll use--cascade
.To complete this request:
You'll need the IPAM pool ID which you can get with describe-ipam-pools
.The --region
must be the IPAM home Region.The following
delete-ipam-pool
example deletes an IPAM pool in your Amazon account.aws ec2 delete-ipam-pool \ --ipam-pool-id
ipam-pool-050c886a3ca41cd5b
\ --cascade \ --regionus-east-1
Output:
{ "IpamPool": { "OwnerId": "320805250157", "IpamPoolId": "ipam-pool-050c886a3ca41cd5b", "IpamPoolArn": "arn:aws:ec2::320805250157:ipam-pool/ipam-pool-050c886a3ca41cd5b", "IpamScopeArn": "arn:aws:ec2::320805250157:ipam-scope/ipam-scope-0a158dde35c51107b", "IpamScopeType": "private", "IpamArn": "arn:aws:ec2::320805250157:ipam/ipam-005f921c17ebd5107", "IpamRegion": "us-east-1", "Locale": "None", "PoolDepth": 1, "State": "delete-in-progress", "Description": "example", "AutoImport": false, "AddressFamily": "ipv4", "AllocationMinNetmaskLength": 0, "AllocationMaxNetmaskLength": 32 } }
For more information, see Delete a pool
in the Amazon VPC IPAM User Guide. -
For API details, see DeleteIpamPool
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-ipam-resource-discovery
.
- Amazon CLI
-
To delete a resource discovery
In this example, you're a IPAM delegated admin who wants to delete a non-default resource discovery that you created to share with another IPAM admin during the process of integrating IPAM with accounts outside of your organization.
To complete this request:
The
--region
must be the Region where you created the resource discovery.You cannot delete a default resource discovery if"IsDefault": true
. A default resource discovery is one that is created automatically in the account that creates an IPAM. To delete a default resource discovery, you have to delete the IPAM.The following
delete-ipam-resource-discovery
example deletes a resource discovery.aws ec2 delete-ipam-resource-discovery \ --ipam-resource-discovery-id
ipam-res-disco-0e39761475298ee0f
\ --regionus-east-1
Output:
{ "IpamResourceDiscovery": { "OwnerId": "149977607591", "IpamResourceDiscoveryId": "ipam-res-disco-0e39761475298ee0f", "IpamResourceDiscoveryArn": "arn:aws:ec2::149977607591:ipam-resource-discovery/ipam-res-disco-0e39761475298ee0f", "IpamResourceDiscoveryRegion": "us-east-1", "OperatingRegions": [ { "RegionName": "us-east-1" } ], "IsDefault": false, "State": "delete-in-progress" } }
For more information about resource discoveries, see Work with resource discoveries
in the Amazon VPC IPAM User Guide. -
For API details, see DeleteIpamResourceDiscovery
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-ipam-scope
.
- Amazon CLI
-
To delete an IPAM scope
The following
delete-ipam-scope
example deletes an IPAM.aws ec2 delete-ipam-scope \ --ipam-scope-id
ipam-scope-01c1ebab2b63bd7e4
Output:
{ "IpamScope": { "OwnerId": "123456789012", "IpamScopeId": "ipam-scope-01c1ebab2b63bd7e4", "IpamScopeArn": "arn:aws:ec2::123456789012:ipam-scope/ipam-scope-01c1ebab2b63bd7e4", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-08440e7a3acde3908", "IpamRegion": "us-east-1", "IpamScopeType": "private", "IsDefault": false, "Description": "Example description", "PoolCount": 0, "State": "delete-in-progress" } }
For more information, see Delete a scope
in the Amazon VPC IPAM User Guide. -
For API details, see DeleteIpamScope
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-ipam
.
- Amazon CLI
-
To delete an IPAM
The following
delete-ipam
example deletes an IPAM.aws ec2 delete-ipam \ --ipam-id
ipam-036486dfa6af58ee0
Output:
{ "Ipam": { "OwnerId": "123456789012", "IpamId": "ipam-036486dfa6af58ee0", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-036486dfa6af58ee0", "IpamRegion": "us-east-1", "PublicDefaultScopeId": "ipam-scope-071b8042b0195c183", "PrivateDefaultScopeId": "ipam-scope-0807405dece705a30", "ScopeCount": 2, "OperatingRegions": [ { "RegionName": "us-east-1" }, { "RegionName": "us-east-2" }, { "RegionName": "us-west-1" } ], "State": "delete-in-progress" } }
For more information, see Delete an IPAM
in the Amazon VPC IPAM User Guide. -
For API details, see DeleteIpam
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-key-pair
.
- Amazon CLI
-
To delete a key pair
The following
delete-key-pair
example deletes the specified key pair.aws ec2 delete-key-pair \ --key-name
my-key-pair
Output:
{ "Return": true, "KeyPairId": "key-03c8d3aceb53b507" }
For more information, see Create and delete key pairs
in the Amazon Command Line Interface User Guide. -
For API details, see DeleteKeyPair
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-launch-template-versions
.
- Amazon CLI
-
To delete a launch template version
This example deletes the specified launch template version.
Command:
aws ec2 delete-launch-template-versions --launch-template-id
lt-0abcd290751193123
--versions1
Output:
{ "UnsuccessfullyDeletedLaunchTemplateVersions": [], "SuccessfullyDeletedLaunchTemplateVersions": [ { "LaunchTemplateName": "TestVersion", "VersionNumber": 1, "LaunchTemplateId": "lt-0abcd290751193123" } ] }
-
For API details, see DeleteLaunchTemplateVersions
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-launch-template
.
- Amazon CLI
-
To delete a launch template
This example deletes the specified launch template.
Command:
aws ec2 delete-launch-template --launch-template-id
lt-0abcd290751193123
Output:
{ "LaunchTemplate": { "LatestVersionNumber": 2, "LaunchTemplateId": "lt-0abcd290751193123", "LaunchTemplateName": "TestTemplate", "DefaultVersionNumber": 2, "CreatedBy": "arn:aws:iam::123456789012:root", "CreateTime": "2017-11-23T16:46:25.000Z" } }
-
For API details, see DeleteLaunchTemplate
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-local-gateway-route-table-virtual-interface-group-association
.
- Amazon CLI
-
To disassociate a local gateway route table from a virtual interfaces (VIFs) group
The following
delete-local-gateway-route-table-virtual-interface-group-association
example deletes the association between the specified local gateway route table and VIF group.aws ec2 delete-local-gateway-route-table-virtual-interface-group-association \ --local-gateway-route-table-virtual-interface-group-association-id
lgw-vif-grp-assoc-exampleid12345678
Output:
{ "LocalGatewayRouteTableVirtualInterfaceGroupAssociation": { "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": "lgw-vif-grp-assoc-exampleid12345678", "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-exampleid0123abcd", "LocalGatewayId": "lgw-exampleid11223344", "LocalGatewayRouteTableId": "lgw-rtb-exampleidabcd1234", "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-exampleidabcd1234", "OwnerId": "111122223333", "State": "disassociating", "Tags": [] } }
For more information, see VIF group associations
in the Amazon Outposts User Guide. -
For API details, see DeleteLocalGatewayRouteTableVirtualInterfaceGroupAssociation
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-local-gateway-route-table-vpc-association
.
- Amazon CLI
-
To disassociate a local gateway route table from a VPC
The following
delete-local-gateway-route-table-vpc-association
example deletes the association between the specified local gateway route table and VPC.aws ec2 delete-local-gateway-route-table-vpc-association \ --local-gateway-route-table-vpc-association-id
vpc-example0123456789
Output:
{ "LocalGatewayRouteTableVpcAssociation": { "LocalGatewayRouteTableVpcAssociationId": "lgw-vpc-assoc-abcd1234wxyz56789", "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:555555555555:local-gateway-route-table/lgw-rtb-abcdefg1234567890", "LocalGatewayId": "lgw-exampleid01234567", "VpcId": "vpc-example0123456789", "OwnerId": "555555555555", "State": "disassociating" } }
For more information, see VPC associations
in the Amazon Outposts User Guide. -
For API details, see DeleteLocalGatewayRouteTableVpcAssociation
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-local-gateway-route-table
.
- Amazon CLI
-
To delete a local gateway route table
The following
delete-local-gateway-route-table
example creates a local gateway route table with the direct VPC routing mode.aws ec2 delete-local-gateway-route-table \ --local-gateway-route-table-id
lgw-rtb-abcdefg1234567890
Output:
{ "LocalGatewayRouteTable": { "LocalGatewayRouteTableId": "lgw-rtb-abcdefg1234567890", "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:111122223333:local-gateway-route-table/lgw-rtb-abcdefg1234567890", "LocalGatewayId": "lgw-1a2b3c4d5e6f7g8h9", "OutpostArn": "arn:aws:outposts:us-west-2:111122223333:outpost/op-021345abcdef67890", "OwnerId": "111122223333", "State": "deleting", "Tags": [], "Mode": "direct-vpc-routing" } }
For more information, see Local gateway route tables
in the Amazon Outposts User Guide. -
For API details, see DeleteLocalGatewayRouteTable
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-local-gateway-route
.
- Amazon CLI
-
To delete a route from a local gateway route table
The following
delete-local-gateway-route
example deletes the specified route from the specified local gateway route table.aws ec2 delete-local-gateway-route \ --destination-cidr-block
0.0.0.0/0
\ --local-gateway-route-table-idlgw-rtb-059615ef7dEXAMPLE
Output:
{ "Route": { "DestinationCidrBlock": "0.0.0.0/0", "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-07145b276bEXAMPLE", "Type": "static", "State": "deleted", "LocalGatewayRouteTableId": "lgw-rtb-059615ef7EXAMPLE" } }
-
For API details, see DeleteLocalGatewayRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-managed-prefix-list
.
- Amazon CLI
-
To delete a prefix list
The following
delete-managed-prefix-list
example deletes the specified prefix list.aws ec2 delete-managed-prefix-list \ --prefix-list-id
pl-0123456abcabcabc1
Output:
{ "PrefixList": { "PrefixListId": "pl-0123456abcabcabc1", "AddressFamily": "IPv4", "State": "delete-in-progress", "PrefixListArn": "arn:aws:ec2:us-west-2:123456789012:prefix-list/pl-0123456abcabcabc1", "PrefixListName": "test", "MaxEntries": 10, "Version": 1, "OwnerId": "123456789012" } }
For more information, see Managed prefix lists
in the Amazon VPC User Guide. -
For API details, see DeleteManagedPrefixList
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-nat-gateway
.
- Amazon CLI
-
To delete a NAT gateway
This example deletes NAT gateway
nat-04ae55e711cec5680
.Command:
aws ec2 delete-nat-gateway --nat-gateway-id
nat-04ae55e711cec5680
Output:
{ "NatGatewayId": "nat-04ae55e711cec5680" }
-
For API details, see DeleteNatGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-network-acl-entry
.
- Amazon CLI
-
To delete a network ACL entry
This example deletes ingress rule number 100 from the specified network ACL. If the command succeeds, no output is returned.
Command:
aws ec2 delete-network-acl-entry --network-acl-id
acl-5fb85d36
--ingress --rule-number100
-
For API details, see DeleteNetworkAclEntry
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-network-acl
.
- Amazon CLI
-
To delete a network ACL
This example deletes the specified network ACL. If the command succeeds, no output is returned.
Command:
aws ec2 delete-network-acl --network-acl-id
acl-5fb85d36
-
For API details, see DeleteNetworkAcl
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-network-insights-access-scope-analysis
.
- Amazon CLI
-
To delete a Network Access Scope analysis
The following
delete-network-insights-access-scope-analysis
example deletes the specified Network Access Scope analysis.aws ec2 delete-network-insights-access-scope-analysis \ --network-insights-access-scope-analysis-id
nisa-01234567891abcdef
Output:
{ "NetworkInsightsAccessScopeAnalysisId": "nisa-01234567891abcdef }
For more information, see Getting started with Network Access Analyzer using the Amazon CLI
in the Network Access Analyzer Guide. -
For API details, see DeleteNetworkInsightsAccessScopeAnalysis
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-network-insights-access-scope
.
- Amazon CLI
-
To delete a Network Access Scope
The following
delete-network-insights-access-scope
example deletes the specified Network Access Scope.aws ec2 delete-network-insights-access-scope \ --network-insights-access-scope-id
nis-123456789abc01234
Output:
{ "NetworkInsightsAccessScopeId": "nis-123456789abc01234" }
For more information, see Getting started with Network Access Analyzer using the Amazon CLI
in the Network Access Analyzer Guide. -
For API details, see DeleteNetworkInsightsAccessScope
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-network-insights-analysis
.
- Amazon CLI
-
To delete a path analysis
The following
delete-network-insights-analysis
example deletes the specified analysis.aws ec2 delete-network-insights-analysis \ --network-insights-analysis-id
nia-02207aa13eb480c7a
Output:
{ "NetworkInsightsAnalysisId": "nia-02207aa13eb480c7a" }
For more information, see Getting started using the Amazon CLI
in the Reachability Analyzer Guide. -
For API details, see DeleteNetworkInsightsAnalysis
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-network-insights-path
.
- Amazon CLI
-
To delete a path
The following
delete-network-insights-path
example deletes the specified path. Before you can delete a path, you must delete all its analyses using thedelete-network-insights-analysis
command.aws ec2 delete-network-insights-path \ --network-insights-path-id
nip-0b26f224f1d131fa8
Output:
{ "NetworkInsightsPathId": "nip-0b26f224f1d131fa8" }
For more information, see Getting started using the Amazon CLI
in the Reachability Analyzer Guide. -
For API details, see DeleteNetworkInsightsPath
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-network-interface-permission
.
- Amazon CLI
-
To delete a network interface permission
This example deletes the specified network interface permission.
Command:
aws ec2 delete-network-interface-permission --network-interface-permission-id
eni-perm-06fd19020ede149ea
Output:
{ "Return": true }
-
For API details, see DeleteNetworkInterfacePermission
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-network-interface
.
- Amazon CLI
-
To delete a network interface
This example deletes the specified network interface. If the command succeeds, no output is returned.
Command:
aws ec2 delete-network-interface --network-interface-id
eni-e5aa89a3
-
For API details, see DeleteNetworkInterface
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-placement-group
.
- Amazon CLI
-
To delete a placement group
This example command deletes the specified placement group.
Command:
aws ec2 delete-placement-group --group-name
my-cluster
-
For API details, see DeletePlacementGroup
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-queued-reserved-instances
.
- Amazon CLI
-
To delete a queued purchase
The following
delete-queued-reserved-instances
example deletes the specified Reserved Instance, which was queued for purchase.aws ec2 delete-queued-reserved-instances \ --reserved-instances-ids
af9f760e-6f91-4559-85f7-4980eexample
Output:
{ "SuccessfulQueuedPurchaseDeletions": [ { "ReservedInstancesId": "af9f760e-6f91-4559-85f7-4980eexample" } ], "FailedQueuedPurchaseDeletions": [] }
-
For API details, see DeleteQueuedReservedInstances
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-route-table
.
- Amazon CLI
-
To delete a route table
This example deletes the specified route table. If the command succeeds, no output is returned.
Command:
aws ec2 delete-route-table --route-table-id
rtb-22574640
-
For API details, see DeleteRouteTable
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-route
.
- Amazon CLI
-
To delete a route
This example deletes the specified route from the specified route table. If the command succeeds, no output is returned.
Command:
aws ec2 delete-route --route-table-id
rtb-22574640
--destination-cidr-block0.0.0.0/0
-
For API details, see DeleteRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-security-group
.
- Amazon CLI
-
[EC2-Classic] To delete a security group
This example deletes the security group named
MySecurityGroup
. If the command succeeds, no output is returned.Command:
aws ec2 delete-security-group --group-name
MySecurityGroup
[EC2-VPC] To delete a security group
This example deletes the security group with the ID
sg-903004f8
. Note that you can't reference a security group for EC2-VPC by name. If the command succeeds, no output is returned.Command:
aws ec2 delete-security-group --group-id
sg-903004f8
For more information, see Using Security Groups in the Amazon Command Line Interface User Guide.
-
For API details, see DeleteSecurityGroup
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-snapshot
.
- Amazon CLI
-
To delete a snapshot
This example command deletes a snapshot with the snapshot ID of
snap-1234567890abcdef0
. If the command succeeds, no output is returned.Command:
aws ec2 delete-snapshot --snapshot-id
snap-1234567890abcdef0
-
For API details, see DeleteSnapshot
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-spot-datafeed-subscription
.
- Amazon CLI
-
To cancel a Spot Instance data feed subscription
This example command deletes a Spot data feed subscription for the account. If the command succeeds, no output is returned.
Command:
aws ec2 delete-spot-datafeed-subscription
-
For API details, see DeleteSpotDatafeedSubscription
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-subnet-cidr-reservation
.
- Amazon CLI
-
To delete a subnet CIDR reservation
The following
delete-subnet-cidr-reservation
example deletes the specified subnet CIDR reservation.aws ec2 delete-subnet-cidr-reservation \ --subnet-cidr-reservation-id
scr-044f977c4eEXAMPLE
Output:
{ "DeletedSubnetCidrReservation": { "SubnetCidrReservationId": "scr-044f977c4eEXAMPLE", "SubnetId": "subnet-03c51e2e6cEXAMPLE", "Cidr": "10.1.0.16/28", "ReservationType": "prefix", "OwnerId": "123456789012" } }
For more information, see Subnet CIDR reservations
in the Amazon VPC User Guide. -
For API details, see DeleteSubnetCidrReservation
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-subnet
.
- Amazon CLI
-
To delete a subnet
This example deletes the specified subnet. If the command succeeds, no output is returned.
Command:
aws ec2 delete-subnet --subnet-id
subnet-9d4a7b6c
-
For API details, see DeleteSubnet
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-tags
.
- Amazon CLI
-
Example 1: To delete a tag from a resource
The following
delete-tags
example deletes the tagStack=Test
from the specified image. When you specify both a value and a key name, the tag is deleted only if the tag's value matches the specified value.aws ec2 delete-tags \ --resources
ami-1234567890abcdef0
\ --tagsKey=Stack,Value=Test
It's optional to specify the value for a tag. The following
delete-tags
example deletes the tag with the key namepurpose
from the specified instance, regardless of the tag value for the tag.aws ec2 delete-tags \ --resources
i-1234567890abcdef0
\ --tagsKey=purpose
If you specify the empty string as the tag value, the tag is deleted only if the tag's value is the empty string. The following
delete-tags
example specifies the empty string as the tag value for the tag to delete.aws ec2 delete-tags \ --resources
i-1234567890abcdef0
\ --tagsKey=Name,Value=
Example 2: To delete a tag from multiple resources
The following
delete-tags
example deletes the tag``Purpose=Test`` from both an instance and an AMI. As shown in the previous example, you can omit the tag value from the command.aws ec2 delete-tags \ --resources
i-1234567890abcdef0
ami-1234567890abcdef0
\ --tagsKey=Purpose
-
For API details, see DeleteTags
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-traffic-mirror-filter-rule
.
- Amazon CLI
-
To delete a traffic mirror filter rule
The following
delete-traffic-mirror-filter-rule
example deletes the specified traffic mirror filter rule.aws ec2 delete-traffic-mirror-filter-rule \ --traffic-mirror-filter-rule-id
tmfr-081f71283bEXAMPLE
Output:
{ "TrafficMirrorFilterRuleId": "tmfr-081f71283bEXAMPLE" }
For more information, see Modify Your Traffic Mirror Filter Rules
in the Amazon Traffic Mirroring Guide. -
For API details, see DeleteTrafficMirrorFilterRule
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-traffic-mirror-filter
.
- Amazon CLI
-
To delete a traffic mirror filter
The following
delete-traffic-mirror-filter
example deletes the specified traffic mirror filter.aws ec2 delete-traffic-mirror-filter \ --traffic-mirror-filter-id
tmf-0be0b25fcdEXAMPLE
Output:
{ "TrafficMirrorFilterId": "tmf-0be0b25fcdEXAMPLE" }
For more information, see Delete a Traffic Mirror Filter
in the Amazon Traffic Mirroring Guide. -
For API details, see DeleteTrafficMirrorFilter
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-traffic-mirror-session
.
- Amazon CLI
-
To delete a traffic mirror session
The following
delete-traffic-mirror-session
example deletes the specified traffic mirror-session.aws ec2 delete-traffic-mirror-session \ --traffic-mirror-session-id
tms-0af3141ce5EXAMPLE
Output:
{ "TrafficMirrorSessionId": "tms-0af3141ce5EXAMPLE" }
For more information, see Delete a Traffic Mirror Session
in the Amazon Traffic Mirroring Guide. -
For API details, see DeleteTrafficMirrorSession
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-traffic-mirror-target
.
- Amazon CLI
-
To delete a traffic mirror target
The following
delete-traffic-mirror-target
example deletes the specified traffic mirror target.aws ec2 delete-traffic-mirror-target \ --traffic-mirror-target-id
tmt-060f48ce9EXAMPLE
Output:
{ "TrafficMirrorTargetId": "tmt-060f48ce9EXAMPLE" }
For more information, see Delete a Traffic Mirror Target
in the Amazon Traffic Mirroring Guide. -
For API details, see DeleteTrafficMirrorTarget
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-connect-peer
.
- Amazon CLI
-
To delete a Transit Gateway Connect peer
The following
delete-transit-gateway-connect-peer
example deletes the specified Connect peer.aws ec2 delete-transit-gateway-connect-peer \ --transit-gateway-connect-peer-id
tgw-connect-peer-0666adbac4EXAMPLE
Output:
{ "TransitGatewayConnectPeer": { "TransitGatewayAttachmentId": "tgw-attach-0f0927767cEXAMPLE", "TransitGatewayConnectPeerId": "tgw-connect-peer-0666adbac4EXAMPLE", "State": "deleting", "CreationTime": "2021-10-13T03:35:17.000Z", "ConnectPeerConfiguration": { "TransitGatewayAddress": "10.0.0.234", "PeerAddress": "172.31.1.11", "InsideCidrBlocks": [ "169.254.6.0/29" ], "Protocol": "gre", "BgpConfigurations": [ { "TransitGatewayAsn": 64512, "PeerAsn": 64512, "TransitGatewayAddress": "169.254.6.2", "PeerAddress": "169.254.6.1", "BgpStatus": "down" }, { "TransitGatewayAsn": 64512, "PeerAsn": 64512, "TransitGatewayAddress": "169.254.6.3", "PeerAddress": "169.254.6.1", "BgpStatus": "down" } ] } } }
For more information, see Transit gateway Connect attachments and Transit Gateway Connect peers
in the Transit Gateways Guide. -
For API details, see DeleteTransitGatewayConnectPeer
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-connect
.
- Amazon CLI
-
To delete a transit gateway Connect attachment
The following
delete-transit-gateway-connect
example deletes the specified Connect attachment.aws ec2 delete-transit-gateway-connect \ --transit-gateway-attachment-id
tgw-attach-037012e5dcEXAMPLE
Output:
{ "TransitGatewayConnect": { "TransitGatewayAttachmentId": "tgw-attach-037012e5dcEXAMPLE", "TransportTransitGatewayAttachmentId": "tgw-attach-0a89069f57EXAMPLE", "TransitGatewayId": "tgw-02f776b1a7EXAMPLE", "State": "deleting", "CreationTime": "2021-03-09T19:59:17+00:00", "Options": { "Protocol": "gre" } } }
For more information, see Transit gateway Connect attachments and Transit Gateway Connect peers
in the Transit Gateways Guide. -
For API details, see DeleteTransitGatewayConnect
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-multicast-domain
.
- Amazon CLI
-
To delete a transit gateway multicast domain
The following
delete-transit-gateway-multicast-domain
example deletes the specified multicast domain.aws ec2 delete-transit-gateway-multicast-domain \ --transit-gateway-multicast-domain-id
tgw-mcast-domain-0c4905cef7EXAMPLE
Output:
{ "TransitGatewayMulticastDomain": { "TransitGatewayMulticastDomainId": "tgw-mcast-domain-02bb79002bEXAMPLE", "TransitGatewayId": "tgw-0d88d2d0d5EXAMPLE", "State": "deleting", "CreationTime": "2019-11-20T22:02:03.000Z" } }
For more information, see Managing multicast domains
in the Transit Gateways Guide. -
For API details, see DeleteTransitGatewayMulticastDomain
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-peering-attachment
.
- Amazon CLI
-
To delete a transit gateway peering attachment
The following
delete-transit-gateway-peering-attachment
example deletes the specified transit gateway peering attachment.aws ec2 delete-transit-gateway-peering-attachment \ --transit-gateway-attachment-id
tgw-attach-4455667788aabbccd
Output:
{ "TransitGatewayPeeringAttachment": { "TransitGatewayAttachmentId": "tgw-attach-4455667788aabbccd", "RequesterTgwInfo": { "TransitGatewayId": "tgw-123abc05e04123abc", "OwnerId": "123456789012", "Region": "us-west-2" }, "AccepterTgwInfo": { "TransitGatewayId": "tgw-11223344aabbcc112", "OwnerId": "123456789012", "Region": "us-east-2" }, "State": "deleting", "CreationTime": "2019-12-09T11:38:31.000Z" } }
For more information, see Transit Gateway Peering Attachments
in the Transit Gateways Guide. -
For API details, see DeleteTransitGatewayPeeringAttachment
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-policy-table
.
- Amazon CLI
-
To delete a transit gateway policy table
The following
delete-transit-gateway-policy-table
example deletes the specified transit gateway policy table.aws ec2 delete-transit-gateway-policy-table \ --transit-gateway-policy-table-id
tgw-ptb-0a16f134b78668a81
Output:
{ "TransitGatewayPolicyTables": [ { "TransitGatewayPolicyTableId": "tgw-ptb-0a16f134b78668a81", "TransitGatewayId": "tgw-067f8505c18f0bd6e", "State": "deleting", "CreationTime": "2023-11-28T16:36:43+00:00", "Tags": [] } ] }
For more information, see Transit gateway policy tables
in the Transit Gateway User Guide. -
For API details, see DeleteTransitGatewayPolicyTable
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-prefix-list-reference
.
- Amazon CLI
-
To delete a prefix list reference
The following
delete-transit-gateway-prefix-list-reference
example deletes the specified prefix list reference.aws ec2 delete-transit-gateway-prefix-list-reference \ --transit-gateway-route-table-id
tgw-rtb-0123456789abcd123
\ --prefix-list-idpl-11111122222222333
Output:
{ "TransitGatewayPrefixListReference": { "TransitGatewayRouteTableId": "tgw-rtb-0123456789abcd123", "PrefixListId": "pl-11111122222222333", "PrefixListOwnerId": "123456789012", "State": "deleting", "Blackhole": false, "TransitGatewayAttachment": { "TransitGatewayAttachmentId": "tgw-attach-aabbccddaabbccaab", "ResourceType": "vpc", "ResourceId": "vpc-112233445566aabbc" } } }
For more information, see Prefix list references
in the Transit Gateways Guide. -
For API details, see DeleteTransitGatewayPrefixListReference
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-route-table
.
- Amazon CLI
-
To delete a transit gateway route table
The following
delete-transit-gateway-route-table
example deletes the specified transit gateway route table.aws ec2 delete-transit-gateway-route-table \ --transit-gateway-route-table-id
tgw-rtb-0b6f6aaa01EXAMPLE
Output:
{ "TransitGatewayRouteTable": { "TransitGatewayRouteTableId": "tgw-rtb-0b6f6aaa01EXAMPLE", "TransitGatewayId": "tgw-02f776b1a7EXAMPLE", "State": "deleting", "DefaultAssociationRouteTable": false, "DefaultPropagationRouteTable": false, "CreationTime": "2019-07-17T20:27:26.000Z" } }
For more information, see Delete a transit gateway route table
in the Transit Gateways Guide. -
For API details, see DeleteTransitGatewayRouteTable
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-route
.
- Amazon CLI
-
To delete a CIDR block from a route table
The following
delete-transit-gateway-route
example deletes the CIDR block from the specified transit gateway route table.aws ec2 delete-transit-gateway-route \ --transit-gateway-route-table-id
tgw-rtb-0b6f6aaa01EXAMPLE
\ --destination-cidr-block10.0.2.0/24
Output:
{ "Route": { "DestinationCidrBlock": "10.0.2.0/24", "TransitGatewayAttachments": [ { "ResourceId": "vpc-0065acced4EXAMPLE", "TransitGatewayAttachmentId": "tgw-attach-0b5968d3b6EXAMPLE", "ResourceType": "vpc" } ], "Type": "static", "State": "deleted" } }
For more information, see Delete a static route
in the Transit Gateways Guide. -
For API details, see DeleteTransitGatewayRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway-vpc-attachment
.
- Amazon CLI
-
To delete a transit gateway VPC attachment
The following
delete-transit-gateway-vpc-attachment
example deletes the specified VPC attachment.aws ec2 delete-transit-gateway-vpc-attachment \ --transit-gateway-attachment-id
tgw-attach-0d2c54bdbEXAMPLE
Output:
{ "TransitGatewayVpcAttachment": { "TransitGatewayAttachmentId": "tgw-attach-0d2c54bdb3EXAMPLE", "TransitGatewayId": "tgw-02f776b1a7EXAMPLE", "VpcId": "vpc-0065acced4f61c651", "VpcOwnerId": "111122223333", "State": "deleting", "CreationTime": "2019-07-17T16:04:27.000Z" } }
For more information, see Delete a VPC attachment
in the Transit Gateways Guide. -
For API details, see DeleteTransitGatewayVpcAttachment
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-transit-gateway
.
- Amazon CLI
-
To delete a transit gateway
The following
delete-transit-gateway
example deletes the specified transit gateway.aws ec2 delete-transit-gateway \ --transit-gateway-id
tgw-01f04542b2EXAMPLE
Output:
{ "TransitGateway": { "TransitGatewayId": "tgw-01f04542b2EXAMPLE", "State": "deleting", "OwnerId": "123456789012", "Description": "Example Transit Gateway", "CreationTime": "2019-08-27T15:04:35.000Z", "Options": { "AmazonSideAsn": 64515, "AutoAcceptSharedAttachments": "disable", "DefaultRouteTableAssociation": "enable", "AssociationDefaultRouteTableId": "tgw-rtb-0ce7a6948fEXAMPLE", "DefaultRouteTablePropagation": "enable", "PropagationDefaultRouteTableId": "tgw-rtb-0ce7a6948fEXAMPLE", "VpnEcmpSupport": "enable", "DnsSupport": "enable" } } }
For more information, see Delete a transit gateway
in the Transit Gateways Guide. -
For API details, see DeleteTransitGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-verified-access-endpoint
.
- Amazon CLI
-
To delete a Verified Access endpoint
The following
delete-verified-access-endpoint
example deletes the specified Verified Access endpoint.aws ec2 delete-verified-access-endpoint \ --verified-access-endpoint-id
vae-066fac616d4d546f2
Output:
{ "VerifiedAccessEndpoint": { "VerifiedAccessInstanceId": "vai-0ce000c0b7643abea", "VerifiedAccessGroupId": "vagr-0dbe967baf14b7235", "VerifiedAccessEndpointId": "vae-066fac616d4d546f2", "ApplicationDomain": "example.com", "EndpointType": "network-interface", "AttachmentType": "vpc", "DomainCertificateArn": "arn:aws:acm:us-east-2:123456789012:certificate/eb065ea0-26f9-4e75-a6ce-0a1a7EXAMPLE", "EndpointDomain": "my-ava-app.edge-00c3372d53b1540bb.vai-0ce000c0b7643abea.prod.verified-access.us-east-2.amazonaws.com", "SecurityGroupIds": [ "sg-004915970c4c8f13a" ], "NetworkInterfaceOptions": { "NetworkInterfaceId": "eni-0aec70418c8d87a0f", "Protocol": "https", "Port": 443 }, "Status": { "Code": "deleting" }, "Description": "Testing Verified Access", "CreationTime": "2023-08-25T20:54:43", "LastUpdatedTime": "2023-08-25T22:46:32" } }
For more information, see Verified Access endpoints
in the Amazon Verified Access User Guide. -
For API details, see DeleteVerifiedAccessEndpoint
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-verified-access-group
.
- Amazon CLI
-
To delete a Verified Access group
The following
delete-verified-access-group
example deletes the specified Verified Access group.aws ec2 delete-verified-access-group \ --verified-access-group-id
vagr-0dbe967baf14b7235
Output:
{ "VerifiedAccessGroup": { "VerifiedAccessGroupId": "vagr-0dbe967baf14b7235", "VerifiedAccessInstanceId": "vai-0ce000c0b7643abea", "Description": "Testing Verified Access", "Owner": "123456789012", "VerifiedAccessGroupArn": "arn:aws:ec2:us-east-2:123456789012:verified-access-group/vagr-0dbe967baf14b7235", "CreationTime": "2023-08-25T19:55:19", "LastUpdatedTime": "2023-08-25T22:49:03", "DeletionTime": "2023-08-26T00:58:31" } }
For more information, see Verified Access groups
in the Amazon Verified Access User Guide. -
For API details, see DeleteVerifiedAccessGroup
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-verified-access-instance
.
- Amazon CLI
-
To delete a Verified Access instance
The following
delete-verified-access-instance
example deletes the specified Verified Access instance.aws ec2 delete-verified-access-instance \ --verified-access-instance-id
vai-0ce000c0b7643abea
Output:
{ "VerifiedAccessInstance": { "VerifiedAccessInstanceId": "vai-0ce000c0b7643abea", "Description": "Testing Verified Access", "VerifiedAccessTrustProviders": [], "CreationTime": "2023-08-25T18:27:56", "LastUpdatedTime": "2023-08-26T01:00:18" } }
For more information, see Verified Access instances
in the Amazon Verified Access User Guide. -
For API details, see DeleteVerifiedAccessInstance
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-verified-access-trust-provider
.
- Amazon CLI
-
To delete a Verified Access trust provider
The following
delete-verified-access-trust-provider
example deletes the specified Verified Access trust provider.aws ec2 delete-verified-access-trust-provider \ --verified-access-trust-provider-id
vatp-0bb32de759a3e19e7
Output:
{ "VerifiedAccessTrustProvider": { "VerifiedAccessTrustProviderId": "vatp-0bb32de759a3e19e7", "Description": "Testing Verified Access", "TrustProviderType": "user", "UserTrustProviderType": "iam-identity-center", "PolicyReferenceName": "idc", "CreationTime": "2023-08-25T18:40:36", "LastUpdatedTime": "2023-08-25T18:40:36" } }
For more information, see Trust providers for Verified Access
in the Amazon Verified Access User Guide. -
For API details, see DeleteVerifiedAccessTrustProvider
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-volume
.
- Amazon CLI
-
To delete a volume
This example command deletes an available volume with the volume ID of
vol-049df61146c4d7901
. If the command succeeds, no output is returned.Command:
aws ec2 delete-volume --volume-id
vol-049df61146c4d7901
-
For API details, see DeleteVolume
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-vpc-endpoint-connection-notifications
.
- Amazon CLI
-
To delete an endpoint connection notification
This example deletes the specified endpoint connection notification.
Command:
aws ec2 delete-vpc-endpoint-connection-notifications --connection-notification-ids
vpce-nfn-008776de7e03f5abc
Output:
{ "Unsuccessful": [] }
-
For API details, see DeleteVpcEndpointConnectionNotifications
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-vpc-endpoint-service-configurations
.
- Amazon CLI
-
To delete an endpoint service configuration
This example deletes the specified endpoint service configuration.
Command:
aws ec2 delete-vpc-endpoint-service-configurations --service-ids
vpce-svc-03d5ebb7d9579a2b3
Output:
{ "Unsuccessful": [] }
-
For API details, see DeleteVpcEndpointServiceConfigurations
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-vpc-endpoints
.
- Amazon CLI
-
To delete an endpoint
This example deletes endpoints vpce-aa22bb33 and vpce-1a2b3c4d. If the command is partially successful or unsuccessful, a list of unsuccessful items is returned. If the command succeeds, the returned list is empty.
Command:
aws ec2 delete-vpc-endpoints --vpc-endpoint-ids
vpce-aa22bb33
vpce-1a2b3c4d
Output:
{ "Unsuccessful": [] }
-
For API details, see DeleteVpcEndpoints
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-vpc-peering-connection
.
- Amazon CLI
-
To delete a VPC peering connection
This example deletes the specified VPC peering connection.
Command:
aws ec2 delete-vpc-peering-connection --vpc-peering-connection-id
pcx-1a2b3c4d
Output:
{ "Return": true }
-
For API details, see DeleteVpcPeeringConnection
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-vpc
.
- Amazon CLI
-
To delete a VPC
This example deletes the specified VPC. If the command succeeds, no output is returned.
Command:
aws ec2 delete-vpc --vpc-id
vpc-a01106c2
-
For API details, see DeleteVpc
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-vpn-connection-route
.
- Amazon CLI
-
To delete a static route from a VPN connection
This example deletes the specified static route from the specified VPN connection. If the command succeeds, no output is returned.
Command:
aws ec2 delete-vpn-connection-route --vpn-connection-id
vpn-40f41529
--destination-cidr-block11.12.0.0/16
-
For API details, see DeleteVpnConnectionRoute
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-vpn-connection
.
- Amazon CLI
-
To delete a VPN connection
This example deletes the specified VPN connection. If the command succeeds, no output is returned.
Command:
aws ec2 delete-vpn-connection --vpn-connection-id
vpn-40f41529
-
For API details, see DeleteVpnConnection
in Amazon CLI Command Reference.
-
The following code example shows how to use delete-vpn-gateway
.
- Amazon CLI
-
To delete a virtual private gateway
This example deletes the specified virtual private gateway. If the command succeeds, no output is returned.
Command:
aws ec2 delete-vpn-gateway --vpn-gateway-id
vgw-9a4cacf3
-
For API details, see DeleteVpnGateway
in Amazon CLI Command Reference.
-
The following code example shows how to use deprovision-byoip-cidr
.
- Amazon CLI
-
To remove an IP address range from use
The following example removes the specified address range from use with Amazon.
aws ec2 deprovision-byoip-cidr \ --cidr
203.0.113.25/24
Output:
{ "ByoipCidr": { "Cidr": "203.0.113.25/24", "State": "pending-deprovision" } }
-
For API details, see DeprovisionByoipCidr
in Amazon CLI Command Reference.
-
The following code example shows how to use deprovision-ipam-pool-cidr
.
- Amazon CLI
-
To deprovision an IPAM pool CIDR
The following
deprovision-ipam-pool-cidr
example deprovisions a CIDR provisioned to an IPAM pool.(Linux):
aws ec2 deprovision-ipam-pool-cidr \ --ipam-pool-id
ipam-pool-02ec043a19bbe5d08
\ --cidr11.0.0.0/16
(Windows):
aws ec2 deprovision-ipam-pool-cidr
^
--ipam-pool-idipam-pool-02ec043a19bbe5d08
^
--cidr11.0.0.0/16
Output:
{ "IpamPoolCidr": { "Cidr": "11.0.0.0/16", "State": "pending-deprovision" } }
For more information, see Deprovision pool CIDRs
in the Amazon VPC IPAM User Guide. -
For API details, see DeprovisionIpamPoolCidr
in Amazon CLI Command Reference.
-
The following code example shows how to use deregister-image
.
- Amazon CLI
-
To deregister an AMI
This example deregisters the specified AMI. If the command succeeds, no output is returned.
Command:
aws ec2 deregister-image --image-id
ami-4fa54026
-
For API details, see DeregisterImage
in Amazon CLI Command Reference.
-
The following code example shows how to use deregister-instance-event-notification-attributes
.
- Amazon CLI
-
Example 1: To remove all tags from event notifications
The following
deregister-instance-event-notification-attributes
example removesIncludeAllTagsOfInstance=true
, which has the effect of settingIncludeAllTagsOfInstance
tofalse
.aws ec2 deregister-instance-event-notification-attributes \ --instance-tag-attribute
IncludeAllTagsOfInstance=true
Output:
{ "InstanceTagAttribute": { "InstanceTagKeys": [], "IncludeAllTagsOfInstance": true } }
For more information, see Scheduled events for your instances
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. Example 2: To remove specific tags from event notifications
The following
deregister-instance-event-notification-attributes
example removes the specified tag from the tags included in event notifications. To describe the remaining tags included in event notifications, usedescribe-instance-event-notification-attributes
.aws ec2 deregister-instance-event-notification-attributes \ --instance-tag-attribute InstanceTagKeys="tag-key2"
Output:
{ "InstanceTagAttribute": { "InstanceTagKeys": [ "tag-key2" ], "IncludeAllTagsOfInstance": false } }
For more information, see Scheduled events for your instances
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DeregisterInstanceEventNotificationAttributes
in Amazon CLI Command Reference.
-
The following code example shows how to use deregister-transit-gateway-multicast-group-members
.
- Amazon CLI
-
To deregister group members from a multicast group
This example deregisters the specified network interface group member from the transit gateway multicast group.
aws ec2 deregister-transit-gateway-multicast-group-members \ --transit-gateway-multicast-domain-id
tgw-mcast-domain-0c4905cef7EXAMPLE
\ --group-ip-address224.0.1.0
\ --network-interface-idseni-0e246d3269EXAMPLE
Output:
{ "DeregisteredMulticastGroupMembers": { "TransitGatewayMulticastDomainId": "tgw-mcast-domain-0c4905cef7EXAMPLE", "RegisteredNetworkInterfaceIds": [ "eni-0e246d3269EXAMPLE" ], "GroupIpAddress": "224.0.1.0" } }
For more information, see Deregister Members from a Multicast Group
in the Amazon Transit Gateways Users Guide. -
For API details, see DeregisterTransitGatewayMulticastGroupMembers
in Amazon CLI Command Reference.
-
The following code example shows how to use deregister-transit-gateway-multicast-group-source
.
- Amazon CLI
-
To deregister a source from the transit gateway multicast group
This example deregisters the specified network interface group source from the multicast group.
aws ec2 register-transit-gateway-multicast-group-sources \ --transit-gateway-multicast-domain-id
tgw-mcast-domain-0c4905cef79d6e597
\ --group-ip-address224.0.1.0
\ --network-interface-idseni-07f290fc3c090cbae
Output:
{ "DeregisteredMulticastGroupSources": { "TransitGatewayMulticastDomainId": "tgw-mcast-domain-0c4905cef79d6e597", "DeregisteredNetworkInterfaceIds": [ "eni-07f290fc3c090cbae" ], "GroupIpAddress": "224.0.1.0" } }
For more information, see Deregister Sources from a Multicast Group
in the Amazon Transit Gateways User Guide. -
For API details, see DeregisterTransitGatewayMulticastGroupSource
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-account-attributes
.
- Amazon CLI
-
To describe all the attributes for your Amazon account
This example describes the attributes for your Amazon account.
Command:
aws ec2 describe-account-attributes
Output:
{ "AccountAttributes": [ { "AttributeName": "vpc-max-security-groups-per-interface", "AttributeValues": [ { "AttributeValue": "5" } ] }, { "AttributeName": "max-instances", "AttributeValues": [ { "AttributeValue": "20" } ] }, { "AttributeName": "supported-platforms", "AttributeValues": [ { "AttributeValue": "EC2" }, { "AttributeValue": "VPC" } ] }, { "AttributeName": "default-vpc", "AttributeValues": [ { "AttributeValue": "none" } ] }, { "AttributeName": "max-elastic-ips", "AttributeValues": [ { "AttributeValue": "5" } ] }, { "AttributeName": "vpc-max-elastic-ips", "AttributeValues": [ { "AttributeValue": "5" } ] } ] }
To describe a single attribute for your Amazon account
This example describes the
supported-platforms
attribute for your Amazon account.Command:
aws ec2 describe-account-attributes --attribute-names
supported-platforms
Output:
{ "AccountAttributes": [ { "AttributeName": "supported-platforms", "AttributeValues": [ { "AttributeValue": "EC2" }, { "AttributeValue": "VPC" } ] } ] }
-
For API details, see DescribeAccountAttributes
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-address-transfers
.
- Amazon CLI
-
To describe an Elastic IP address transfer
The following
describe-address-transfers
example describes the Elastic IP address transfer for the specified Elastic IP address.aws ec2 describe-address-transfers \ --allocation-ids
eipalloc-09ad461b0d03f6aaf
Output:
{ "AddressTransfers": [ { "PublicIp": "100.21.184.216", "AllocationId": "eipalloc-09ad461b0d03f6aaf", "TransferAccountId": "123456789012", "TransferOfferExpirationTimestamp": "2023-02-22T22:51:01.000Z", "AddressTransferStatus": "pending" } ] }
For more information, see Transfer Elastic IP addresses
in the Amazon VPC User Guide. -
For API details, see DescribeAddressTransfers
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-addresses-attribute
.
- Amazon CLI
-
To view the attributes of the domain name associated with an elastic IP address
The following
describe-addresses-attribute
examples return the attributes of the domain name associated with the elastic IP address.Linux:
aws ec2 describe-addresses-attribute \ --allocation-ids
eipalloc-abcdef01234567890
\ --attributedomain-name
Windows:
aws ec2 describe-addresses-attribute
^
--allocation-idseipalloc-abcdef01234567890
^
--attributedomain-name
Output:
{ "Addresses": [ { "PublicIp": "192.0.2.0", "AllocationId": "eipalloc-abcdef01234567890", "PtrRecord": "example.com." } ] }
To view the attributes of an elastic IP address, you must have first associated a domain name with the elastic IP address. For more information, see Use reverse DNS for email applications
in the Amazon EC2 User Guide or modify-address-attribute in the Amazon CLI Command Reference. -
For API details, see DescribeAddressesAttribute
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-addresses
.
- Amazon CLI
-
Example 1: To retrieve details about all of your Elastic IP addresses
The following
describe addresses
example displays details about your Elastic IP addresses.aws ec2 describe-addresses
Output:
{ "Addresses": [ { "InstanceId": "i-1234567890abcdef0", "PublicIp": "198.51.100.0", "PublicIpv4Pool": "amazon", "Domain": "standard" }, { "Domain": "vpc", "PublicIpv4Pool": "amazon", "InstanceId": "i-1234567890abcdef0", "NetworkInterfaceId": "eni-12345678", "AssociationId": "eipassoc-12345678", "NetworkInterfaceOwnerId": "123456789012", "PublicIp": "203.0.113.0", "AllocationId": "eipalloc-12345678", "PrivateIpAddress": "10.0.1.241" } ] }
Example 2: To retrieve details your Elastic IP addresses for EC2-VPC
The following
describe-addresses
example displays details about your Elastic IP addresses for use with instances in a VPC.aws ec2 describe-addresses \ --filters
"Name=domain,Values=vpc"
Output:
{ "Addresses": [ { "Domain": "vpc", "PublicIpv4Pool": "amazon", "InstanceId": "i-1234567890abcdef0", "NetworkInterfaceId": "eni-12345678", "AssociationId": "eipassoc-12345678", "NetworkInterfaceOwnerId": "123456789012", "PublicIp": "203.0.113.0", "AllocationId": "eipalloc-12345678", "PrivateIpAddress": "10.0.1.241" } ] }
Example 3: To retrieve details about an Elastic IP address specified by allocation ID
The following
describe-addresses
example displays details about the Elastic IP address with the specified allocation ID, which is associated with an instance in EC2-VPC.aws ec2 describe-addresses \ --allocation-ids
eipalloc-282d9641
Output:
{ "Addresses": [ { "Domain": "vpc", "PublicIpv4Pool": "amazon", "InstanceId": "i-1234567890abcdef0", "NetworkInterfaceId": "eni-1a2b3c4d", "AssociationId": "eipassoc-123abc12", "NetworkInterfaceOwnerId": "1234567891012", "PublicIp": "203.0.113.25", "AllocationId": "eipalloc-282d9641", "PrivateIpAddress": "10.251.50.12" } ] }
Example 4: To retrieve details about an Elastic IP address specified by its VPC private IP address
The following
describe-addresses
example displays details about the Elastic IP address associated with a particular private IP address in EC2-VPC.aws ec2 describe-addresses \ --filters
"Name=private-ip-address,Values=10.251.50.12"
Example 5: To retrieve details about Elastic IP addresses in EC2-Classic
TThe following
describe-addresses
example displays details about your Elastic IP addresses for use in EC2-Classic.aws ec2 describe-addresses \ --filters
"Name=domain,Values=standard"
Output:
{ "Addresses": [ { "InstanceId": "i-1234567890abcdef0", "PublicIp": "203.0.110.25", "PublicIpv4Pool": "amazon", "Domain": "standard" } ] }
Example 6: To retrieve details about an Elastic IP addresses specified by its public IP address
The following
describe-addresses
example displays details about the Elastic IP address with the value203.0.110.25
, which is associated with an instance in EC2-Classic.aws ec2 describe-addresses \ --public-ips
203.0.110.25
Output:
{ "Addresses": [ { "InstanceId": "i-1234567890abcdef0", "PublicIp": "203.0.110.25", "PublicIpv4Pool": "amazon", "Domain": "standard" } ] }
-
For API details, see DescribeAddresses
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-aggregate-id-format
.
- Amazon CLI
-
To describe the longer ID format settings for all resource types in a Region
The following
describe-aggregate-id-format
example describes the overall long ID format status for the current Region. TheDeadline
value indicates that the deadlines for these resources to permanently switch from the short ID format to the long ID format expired. TheUseLongIdsAggregated
value indicates that all IAM users and IAM roles are configured to use long ID format for all resource types.aws ec2 describe-aggregate-id-format
Output:
{ "UseLongIdsAggregated": true, "Statuses": [ { "Deadline": "2018-08-13T02:00:00.000Z", "Resource": "network-interface-attachment", "UseLongIds": true }, { "Deadline": "2016-12-13T02:00:00.000Z", "Resource": "instance", "UseLongIds": true }, { "Deadline": "2018-08-13T02:00:00.000Z", "Resource": "elastic-ip-association", "UseLongIds": true }, ... ] }
-
For API details, see DescribeAggregateIdFormat
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-availability-zones
.
- Amazon CLI
-
To describe your Availability Zones
The following example
describe-availability-zones
displays details for the Availability Zones that are available to you. The response includes Availability Zones only for the current Region. In this example, it uses the profiles defaultus-west-2
(Oregon) Region.aws ec2 describe-availability-zones
Output:
{ "AvailabilityZones": [ { "State": "available", "OptInStatus": "opt-in-not-required", "Messages": [], "RegionName": "us-west-2", "ZoneName": "us-west-2a", "ZoneId": "usw2-az1", "GroupName": "us-west-2", "NetworkBorderGroup": "us-west-2" }, { "State": "available", "OptInStatus": "opt-in-not-required", "Messages": [], "RegionName": "us-west-2", "ZoneName": "us-west-2b", "ZoneId": "usw2-az2", "GroupName": "us-west-2", "NetworkBorderGroup": "us-west-2" }, { "State": "available", "OptInStatus": "opt-in-not-required", "Messages": [], "RegionName": "us-west-2", "ZoneName": "us-west-2c", "ZoneId": "usw2-az3", "GroupName": "us-west-2", "NetworkBorderGroup": "us-west-2" }, { "State": "available", "OptInStatus": "opt-in-not-required", "Messages": [], "RegionName": "us-west-2", "ZoneName": "us-west-2d", "ZoneId": "usw2-az4", "GroupName": "us-west-2", "NetworkBorderGroup": "us-west-2" }, { "State": "available", "OptInStatus": "opted-in", "Messages": [], "RegionName": "us-west-2", "ZoneName": "us-west-2-lax-1a", "ZoneId": "usw2-lax1-az1", "GroupName": "us-west-2-lax-1", "NetworkBorderGroup": "us-west-2-lax-1" } ] }
-
For API details, see DescribeAvailabilityZones
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-aws-network-performance-metric-subscription
.
- Amazon CLI
-
To describe your metric subscriptions
The following
describe-aws-network-performance-metric-subscriptions
example describes your metric subscriptions.aws ec2 describe-aws-network-performance-metric-subscriptions
Output:
{ "Subscriptions": [ { "Source": "us-east-1", "Destination": "eu-west-1", "Metric": "aggregate-latency", "Statistic": "p50", "Period": "five-minutes" } ] }
For more information, see Manage subscriptions
in the Infrastructure Performance User Guide. -
For API details, see DescribeAwsNetworkPerformanceMetricSubscription
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-aws-network-performance-metric-subscriptions
.
- Amazon CLI
-
To describe your metric subscriptions
The following
describe-aws-network-performance-metric-subscriptions
example describes your metric subscriptions.aws ec2 describe-aws-network-performance-metric-subscriptions
Output:
{ "Subscriptions": [ { "Source": "us-east-1", "Destination": "eu-west-1", "Metric": "aggregate-latency", "Statistic": "p50", "Period": "five-minutes" } ] }
For more information, see Manage subscriptions
in the Infrastructure Performance User Guide. -
For API details, see DescribeAwsNetworkPerformanceMetricSubscriptions
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-bundle-tasks
.
- Amazon CLI
-
To describe your bundle tasks
This example describes all of your bundle tasks.
Command:
aws ec2 describe-bundle-tasks
Output:
{ "BundleTasks": [ { "UpdateTime": "2015-09-15T13:26:54.000Z", "InstanceId": "i-1234567890abcdef0", "Storage": { "S3": { "Prefix": "winami", "Bucket": "bundletasks" } }, "State": "bundling", "StartTime": "2015-09-15T13:24:35.000Z", "Progress": "3%", "BundleId": "bun-2a4e041c" } ] }
-
For API details, see DescribeBundleTasks
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-byoip-cidrs
.
- Amazon CLI
-
To describe your provisioned address ranges
The following
describe-byoip-cidrs
example displays details about the public IPv4 address ranges that you provisioned for use by Amazon.aws ec2 describe-byoip-cidrs
Output:
{ "ByoipCidrs": [ { "Cidr": "203.0.113.25/24", "StatusMessage": "ipv4pool-ec2-1234567890abcdef0", "State": "provisioned" } ] }
-
For API details, see DescribeByoipCidrs
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-capacity-reservation-fleets
.
- Amazon CLI
-
To view a Capacity Reservation Fleet
The following
describe-capacity-reservation-fleets
example lists configuration and capacity information for the specified Capacity Reservation Fleet. It also lists details about the individual Capacity Reservations that are inside the Fleet.:aws ec2 describe-capacity-reservation-fleets \ --capacity-reservation-fleet-ids
crf-abcdef01234567890
Output:
{ "CapacityReservationFleets": [ { "Status": "active", "EndDate": "2022-12-31T23:59:59.000Z", "InstanceMatchCriteria": "open", "Tags": [], "CapacityReservationFleetId": "crf-abcdef01234567890", "Tenancy": "default", "InstanceTypeSpecifications": [ { "CapacityReservationId": "cr-1234567890abcdef0", "AvailabilityZone": "us-east-1a", "FulfilledCapacity": 5.0, "Weight": 1.0, "CreateDate": "2022-07-02T08:34:33.398Z", "InstancePlatform": "Linux/UNIX", "TotalInstanceCount": 5, "Priority": 1, "EbsOptimized": true, "InstanceType": "m5.xlarge" } ], "TotalTargetCapacity": 5, "TotalFulfilledCapacity": 5.0, "CreateTime": "2022-07-02T08:34:33.397Z", "AllocationStrategy": "prioritized" } ] }
For more information about Capacity Reservation Fleets, see Capacity Reservation Fleets
in the Amazon EC2 User Guide. -
For API details, see DescribeCapacityReservationFleets
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-capacity-reservations
.
- Amazon CLI
-
Example 1: To describe one or more of your capacity reservations
The following
describe-capacity-reservations
example displays details about all of your capacity reservations in the current Amazon Region.aws ec2 describe-capacity-reservations
Output:
{ "CapacityReservations": [ { "CapacityReservationId": "cr-1234abcd56EXAMPLE ", "EndDateType": "unlimited", "AvailabilityZone": "eu-west-1a", "InstanceMatchCriteria": "open", "Tags": [], "EphemeralStorage": false, "CreateDate": "2019-08-16T09:03:18.000Z", "AvailableInstanceCount": 1, "InstancePlatform": "Linux/UNIX", "TotalInstanceCount": 1, "State": "active", "Tenancy": "default", "EbsOptimized": true, "InstanceType": "a1.medium" }, { "CapacityReservationId": "cr-abcdEXAMPLE9876ef ", "EndDateType": "unlimited", "AvailabilityZone": "eu-west-1a", "InstanceMatchCriteria": "open", "Tags": [], "EphemeralStorage": false, "CreateDate": "2019-08-07T11:34:19.000Z", "AvailableInstanceCount": 3, "InstancePlatform": "Linux/UNIX", "TotalInstanceCount": 3, "State": "cancelled", "Tenancy": "default", "EbsOptimized": true, "InstanceType": "m5.large" } ] }
Example 2: To describe one or more of your capacity reservations
The following
describe-capacity-reservations
example displays details about the specified capacity reservation.aws ec2 describe-capacity-reservations \ --capacity-reservation-ids
cr-1234abcd56EXAMPLE
Output:
{ "CapacityReservations": [ { "CapacityReservationId": "cr-1234abcd56EXAMPLE", "EndDateType": "unlimited", "AvailabilityZone": "eu-west-1a", "InstanceMatchCriteria": "open", "Tags": [], "EphemeralStorage": false, "CreateDate": "2019-08-16T09:03:18.000Z", "AvailableInstanceCount": 1, "InstancePlatform": "Linux/UNIX", "TotalInstanceCount": 1, "State": "active", "Tenancy": "default", "EbsOptimized": true, "InstanceType": "a1.medium" } ] }
For more information, see Viewing a Capacity Reservation
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DescribeCapacityReservations
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-carrier-gateways
.
- Amazon CLI
-
To describe all carrier gateways
The following
describe-carrier-gateways
example lists all your carrier gateways.aws ec2 describe-carrier-gateways
Output:
{ "CarrierGateways": [ { "CarrierGatewayId": "cagw-0465cdEXAMPLE1111", "VpcId": "vpc-0c529aEXAMPLE", "State": "available", "OwnerId": "123456789012", "Tags": [ { "Key": "example", "Value": "tag" } ] } ] }
For more information, see Carrier gateways<https://docs.aws.amazon.com/vpc/latest/userguide/Carrier_Gateway.html> in the Amazon Virtual Private Cloud User Guide.
-
For API details, see DescribeCarrierGateways
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-classic-link-instances
.
- Amazon CLI
-
To describe linked EC2-Classic instances
This example lists all of your linked EC2-Classic instances.
Command:
aws ec2 describe-classic-link-instances
Output:
{ "Instances": [ { "InstanceId": "i-1234567890abcdef0", "VpcId": "vpc-88888888", "Groups": [ { "GroupId": "sg-11122233" } ], "Tags": [ { "Value": "ClassicInstance", "Key": "Name" } ] }, { "InstanceId": "i-0598c7d356eba48d7", "VpcId": "vpc-12312312", "Groups": [ { "GroupId": "sg-aabbccdd" } ], "Tags": [ { "Value": "ClassicInstance2", "Key": "Name" } ] } ] }
This example lists all of your linked EC2-Classic instances, and filters the response to include only instances that are linked to VPC vpc-88888888.
Command:
aws ec2 describe-classic-link-instances --filter
"Name=vpc-id,Values=vpc-88888888"
Output:
{ "Instances": [ { "InstanceId": "i-1234567890abcdef0", "VpcId": "vpc-88888888", "Groups": [ { "GroupId": "sg-11122233" } ], "Tags": [ { "Value": "ClassicInstance", "Key": "Name" } ] } ] }
-
For API details, see DescribeClassicLinkInstances
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-client-vpn-authorization-rules
.
- Amazon CLI
-
To describe the authorization rules for a Client VPN endpoint
The following
describe-client-vpn-authorization-rules
example displays details about the authorization rules for the specified Client VPN endpoint.aws ec2 describe-client-vpn-authorization-rules \ --client-vpn-endpoint-id
cvpn-endpoint-123456789123abcde
Output:
{ "AuthorizationRules": [ { "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "GroupId": "", "AccessAll": true, "DestinationCidr": "0.0.0.0/0", "Status": { "Code": "active" } } ] }
For more information, see Authorization Rules
in the Amazon Client VPN Administrator Guide. -
For API details, see DescribeClientVpnAuthorizationRules
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-client-vpn-connections
.
- Amazon CLI
-
To describe the connections to a Client VPN endpoint
The following
describe-client-vpn-connections
example displays details about the client connections to the specified Client VPN endpoint.aws ec2 describe-client-vpn-connections \ --client-vpn-endpoint-id
cvpn-endpoint-123456789123abcde
Output:
{ "Connections": [ { "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "Timestamp": "2019-08-12 07:58:34", "ConnectionId": "cvpn-connection-0e03eb24267165acd", "ConnectionEstablishedTime": "2019-08-12 07:57:14", "IngressBytes": "32302", "EgressBytes": "5696", "IngressPackets": "332", "EgressPackets": "67", "ClientIp": "172.31.0.225", "CommonName": "client1.domain.tld", "Status": { "Code": "terminated" }, "ConnectionEndTime": "2019-08-12 07:58:34" }, { "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "Timestamp": "2019-08-12 08:02:54", "ConnectionId": "cvpn-connection-00668867a40f18253", "ConnectionEstablishedTime": "2019-08-12 08:02:53", "IngressBytes": "2951", "EgressBytes": "2611", "IngressPackets": "9", "EgressPackets": "6", "ClientIp": "172.31.0.226", "CommonName": "client1.domain.tld", "Status": { "Code": "active" }, "ConnectionEndTime": "-" } ] }
For more information, see Client Connections
in the Amazon Client VPN Administrator Guide. -
For API details, see DescribeClientVpnConnections
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-client-vpn-endpoints
.
- Amazon CLI
-
To describe your Client VPN endpoints
The following
describe-client-vpn-endpoints
example displays details about all of your Client VPN endpoints.aws ec2 describe-client-vpn-endpoints
Output:
{ "ClientVpnEndpoints": [ { "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "Description": "Endpoint for Admin access", "Status": { "Code": "available" }, "CreationTime": "2020-11-13T11:37:27", "DnsName": "*.cvpn-endpoint-123456789123abcde.prod.clientvpn.ap-south-1.amazonaws.com", "ClientCidrBlock": "172.31.0.0/16", "DnsServers": [ "8.8.8.8" ], "SplitTunnel": false, "VpnProtocol": "openvpn", "TransportProtocol": "udp", "VpnPort": 443, "ServerCertificateArn": "arn:aws:acm:ap-south-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-11111EXAMPLE", "AuthenticationOptions": [ { "Type": "certificate-authentication", "MutualAuthentication": { "ClientRootCertificateChain": "arn:aws:acm:ap-south-1:123456789012:certificate/a1b2c3d4-5678-90ab-cdef-22222EXAMPLE" } } ], "ConnectionLogOptions": { "Enabled": true, "CloudwatchLogGroup": "Client-vpn-connection-logs", "CloudwatchLogStream": "cvpn-endpoint-123456789123abcde-ap-south-1-2020/11/13-FCD8HEMVaCcw" }, "Tags": [ { "Key": "Name", "Value": "Client VPN" } ], "SecurityGroupIds": [ "sg-aabbcc11223344567" ], "VpcId": "vpc-a87f92c1", "SelfServicePortalUrl": "https://self-service.clientvpn.amazonaws.com/endpoints/cvpn-endpoint-123456789123abcde", "ClientConnectOptions": { "Enabled": false } } ] }
For more information, see Client VPN Endpoints
in the Amazon Client VPN Administrator Guide. -
For API details, see DescribeClientVpnEndpoints
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-client-vpn-routes
.
- Amazon CLI
-
To describe the routes for a Client VPN endpoint
The following
describe-client-vpn-routes
example displays details about the routes for the specified Client VPN endpoint.aws ec2 describe-client-vpn-routes \ --client-vpn-endpoint-id
cvpn-endpoint-123456789123abcde
Output:
{ "Routes": [ { "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "DestinationCidr": "10.0.0.0/16", "TargetSubnet": "subnet-0123456789abcabca", "Type": "Nat", "Origin": "associate", "Status": { "Code": "active" }, "Description": "Default Route" }, { "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "DestinationCidr": "0.0.0.0/0", "TargetSubnet": "subnet-0123456789abcabca", "Type": "Nat", "Origin": "add-route", "Status": { "Code": "active" } } ] }
For more information, see Routes
in the Amazon Client VPN Administrator Guide. -
For API details, see DescribeClientVpnRoutes
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-client-vpn-target-networks
.
- Amazon CLI
-
To describe the target networks for a Client VPN endpoint
The following
describe-client-vpn-target-networks
example displays details about the target networks for the specified Client VPN endpoint.aws ec2 describe-client-vpn-target-networks \ --client-vpn-endpoint-id
cvpn-endpoint-123456789123abcde
Output:
{ "ClientVpnTargetNetworks": [ { "AssociationId": "cvpn-assoc-012e837060753dc3d", "VpcId": "vpc-11111222222333333", "TargetNetworkId": "subnet-0123456789abcabca", "ClientVpnEndpointId": "cvpn-endpoint-123456789123abcde", "Status": { "Code": "associating" }, "SecurityGroups": [ "sg-012345678910abcab" ] } ] }
For more information, see Target Networks
in the Amazon Client VPN Administrator Guide. -
For API details, see DescribeClientVpnTargetNetworks
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-coip-pools
.
- Amazon CLI
-
To describe customer-owned IP address pools
The following
describe-coip-pools
example describes the customer-owned IP address pools in your Amazon account.aws ec2 describe-coip-pools
Output:
{ "CoipPools": [ { "PoolId": "ipv4pool-coip-123a45678bEXAMPLE", "PoolCidrs": [ "0.0.0.0/0" ], "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE", "PoolArn": "arn:aws:ec2:us-west-2:123456789012:coip-pool/ipv4pool-coip-123a45678bEXAMPLE" } ] }
For more information, see Customer-owned IP addresses
in the Amazon Outposts User Guide. -
For API details, see DescribeCoipPools
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-conversion-tasks
.
- Amazon CLI
-
To view the status of a conversion task
This example returns the status of a conversion task with the ID import-i-ffvko9js.
Command:
aws ec2 describe-conversion-tasks --conversion-task-ids
import-i-ffvko9js
Output:
{ "ConversionTasks": [ { "ConversionTaskId": "import-i-ffvko9js", "ImportInstance": { "InstanceId": "i-1234567890abcdef0", "Volumes": [ { "Volume": { "Id": "vol-049df61146c4d7901", "Size": 16 }, "Status": "completed", "Image": { "Size": 1300687360, "ImportManifestUrl": "https://s3.amazonaws.com/myimportbucket/411443cd-d620-4f1c-9d66-13144EXAMPLE/RHEL5.vmdkmanifest.xml?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Expires=140EXAMPLE&Signature=XYNhznHNgCqsjDxL9wRL%2FJvEXAMPLE", "Format": "VMDK" }, "BytesConverted": 1300682960, "AvailabilityZone": "us-east-1d" } ] }, "ExpirationTime": "2014-05-14T22:06:23Z", "State": "completed" } ] }
-
For API details, see DescribeConversionTasks
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-customer-gateways
.
- Amazon CLI
-
To describe your customer gateways
This example describes your customer gateways.
Command:
aws ec2 describe-customer-gateways
Output:
{ "CustomerGateways": [ { "CustomerGatewayId": "cgw-b4dc3961", "IpAddress": "203.0.113.12", "State": "available", "Type": "ipsec.1", "BgpAsn": "65000" }, { "CustomerGatewayId": "cgw-0e11f167", "IpAddress": "12.1.2.3", "State": "available", "Type": "ipsec.1", "BgpAsn": "65534" } ] }
To describe a specific customer gateway
This example describes the specified customer gateway.
Command:
aws ec2 describe-customer-gateways --customer-gateway-ids
cgw-0e11f167
Output:
{ "CustomerGateways": [ { "CustomerGatewayId": "cgw-0e11f167", "IpAddress": "12.1.2.3", "State": "available", "Type": "ipsec.1", "BgpAsn": "65534" } ] }
-
For API details, see DescribeCustomerGateways
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-dhcp-options
.
- Amazon CLI
-
Example 1: To describe your DHCP options
The following
describe-dhcp-options
example retrieves details about your DHCP options.aws ec2 describe-dhcp-options
Output:
{ "DhcpOptions": [ { "DhcpConfigurations": [ { "Key": "domain-name", "Values": [ { "Value": "us-east-2.compute.internal" } ] }, { "Key": "domain-name-servers", "Values": [ { "Value": "AmazonProvidedDNS" } ] } ], "DhcpOptionsId": "dopt-19edf471", "OwnerId": "111122223333" }, { "DhcpConfigurations": [ { "Key": "domain-name", "Values": [ { "Value": "us-east-2.compute.internal" } ] }, { "Key": "domain-name-servers", "Values": [ { "Value": "AmazonProvidedDNS" } ] } ], "DhcpOptionsId": "dopt-fEXAMPLE", "OwnerId": "111122223333" } ] }
For more information, see Working with DHCP Option Sets
in the Amazon VPC User Guide. Example 2: To describe your DHCP options and filter the output
The following
describe-dhcp-options
example describes your DHCP options and uses a filter to return only DHCP options that haveexample.com
for the domain name server. The example uses the--query
parameter to display only the configuration information and ID in the output.aws ec2 describe-dhcp-options \ --filters
Name=key,Values=domain-name-servers
Name=value,Values=example.com
\ --query"DhcpOptions[*].[DhcpConfigurations,DhcpOptionsId]"
Output:
[ [ [ { "Key": "domain-name", "Values": [ { "Value": "example.com" } ] }, { "Key": "domain-name-servers", "Values": [ { "Value": "172.16.16.16" } ] } ], "dopt-001122334455667ab" ] ]
For more information, see Working with DHCP Option Sets
in the Amazon VPC User Guide. -
For API details, see DescribeDhcpOptions
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-egress-only-internet-gateways
.
- Amazon CLI
-
To describe your egress-only Internet gateways
This example describes your egress-only Internet gateways.
Command:
aws ec2 describe-egress-only-internet-gateways
Output:
{ "EgressOnlyInternetGateways": [ { "EgressOnlyInternetGatewayId": "eigw-015e0e244e24dfe8a", "Attachments": [ { "State": "attached", "VpcId": "vpc-0c62a468" } ] } ] }
-
For API details, see DescribeEgressOnlyInternetGateways
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-elastic-gpus
.
- Amazon CLI
-
To describe an Elastic GPU
Command:
aws ec2 describe-elastic-gpus --elastic-gpu-ids
egpu-12345678901234567890abcdefghijkl
-
For API details, see DescribeElasticGpus
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-export-image-tasks
.
- Amazon CLI
-
To monitor an export image task
The following
describe-export-image-tasks
example checks the status of the specified export image task. The resulting image file in Amazon S3 ismy-export-bucket/exports/export-ami-1234567890abcdef0.vmdk
.aws ec2 describe-export-image-tasks \ --export-image-task-ids
export-ami-1234567890abcdef0
Output for an export image task that is in progress.
{ "ExportImageTasks": [ { "ExportImageTaskId": "export-ami-1234567890abcdef0" "Progress": "21", "S3ExportLocation": { "S3Bucket": "my-export-bucket", "S3Prefix": "exports/" }, "Status": "active", "StatusMessage": "updating" } ] }
Output for an export image task that is completed.
{ "ExportImageTasks": [ { "ExportImageTaskId": "export-ami-1234567890abcdef0" "S3ExportLocation": { "S3Bucket": "my-export-bucket", "S3Prefix": "exports/" }, "Status": "completed" } ] }
For more information, see Export a VM from an AMI
in the VM Import/Export User Guide. -
For API details, see DescribeExportImageTasks
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-export-tasks
.
- Amazon CLI
-
To list details about an instance export task
This example describes the export task with ID export-i-fh8sjjsq.
Command:
aws ec2 describe-export-tasks --export-task-ids
export-i-fh8sjjsq
Output:
{ "ExportTasks": [ { "State": "active", "InstanceExportDetails": { "InstanceId": "i-1234567890abcdef0", "TargetEnvironment": "vmware" }, "ExportToS3Task": { "S3Bucket": "myexportbucket", "S3Key": "RHEL5export-i-fh8sjjsq.ova", "DiskImageFormat": "vmdk", "ContainerFormat": "ova" }, "Description": "RHEL5 instance", "ExportTaskId": "export-i-fh8sjjsq" } ] }
-
For API details, see DescribeExportTasks
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-fast-launch-images
.
- Amazon CLI
-
To describe the details for Windows AMIs that are configured for faster launching
The following
describe-fast-launch-images
example describes the details for each of the AMIs in your account that are configured for faster launching, including the resource type, the snapshot configuration, the launch template details, the maximum number of parallel launches, the AMI owner ID, the state of the fast launch configuration, the reason the state was changed, and the time that the state change occurred.aws ec2 describe-fast-launch-images
Output:
{ "FastLaunchImages": [ { "ImageId": "ami-01234567890abcedf", "ResourceType": "snapshot", "SnapshotConfiguration": {}, "LaunchTemplate": { "LaunchTemplateId": "lt-01234567890abcedf", "LaunchTemplateName": "EC2FastLaunchDefaultResourceCreation-a8c6215d-94e6-441b-9272-dbd1f87b07e2", "Version": "1" }, "MaxParallelLaunches": 6, "OwnerId": "0123456789123", "State": "enabled", "StateTransitionReason": "Client.UserInitiated", "StateTransitionTime": "2022-01-27T22:20:06.552000+00:00" } ] }
For more information about configuring a Windows AMI for faster launching, see Configure your AMI for faster launching
in the Amazon EC2 User Guide. -
For API details, see DescribeFastLaunchImages
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-fast-snapshot-restores
.
- Amazon CLI
-
To describe fast snapshot restores
The following
describe-fast-snapshot-restores
example displays details for all fast snapshot restores with a state ofdisabled
.aws ec2 describe-fast-snapshot-restores \ --filters
Name=state,Values=disabled
Output:
{ "FastSnapshotRestores": [ { "SnapshotId": "snap-1234567890abcdef0", "AvailabilityZone": "us-west-2c", "State": "disabled", "StateTransitionReason": "Client.UserInitiated - Lifecycle state transition", "OwnerId": "123456789012", "EnablingTime": "2020-01-25T23:57:49.596Z", "OptimizingTime": "2020-01-25T23:58:25.573Z", "EnabledTime": "2020-01-25T23:59:29.852Z", "DisablingTime": "2020-01-26T00:40:56.069Z", "DisabledTime": "2020-01-26T00:41:27.390Z" } ] }
The following
describe-fast-snapshot-restores
example describes all fast snapshot restores.aws ec2 describe-fast-snapshot-restores
-
For API details, see DescribeFastSnapshotRestores
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-fleet-history
.
- Amazon CLI
-
To describe EC2 Fleet history
The following
describe-fleet-history
example returns the history for the specified EC2 Fleet starting at the specified time. The output is for an EC2 Fleet with two running instances.aws ec2 describe-fleet-history \ --fleet-id
fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE
\ --start-time2020-09-01T00:00:00Z
Output:
{ "HistoryRecords": [ { "EventInformation": { "EventSubType": "submitted" }, "EventType": "fleetRequestChange", "Timestamp": "2020-09-01T18:26:05.000Z" }, { "EventInformation": { "EventSubType": "active" }, "EventType": "fleetRequestChange", "Timestamp": "2020-09-01T18:26:15.000Z" }, { "EventInformation": { "EventDescription": "t2.small, ami-07c8bc5c1ce9598c3, ...", "EventSubType": "progress" }, "EventType": "fleetRequestChange", "Timestamp": "2020-09-01T18:26:17.000Z" }, { "EventInformation": { "EventDescription": "{\"instanceType\":\"t2.small\", ...}", "EventSubType": "launched", "InstanceId": "i-083a1c446e66085d2" }, "EventType": "instanceChange", "Timestamp": "2020-09-01T18:26:17.000Z" }, { "EventInformation": { "EventDescription": "{\"instanceType\":\"t2.small\", ...}", "EventSubType": "launched", "InstanceId": "i-090db02406cc3c2d6" }, "EventType": "instanceChange", "Timestamp": "2020-09-01T18:26:17.000Z" } ], "LastEvaluatedTime": "2020-09-01T19:10:19.000Z", "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE", "StartTime": "2020-08-31T23:53:20.000Z" }
For more information, see Managing an EC2 Fleet
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DescribeFleetHistory
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-fleet-instances
.
- Amazon CLI
-
To describe the running instances for an EC2 Fleet
The following
describe-fleet-instances
example describes the running instances for the specified EC2 Fleet.aws ec2 describe-fleet-instances \ --fleet-id
12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE
Output:
{ "ActiveInstances": [ { "InstanceId": "i-090db02406cc3c2d6", "InstanceType": "t2.small", "SpotInstanceRequestId": "sir-a43gtpfk", "InstanceHealth": "healthy" }, { "InstanceId": "i-083a1c446e66085d2", "InstanceType": "t2.small", "SpotInstanceRequestId": "sir-iwcit2nj", "InstanceHealth": "healthy" } ], "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE" }
For more information, see Managing an EC2 Fleet
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DescribeFleetInstances
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-fleets
.
- Amazon CLI
-
To describe an EC2 Fleet
The following
describe-fleets
example describes the specified EC2 Fleet.aws ec2 describe-fleets \ --fleet-ids
fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE
Output:
{ "Fleets": [ { "ActivityStatus": "pending_fulfillment", "CreateTime": "2020-09-01T18:26:05.000Z", "FleetId": "fleet-12a34b55-67cd-8ef9-ba9b-9208dEXAMPLE", "FleetState": "active", "ExcessCapacityTerminationPolicy": "termination", "FulfilledCapacity": 0.0, "FulfilledOnDemandCapacity": 0.0, "LaunchTemplateConfigs": [ { "LaunchTemplateSpecification": { "LaunchTemplateId": "lt-0e632f2855a979cd5", "Version": "1" } } ], "TargetCapacitySpecification": { "TotalTargetCapacity": 2, "OnDemandTargetCapacity": 0, "SpotTargetCapacity": 2, "DefaultTargetCapacityType": "spot" }, "TerminateInstancesWithExpiration": false, "Type": "maintain", "ReplaceUnhealthyInstances": false, "SpotOptions": { "AllocationStrategy": "lowestPrice", "InstanceInterruptionBehavior": "terminate", "InstancePoolsToUseCount": 1 }, "OnDemandOptions": { "AllocationStrategy": "lowestPrice" } } ] }
For more information, see Managing an EC2 Fleet
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DescribeFleets
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-flow-logs
.
- Amazon CLI
-
Example 1: To describe all of your flow logs
The following
describe-flow-logs
example displays details for all of your flow logs.aws ec2 describe-flow-logs
Output:
{ "FlowLogs": [ { "CreationTime": "2018-02-21T13:22:12.644Z", "DeliverLogsPermissionArn": "arn:aws:iam::123456789012:role/flow-logs-role", "DeliverLogsStatus": "SUCCESS", "FlowLogId": "fl-aabbccdd112233445", "MaxAggregationInterval": 600, "FlowLogStatus": "ACTIVE", "LogGroupName": "FlowLogGroup", "ResourceId": "subnet-12345678901234567", "TrafficType": "ALL", "LogDestinationType": "cloud-watch-logs", "LogFormat": "${version} ${account-id} ${interface-id} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${protocol} ${packets} ${bytes} ${start} ${end} ${action} ${log-status}" }, { "CreationTime": "2020-02-04T15:22:29.986Z", "DeliverLogsStatus": "SUCCESS", "FlowLogId": "fl-01234567890123456", "MaxAggregationInterval": 60, "FlowLogStatus": "ACTIVE", "ResourceId": "vpc-00112233445566778", "TrafficType": "ACCEPT", "LogDestinationType": "s3", "LogDestination": "arn:aws:s3:::my-flow-log-bucket/custom", "LogFormat": "${version} ${vpc-id} ${subnet-id} ${instance-id} ${interface-id} ${account-id} ${type} ${srcaddr} ${dstaddr} ${srcport} ${dstport} ${pkt-srcaddr} ${pkt-dstaddr} ${protocol} ${bytes} ${packets} ${start} ${end} ${action} ${tcp-flags} ${log-status}" } ] }
Example 2: To describe a subset of your flow logs
The following
describe-flow-logs
example uses a filter to display details for only those flow logs that are in the specified log group in Amazon CloudWatch Logs.aws ec2 describe-flow-logs \ --filter
"Name=log-group-name,Values=MyFlowLogs"
-
For API details, see DescribeFlowLogs
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-fpga-image-attribute
.
- Amazon CLI
-
To describe the attributes of an Amazon FPGA image
This example describes the load permissions for the specified AFI.
Command:
aws ec2 describe-fpga-image-attribute --fpga-image-id
afi-0d123e123bfc85abc
--attributeloadPermission
Output:
{ "FpgaImageAttribute": { "FpgaImageId": "afi-0d123e123bfc85abc", "LoadPermissions": [ { "UserId": "123456789012" } ] } }
-
For API details, see DescribeFpgaImageAttribute
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-fpga-images
.
- Amazon CLI
-
To describe Amazon FPGA images
This example describes AFIs that are owned by account
123456789012
.Command:
aws ec2 describe-fpga-images --filters
Name=owner-id,Values=123456789012
Output:
{ "FpgaImages": [ { "UpdateTime": "2017-12-22T12:09:14.000Z", "Name": "my-afi", "PciId": { "SubsystemVendorId": "0xfedd", "VendorId": "0x1d0f", "DeviceId": "0xf000", "SubsystemId": "0x1d51" }, "FpgaImageGlobalId": "agfi-123cb27b5e84a0abc", "Public": false, "State": { "Code": "available" }, "ShellVersion": "0x071417d3", "OwnerId": "123456789012", "FpgaImageId": "afi-0d123e123bfc85abc", "CreateTime": "2017-12-22T11:43:33.000Z", "Description": "my-afi" } ] }
-
For API details, see DescribeFpgaImages
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-host-reservation-offerings
.
- Amazon CLI
-
To describe Dedicated Host Reservation offerings
This example describes the Dedicated Host Reservations for the M4 instance family that are available to purchase.
Command:
aws ec2 describe-host-reservation-offerings --filter
Name=instance-family,Values=m4
Output:
{ "OfferingSet": [ { "HourlyPrice": "1.499", "OfferingId": "hro-03f707bf363b6b324", "InstanceFamily": "m4", "PaymentOption": "NoUpfront", "UpfrontPrice": "0.000", "Duration": 31536000 }, { "HourlyPrice": "1.045", "OfferingId": "hro-0ef9181cabdef7a02", "InstanceFamily": "m4", "PaymentOption": "NoUpfront", "UpfrontPrice": "0.000", "Duration": 94608000 }, { "HourlyPrice": "0.714", "OfferingId": "hro-04567a15500b92a51", "InstanceFamily": "m4", "PaymentOption": "PartialUpfront", "UpfrontPrice": "6254.000", "Duration": 31536000 }, { "HourlyPrice": "0.484", "OfferingId": "hro-0d5d7a9d23ed7fbfe", "InstanceFamily": "m4", "PaymentOption": "PartialUpfront", "UpfrontPrice": "12720.000", "Duration": 94608000 }, { "HourlyPrice": "0.000", "OfferingId": "hro-05da4108ca998c2e5", "InstanceFamily": "m4", "PaymentOption": "AllUpfront", "UpfrontPrice": "23913.000", "Duration": 94608000 }, { "HourlyPrice": "0.000", "OfferingId": "hro-0a9f9be3b95a3dc8f", "InstanceFamily": "m4", "PaymentOption": "AllUpfront", "UpfrontPrice": "12257.000", "Duration": 31536000 } ] }
-
For API details, see DescribeHostReservationOfferings
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-host-reservations
.
- Amazon CLI
-
To describe Dedicated Host Reservations in your account
This example describes the Dedicated Host Reservations in your account.
Command:
aws ec2 describe-host-reservations
Output:
{ "HostReservationSet": [ { "Count": 1, "End": "2019-01-10T12:14:09Z", "HourlyPrice": "1.499", "InstanceFamily": "m4", "OfferingId": "hro-03f707bf363b6b324", "PaymentOption": "NoUpfront", "State": "active", "HostIdSet": [ "h-013abcd2a00cbd123" ], "Start": "2018-01-10T12:14:09Z", "HostReservationId": "hr-0d418a3a4ffc669ae", "UpfrontPrice": "0.000", "Duration": 31536000 } ] }
-
For API details, see DescribeHostReservations
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-hosts
.
- Amazon CLI
-
To view details about Dedicated Hosts
The following
describe-hosts
example displays details for theavailable
Dedicated Hosts in your Amazon account.aws ec2 describe-hosts --filter
"Name=state,Values=available"
Output:
{ "Hosts": [ { "HostId": "h-07879acf49EXAMPLE", "Tags": [ { "Value": "production", "Key": "purpose" } ], "HostProperties": { "Cores": 48, "TotalVCpus": 96, "InstanceType": "m5.large", "Sockets": 2 }, "Instances": [], "State": "available", "AvailabilityZone": "eu-west-1a", "AvailableCapacity": { "AvailableInstanceCapacity": [ { "AvailableCapacity": 48, "InstanceType": "m5.large", "TotalCapacity": 48 } ], "AvailableVCpus": 96 }, "HostRecovery": "on", "AllocationTime": "2019-08-19T08:57:44.000Z", "AutoPlacement": "off" } ] }
For more information, see Viewing Dedicated Hosts
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DescribeHosts
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-iam-instance-profile-associations
.
- Amazon CLI
-
To describe IAM instance profile associations
This example describes all of your IAM instance profile associations.
Command:
aws ec2 describe-iam-instance-profile-associations
Output:
{ "IamInstanceProfileAssociations": [ { "InstanceId": "i-09eb09efa73ec1dee", "State": "associated", "AssociationId": "iip-assoc-0db249b1f25fa24b8", "IamInstanceProfile": { "Id": "AIPAJVQN4F5WVLGCJDRGM", "Arn": "arn:aws:iam::123456789012:instance-profile/admin-role" } }, { "InstanceId": "i-0402909a2f4dffd14", "State": "associating", "AssociationId": "iip-assoc-0d1ec06278d29f44a", "IamInstanceProfile": { "Id": "AGJAJVQN4F5WVLGCJABCM", "Arn": "arn:aws:iam::123456789012:instance-profile/user1-role" } } ] }
-
For API details, see DescribeIamInstanceProfileAssociations
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-id-format
.
- Amazon CLI
-
Example 1: To describe the ID format of a resource
The following
describe-id-format
example describes the ID format for security groups.aws ec2 describe-id-format \ --resource
security-group
In the following example output, the
Deadline
value indicates that the deadline for this resource type to permanently switch from the short ID format to the long ID format expired at 00:00 UTC on August 15, 2018.{ "Statuses": [ { "Deadline": "2018-08-15T00:00:00.000Z", "Resource": "security-group", "UseLongIds": true } ] }
Example 2: To describe the ID format for all resources
The following
describe-id-format
example describes the ID format for all resource types. All resource types that supported the short ID format were switched to use the long ID format.aws ec2 describe-id-format
-
For API details, see DescribeIdFormat
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-identity-id-format
.
- Amazon CLI
-
To describe the ID format for an IAM role
The following
describe-identity-id-format
example describes the ID format received by instances created by the IAM roleEC2Role
in your Amazon account.aws ec2 describe-identity-id-format \ --principal-arn
arn:aws:iam::123456789012:role/my-iam-role
\ --resourceinstance
The following output indicates that instances created by this role receive IDs in long ID format.
{ "Statuses": [ { "Deadline": "2016-12-15T00:00:00Z", "Resource": "instance", "UseLongIds": true } ] }
To describe the ID format for an IAM user
The following
describe-identity-id-format
example describes the ID format received by snapshots created by the IAM userAdminUser
in your Amazon account.aws ec2 describe-identity-id-format \ --principal-arn
arn:aws:iam::123456789012:user/AdminUser
\ --resourcesnapshot
The output indicates that snapshots created by this user receive IDs in long ID format.
{ "Statuses": [ { "Deadline": "2016-12-15T00:00:00Z", "Resource": "snapshot", "UseLongIds": true } ] }
-
For API details, see DescribeIdentityIdFormat
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-image-attribute
.
- Amazon CLI
-
To describe the launch permissions for an AMI
This example describes the launch permissions for the specified AMI.
Command:
aws ec2 describe-image-attribute --image-id
ami-5731123e
--attributelaunchPermission
Output:
{ "LaunchPermissions": [ { "UserId": "123456789012" } ], "ImageId": "ami-5731123e", }
To describe the product codes for an AMI
This example describes the product codes for the specified AMI. Note that this AMI has no product codes.
Command:
aws ec2 describe-image-attribute --image-id
ami-5731123e
--attributeproductCodes
Output:
{ "ProductCodes": [], "ImageId": "ami-5731123e", }
-
For API details, see DescribeImageAttribute
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-images
.
- Amazon CLI
-
Example 1: To describe an AMI
The following
describe-images
example describes the specified AMI in the specified Region.aws ec2 describe-images \ --region
us-east-1
\ --image-idsami-1234567890EXAMPLE
Output:
{ "Images": [ { "VirtualizationType": "hvm", "Description": "Provided by Red Hat, Inc.", "PlatformDetails": "Red Hat Enterprise Linux", "EnaSupport": true, "Hypervisor": "xen", "State": "available", "SriovNetSupport": "simple", "ImageId": "ami-1234567890EXAMPLE", "UsageOperation": "RunInstances:0010", "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "SnapshotId": "snap-111222333444aaabb", "DeleteOnTermination": true, "VolumeType": "gp2", "VolumeSize": 10, "Encrypted": false } } ], "Architecture": "x86_64", "ImageLocation": "123456789012/RHEL-8.0.0_HVM-20190618-x86_64-1-Hourly2-GP2", "RootDeviceType": "ebs", "OwnerId": "123456789012", "RootDeviceName": "/dev/sda1", "CreationDate": "2019-05-10T13:17:12.000Z", "Public": true, "ImageType": "machine", "Name": "RHEL-8.0.0_HVM-20190618-x86_64-1-Hourly2-GP2" } ] }
For more information, see Amazon Machine Images (AMI)
in the Amazon EC2 User Guide. Example 2: To describe AMIs based on filters
The following
describe-images
example describes Windows AMIs provided by Amazon that are backed by Amazon EBS.aws ec2 describe-images \ --owners
amazon
\ --filters"Name=platform,Values=windows"
"Name=root-device-type,Values=ebs"
For an example of the output for
describe-images
, see Example 1.For additional examples using filters, see Listing and filtering your resources
in the Amazon EC2 User Guide. Example 3: To describe AMIs based on tags
The following
describe-images
example describes all AMIs that have the tagType=Custom
. The example uses the--query
parameter to display only the AMI IDs.aws ec2 describe-images \ --filters
"Name=tag:Type,Values=Custom"
\ --query 'Images[*].[ImageId]
' \ --outputtext
Output:
ami-1234567890EXAMPLE ami-0abcdef1234567890
For additional examples using tag filters, see Working with tags
in the Amazon EC2 User Guide. -
For API details, see DescribeImages
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-import-image-tasks
.
- Amazon CLI
-
To monitor an import image task
The following
describe-import-image-tasks
example checks the status of the specified import image task.aws ec2 describe-import-image-tasks \ --import-task-ids
import-ami-1234567890abcdef0
Output for an import image task that is in progress.
{ "ImportImageTasks": [ { "ImportTaskId": "import-ami-1234567890abcdef0", "Progress": "28", "SnapshotDetails": [ { "DiskImageSize": 705638400.0, "Format": "ova", "Status": "completed", "UserBucket": { "S3Bucket": "my-import-bucket", "S3Key": "vms/my-server-vm.ova" } } ], "Status": "active", "StatusMessage": "converting" } ] }
Output for an import image task that is completed. The ID of the resulting AMI is provided by
ImageId
.{ "ImportImageTasks": [ { "ImportTaskId": "import-ami-1234567890abcdef0", "ImageId": "ami-1234567890abcdef0", "SnapshotDetails": [ { "DiskImageSize": 705638400.0, "Format": "ova", "SnapshotId": "snap-1234567890abcdef0" "Status": "completed", "UserBucket": { "S3Bucket": "my-import-bucket", "S3Key": "vms/my-server-vm.ova" } } ], "Status": "completed" } ] }
-
For API details, see DescribeImportImageTasks
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-import-snapshot-tasks
.
- Amazon CLI
-
To monitor an import snapshot task
The following
describe-import-snapshot-tasks
example checks the status of the specified import snapshot task.aws ec2 describe-import-snapshot-tasks \ --import-task-ids
import-snap-1234567890abcdef0
Output for an import snapshot task that is in progress:
{ "ImportSnapshotTasks": [ { "Description": "My server VMDK", "ImportTaskId": "import-snap-1234567890abcdef0", "SnapshotTaskDetail": { "Description": "My server VMDK", "DiskImageSize": "705638400.0", "Format": "VMDK", "Progress": "42", "Status": "active", "StatusMessage": "downloading/converting", "UserBucket": { "S3Bucket": "my-import-bucket", "S3Key": "vms/my-server-vm.vmdk" } } } ] }
Output for an import snapshot task that is completed. The ID of the resulting snapshot is provided by
SnapshotId
.{ "ImportSnapshotTasks": [ { "Description": "My server VMDK", "ImportTaskId": "import-snap-1234567890abcdef0", "SnapshotTaskDetail": { "Description": "My server VMDK", "DiskImageSize": "705638400.0", "Format": "VMDK", "SnapshotId": "snap-1234567890abcdef0" "Status": "completed", "UserBucket": { "S3Bucket": "my-import-bucket", "S3Key": "vms/my-server-vm.vmdk" } } } ] }
-
For API details, see DescribeImportSnapshotTasks
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-attribute
.
- Amazon CLI
-
To describe the instance type
This example describes the instance type of the specified instance.
Command:
aws ec2 describe-instance-attribute --instance-id
i-1234567890abcdef0
--attributeinstanceType
Output:
{ "InstanceId": "i-1234567890abcdef0" "InstanceType": { "Value": "t1.micro" } }
To describe the disableApiTermination attribute
This example describes the
disableApiTermination
attribute of the specified instance.Command:
aws ec2 describe-instance-attribute --instance-id
i-1234567890abcdef0
--attributedisableApiTermination
Output:
{ "InstanceId": "i-1234567890abcdef0" "DisableApiTermination": { "Value": "false" } }
To describe the block device mapping for an instance
This example describes the
blockDeviceMapping
attribute of the specified instance.Command:
aws ec2 describe-instance-attribute --instance-id
i-1234567890abcdef0
--attributeblockDeviceMapping
Output:
{ "InstanceId": "i-1234567890abcdef0" "BlockDeviceMappings": [ { "DeviceName": "/dev/sda1", "Ebs": { "Status": "attached", "DeleteOnTermination": true, "VolumeId": "vol-049df61146c4d7901", "AttachTime": "2013-05-17T22:42:34.000Z" } }, { "DeviceName": "/dev/sdf", "Ebs": { "Status": "attached", "DeleteOnTermination": false, "VolumeId": "vol-049df61146c4d7901", "AttachTime": "2013-09-10T23:07:00.000Z" } } ], }
-
For API details, see DescribeInstanceAttribute
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-connect-endpoints
.
- Amazon CLI
-
To describe an EC2 Instance Connect Endpoint
The following
describe-instance-connect-endpoints
example describes the specified EC2 Instance Connect Endpoint.aws ec2 describe-instance-connect-endpoints \ --region
us-east-1
\ --instance-connect-endpoint-idseice-0123456789example
Output:
{ "InstanceConnectEndpoints": [ { "OwnerId": "111111111111", "InstanceConnectEndpointId": "eice-0123456789example", "InstanceConnectEndpointArn": "arn:aws:ec2:us-east-1:111111111111:instance-connect-endpoint/eice-0123456789example", "State": "create-complete", "StateMessage": "", "DnsName": "eice-0123456789example.b67b86ba.ec2-instance-connect-endpoint.us-east-1.amazonaws.com", "NetworkInterfaceIds": [ "eni-0123456789example" ], "VpcId": "vpc-0123abcd", "AvailabilityZone": "us-east-1d", "CreatedAt": "2023-02-07T12:05:37+00:00", "SubnetId": "subnet-0123abcd", "Tags": [] } ] }
For more information, see Create an EC2 Instance Connect Endpoint
in the Amazon EC2 User Guide. -
For API details, see DescribeInstanceConnectEndpoints
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-credit-specifications
.
- Amazon CLI
-
To describe the credit option for CPU usage of one or more instances
The following
describe-instance-credit-specifications
example describes the CPU credit option for the specified instance.aws ec2 describe-instance-credit-specifications \ --instance-ids
i-1234567890abcdef0
Output:
{ "InstanceCreditSpecifications": [ { "InstanceId": "i-1234567890abcdef0", "CpuCredits": "unlimited" } ] }
For more information, see Work with burstable performance instances
in the Amazon EC2 User Guide. -
For API details, see DescribeInstanceCreditSpecifications
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-event-notification-attributes
.
- Amazon CLI
-
To describe the tags for scheduled event notifications
The following
describe-instance-event-notification-attributes
example describes the tags to appear in scheduled event notifications.aws ec2 describe-instance-event-notification-attributes
Output:
{ "InstanceTagAttribute": { "InstanceTagKeys": [], "IncludeAllTagsOfInstance": true } }
For more information, see Scheduled events for your instances
in the Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DescribeInstanceEventNotificationAttributes
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-event-windows
.
- Amazon CLI
-
Example 1: To describe all event windows
The following
describe-instance-event-windows
example describes all event windows in the specified Region.aws ec2 describe-instance-event-windows \ --region
us-east-1
Output:
{ "InstanceEventWindows": [ { "InstanceEventWindowId": "iew-0abcdef1234567890", "Name": "myEventWindowName", "CronExpression": "* 21-23 * * 2,3", "AssociationTarget": { "InstanceIds": [ "i-1234567890abcdef0", "i-0598c7d356eba48d7" ], "Tags": [], "DedicatedHostIds": [] }, "State": "active", "Tags": [] } ... ], "NextToken": "9d624e0c-388b-4862-a31e-a85c64fc1d4a" }
Example 2: To describe a specific event window
The following
describe-instance-event-windows
example describes a specific event by using theinstance-event-window
parameter to describe a specific event window.aws ec2 describe-instance-event-windows \ --region
us-east-1
\ --instance-event-window-idsiew-0abcdef1234567890
Output:
{ "InstanceEventWindows": [ { "InstanceEventWindowId": "iew-0abcdef1234567890", "Name": "myEventWindowName", "CronExpression": "* 21-23 * * 2,3", "AssociationTarget": { "InstanceIds": [ "i-1234567890abcdef0", "i-0598c7d356eba48d7" ], "Tags": [], "DedicatedHostIds": [] }, "State": "active", "Tags": [] } }
Example 3: To describe event windows that match one or more filters
The following
describe-instance-event-windows
example describes event windows that match one or more filters using thefilter
parameter. Theinstance-id
filter is used to describe all of the event windows that are associated with the specified instance. When a filter is used, it performs a direct match. However, theinstance-id
filter is different. If there is no direct match to the instance ID, then it falls back to indirect associations with the event window, such as the tags of the instance or Dedicated Host ID (if the instance is a Dedicated Host).aws ec2 describe-instance-event-windows \ --region
us-east-1
\ --filtersName=instance-id,Values=i-1234567890abcdef0
\ --max-results100
\ --next-token<next-token-value>
Output:
{ "InstanceEventWindows": [ { "InstanceEventWindowId": "iew-0dbc0adb66f235982", "TimeRanges": [ { "StartWeekDay": "sunday", "StartHour": 2, "EndWeekDay": "sunday", "EndHour": 8 } ], "Name": "myEventWindowName", "AssociationTarget": { "InstanceIds": [], "Tags": [], "DedicatedHostIds": [ "h-0140d9a7ecbd102dd" ] }, "State": "active", "Tags": [] } ] }
In the example output, the instance is on a Dedicated Host, which is associated with the event window.
For event window constraints, see Considerations
in the Amazon EC2 User Guide. -
For API details, see DescribeInstanceEventWindows
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-status
.
- Amazon CLI
-
To describe the status of an instance
The following
describe-instance-status
example describes the current status of the specified instance.aws ec2 describe-instance-status \ --instance-ids
i-1234567890abcdef0
Output:
{ "InstanceStatuses": [ { "InstanceId": "i-1234567890abcdef0", "InstanceState": { "Code": 16, "Name": "running" }, "AvailabilityZone": "us-east-1d", "SystemStatus": { "Status": "ok", "Details": [ { "Status": "passed", "Name": "reachability" } ] }, "InstanceStatus": { "Status": "ok", "Details": [ { "Status": "passed", "Name": "reachability" } ] } } ] }
For more information, see Monitor the status of your instances
in the Amazon EC2 User Guide. -
For API details, see DescribeInstanceStatus
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-topology
.
- Amazon CLI
-
To describe the instance topology of all your instances
The following
describe-instance-topology
example describes the topology of all your instances that match the supported instance types for this command.aws ec2 describe-instance-topology \ --region
us-west-2
Output:
{ "Instances": [ { "InstanceId": "i-1111111111example", "InstanceType": "p4d.24xlarge", "GroupName": "my-ml-cpg", "NetworkNodes": [ "nn-1111111111example", "nn-2222222222example", "nn-3333333333example" ], "ZoneId": "usw2-az2", "AvailabilityZone": "us-west-2a" }, { "InstanceId": "i-2222222222example", "InstanceType": "p4d.24xlarge", "NetworkNodes": [ "nn-1111111111example", "nn-2222222222example", "nn-3333333333example" ], "ZoneId": "usw2-az2", "AvailabilityZone": "us-west-2a" }, { "InstanceId": "i-3333333333example", "InstanceType": "trn1.32xlarge", "NetworkNodes": [ "nn-1212121212example", "nn-1211122211example", "nn-1311133311example" ], "ZoneId": "usw2-az4", "AvailabilityZone": "us-west-2d" }, { "InstanceId": "i-444444444example", "InstanceType": "trn1.2xlarge", "NetworkNodes": [ "nn-1111111111example", "nn-5434334334example", "nn-1235301234example" ], "ZoneId": "usw2-az2", "AvailabilityZone": "us-west-2a" } ], "NextToken": "SomeEncryptedToken" }
For more information, including more examples, see Amazon EC2 instance topology
in the Amazon EC2 User Guide. -
For API details, see DescribeInstanceTopology
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-type-offerings
.
- Amazon CLI
-
Example 1: To list the instance types offered in a Region
The following
describe-instance-type-offerings
example lists the instance types offered in the Region configured as the default Region for the Amazon CLI.aws ec2 describe-instance-type-offerings
To list the instance types offered in a different Region, specify the Region using the
--region
parameter.aws ec2 describe-instance-type-offerings \ --region
us-east-2
Output:
{ "InstanceTypeOfferings": [ { "InstanceType": "m5.2xlarge", "LocationType": "region", "Location": "us-east-2" }, { "InstanceType": "t3.micro", "LocationType": "region", "Location": "us-east-2" }, ... ] }
Example 2: To list the instance types offered in an Availability Zone
The following
describe-instance-type-offerings
example lists the instance types offered in the specified Availability Zone. The Availability Zone must be in the specified Region.aws ec2 describe-instance-type-offerings \ --location-type
availability-zone
\ --filtersName=location,Values=us-east-2a
\ --regionus-east-2
Example 3: To check whether an instance type is supported
The following
describe-instance-type-offerings
command indicates whether thec5.xlarge
instance type is supported in the specified Region.aws ec2 describe-instance-type-offerings \ --filters
Name=instance-type,Values=c5.xlarge
\ --regionus-east-2
The following
describe-instance-type-offerings
example lists all C5 instance types that are supported in the specified Region.aws ec2 describe-instance-type-offerings \ --filters
Name=instance-type,Values=c5*
\ --query"InstanceTypeOfferings[].InstanceType"
\ --regionus-east-2
Output:
[ "c5d.12xlarge", "c5d.9xlarge", "c5n.xlarge", "c5.xlarge", "c5d.metal", "c5n.metal", "c5.large", "c5d.2xlarge", "c5n.4xlarge", "c5.2xlarge", "c5n.large", "c5n.9xlarge", "c5d.large", "c5.18xlarge", "c5d.18xlarge", "c5.12xlarge", "c5n.18xlarge", "c5.metal", "c5d.4xlarge", "c5.24xlarge", "c5d.xlarge", "c5n.2xlarge", "c5d.24xlarge", "c5.9xlarge", "c5.4xlarge" ]
-
For API details, see DescribeInstanceTypeOfferings
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instance-types
.
- Amazon CLI
-
Example 1: To describe an instance type
The following
describe-instance-types
example displays details for the specified instance type.aws ec2 describe-instance-types \ --instance-types
t2.micro
Output:
{ "InstanceTypes": [ { "InstanceType": "t2.micro", "CurrentGeneration": true, "FreeTierEligible": true, "SupportedUsageClasses": [ "on-demand", "spot" ], "SupportedRootDeviceTypes": [ "ebs" ], "BareMetal": false, "Hypervisor": "xen", "ProcessorInfo": { "SupportedArchitectures": [ "i386", "x86_64" ], "SustainedClockSpeedInGhz": 2.5 }, "VCpuInfo": { "DefaultVCpus": 1, "DefaultCores": 1, "DefaultThreadsPerCore": 1, "ValidCores": [ 1 ], "ValidThreadsPerCore": [ 1 ] }, "MemoryInfo": { "SizeInMiB": 1024 }, "InstanceStorageSupported": false, "EbsInfo": { "EbsOptimizedSupport": "unsupported", "EncryptionSupport": "supported" }, "NetworkInfo": { "NetworkPerformance": "Low to Moderate", "MaximumNetworkInterfaces": 2, "Ipv4AddressesPerInterface": 2, "Ipv6AddressesPerInterface": 2, "Ipv6Supported": true, "EnaSupport": "unsupported" }, "PlacementGroupInfo": { "SupportedStrategies": [ "partition", "spread" ] }, "HibernationSupported": false, "BurstablePerformanceSupported": true, "DedicatedHostsSupported": false, "AutoRecoverySupported": true } ] }
For more information, see Instance Types
in Amazon Elastic Compute Cloud User Guide for Linux Instances. Example 2: To filter the available instance types
You can specify a filter to scope the results to instance types that have a specific characteristic. The following
describe-instance-types
example lists the instance types that support hibernation.aws ec2 describe-instance-types \ --filters
Name=hibernation-supported,Values=true
--query 'InstanceTypes[*].InstanceType
'Output:
[ "m5.8xlarge", "r3.large", "c3.8xlarge", "r5.large", "m4.4xlarge", "c4.large", "m5.xlarge", "m4.xlarge", "c3.large", "c4.8xlarge", "c4.4xlarge", "c5.xlarge", "c5.12xlarge", "r5.4xlarge", "c5.4xlarge" ]
For more information, see Instance Types
in Amazon Elastic Compute Cloud User Guide for Linux Instances. -
For API details, see DescribeInstanceTypes
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-instances
.
- Amazon CLI
-
Example 1: To describe an instance
The following
describe-instances
example describes the specified instance.aws ec2 describe-instances \ --instance-ids
i-1234567890abcdef0
Output:
{ "Reservations": [ { "Groups": [], "Instances": [ { "AmiLaunchIndex": 0, "ImageId": "ami-0abcdef1234567890", "InstanceId": "i-1234567890abcdef0", "InstanceType": "t3.nano", "KeyName": "my-key-pair", "LaunchTime": "2022-11-15T10:48:59+00:00", "Monitoring": { "State": "disabled" }, "Placement": { "AvailabilityZone": "us-east-2a", "GroupName": "", "Tenancy": "default" }, "PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal", "PrivateIpAddress": "10-0-0-157", "ProductCodes": [], "PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com", "PublicIpAddress": "34.253.223.13", "State": { "Code": 16, "Name": "running" }, "StateTransitionReason": "", "SubnetId": "subnet-04a636d18e83cfacb", "VpcId": "vpc-1234567890abcdef0", "Architecture": "x86_64", "BlockDeviceMappings": [ { "DeviceName": "/dev/xvda", "Ebs": { "AttachTime": "2022-11-15T10:49:00+00:00", "DeleteOnTermination": true, "Status": "attached", "VolumeId": "vol-02e6ccdca7de29cf2" } } ], "ClientToken": "1234abcd-1234-abcd-1234-d46a8903e9bc", "EbsOptimized": true, "EnaSupport": true, "Hypervisor": "xen", "IamInstanceProfile": { "Arn": "arn:aws:iam::111111111111:instance-profile/AmazonSSMRoleForInstancesQuickSetup", "Id": "111111111111111111111" }, "NetworkInterfaces": [ { "Association": { "IpOwnerId": "amazon", "PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com", "PublicIp": "34.253.223.13" }, "Attachment": { "AttachTime": "2022-11-15T10:48:59+00:00", "AttachmentId": "eni-attach-1234567890abcdefg", "DeleteOnTermination": true, "DeviceIndex": 0, "Status": "attached", "NetworkCardIndex": 0 }, "Description": "", "Groups": [ { "GroupName": "launch-wizard-146", "GroupId": "sg-1234567890abcdefg" } ], "Ipv6Addresses": [], "MacAddress": "00:11:22:33:44:55", "NetworkInterfaceId": "eni-1234567890abcdefg", "OwnerId": "104024344472", "PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal", "PrivateIpAddress": "10-0-0-157", "PrivateIpAddresses": [ { "Association": { "IpOwnerId": "amazon", "PublicDnsName": "ec2-34-253-223-13.us-east-2.compute.amazonaws.com", "PublicIp": "34.253.223.13" }, "Primary": true, "PrivateDnsName": "ip-10-0-0-157.us-east-2.compute.internal", "PrivateIpAddress": "10-0-0-157" } ], "SourceDestCheck": true, "Status": "in-use", "SubnetId": "subnet-1234567890abcdefg", "VpcId": "vpc-1234567890abcdefg", "InterfaceType": "interface" } ], "RootDeviceName": "/dev/xvda", "RootDeviceType": "ebs", "SecurityGroups": [ { "GroupName": "launch-wizard-146", "GroupId": "sg-1234567890abcdefg" } ], "SourceDestCheck": true, "Tags": [ { "Key": "Name", "Value": "my-instance" } ], "VirtualizationType": "hvm", "CpuOptions": { "CoreCount": 1, "ThreadsPerCore": 2 }, "CapacityReservationSpecification": { "CapacityReservationPreference": "open" }, "HibernationOptions": { "Configured": false }, "MetadataOptions": { "State": "applied", "HttpTokens": "optional", "HttpPutResponseHopLimit": 1, "HttpEndpoint": "enabled", "HttpProtocolIpv6": "disabled", "InstanceMetadataTags": "enabled" }, "EnclaveOptions": { "Enabled": false }, "PlatformDetails": "Linux/UNIX", "UsageOperation": "RunInstances", "UsageOperationUpdateTime": "2022-11-15T10:48:59+00:00", "PrivateDnsNameOptions": { "HostnameType": "ip-name", "EnableResourceNameDnsARecord": true, "EnableResourceNameDnsAAAARecord": false }, "MaintenanceOptions": { "AutoRecovery": "default" } } ], "OwnerId": "111111111111", "ReservationId": "r-1234567890abcdefg" } ] }
Example 2: To filter for instances with the specified type
The following
describe-instances
example uses filters to scope the results to instances of the specified type.aws ec2 describe-instances \ --filters
Name=instance-type,Values=m5.large
For example output, see Example 1.
For more information, see List and filter using the CLI
in the Amazon EC2 User Guide. Example 3: To filter for instances with the specified type and Availability Zone
The following
describe-instances
example uses multiple filters to scope the results to instances with the specified type that are also in the specified Availability Zone.aws ec2 describe-instances \ --filters
Name=instance-type,Values=t2.micro,t3.micro
Name=availability-zone,Values=us-east-2c
For example output, see Example 1.
Example 4: To filter for instances with the specified type and Availability Zone using a JSON file
The following
describe-instances
example uses a JSON input file to perform the same filtering as the previous example. When filters get more complicated, they can be easier to specify in a JSON file.aws ec2 describe-instances \ --filters
file://filters.json
Contents of
filters.json
:[ { "Name": "instance-type", "Values": ["t2.micro", "t3.micro"] }, { "Name": "availability-zone", "Values": ["us-east-2c"] } ]
For example output, see Example 1.
Example 5: To filter for instances with the specified Owner tag
The following
describe-instances
example uses tag filters to scope the results to instances that have a tag with the specified tag key (Owner), regardless of the tag value.aws ec2 describe-instances \ --filters
"Name=tag-key,Values=Owner"
For example output, see Example 1.
Example 6: To filter for instances with the specified my-team tag value
The following
describe-instances
example uses tag filters to scope the results to instances that have a tag with the specified tag value (my-team), regardless of the tag key.aws ec2 describe-instances \ --filters
"Name=tag-value,Values=my-team"
For example output, see Example 1.
Example 7: To filter for instances with the specified Owner tag and my-team value
The following
describe-instances
example uses tag filters to scope the results to instances that have the specified tag (Owner=my-team).aws ec2 describe-instances \ --filters
"Name=tag:Owner,Values=my-team"
For example output, see Example 1.
Example 8: To display only instance and subnet IDs for all instances
The following
describe-instances
examples use the--query
parameter to display only the instance and subnet IDs for all instances, in JSON format.Linux and macOS:
aws ec2 describe-instances \ --query '
Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}
' \ --outputjson
Windows:
aws ec2 describe-instances
^
--query"Reservations[*].Instances[*].{Instance:InstanceId,Subnet:SubnetId}"
^
--outputjson
Output:
[ { "Instance": "i-057750d42936e468a", "Subnet": "subnet-069beee9b12030077" }, { "Instance": "i-001efd250faaa6ffa", "Subnet": "subnet-0b715c6b7db68927a" }, { "Instance": "i-027552a73f021f3bd", "Subnet": "subnet-0250c25a1f4e15235" } ... ]
Example 9: To filter instances of the specified type and only display their instance IDs
The following
describe-instances
example uses filters to scope the results to instances of the specified type and the--query
parameter to display only the instance IDs.aws ec2 describe-instances \ --filters
"Name=instance-type,Values=t2.micro"
\ --query"Reservations[*].Instances[*].[InstanceId]"
\ --outputtext
Output:
i-031c0dc19de2fb70c i-00d8bff789a736b75 i-0b715c6b7db68927a i-0626d4edd54f1286d i-00b8ae04f9f99908e i-0fc71c25d2374130c
Example 10: To filter instances of the specified type and only display their instance IDs, Availability Zone, and the specified tag value
The following
describe-instances
examples display the instance ID, Availability Zone, and the value of theName
tag for instances that have a tag with the nametag-key
, in table format.Linux and macOS:
aws ec2 describe-instances \ --filters
Name=tag-key,Values=Name
\ --query 'Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key==`Name`]|[0].Value}
' \ --outputtable
Windows:
aws ec2 describe-instances
^
--filtersName=tag-key,Values=Name
^
--query"Reservations[*].Instances[*].{Instance:InstanceId,AZ:Placement.AvailabilityZone,Name:Tags[?Key=='Name']|[0].Value}"
^
--outputtable
Output:
------------------------------------------------------------- | DescribeInstances | +--------------+-----------------------+--------------------+ | AZ | Instance | Name | +--------------+-----------------------+--------------------+ | us-east-2b | i-057750d42936e468a | my-prod-server | | us-east-2a | i-001efd250faaa6ffa | test-server-1 | | us-east-2a | i-027552a73f021f3bd | test-server-2 | +--------------+-----------------------+--------------------+
Example 11: To describe instances in a partition placement group
The following
describe-instances
example describes the specified instance. The output includes the placement information for the instance, which contains the placement group name and the partition number for the instance.aws ec2 describe-instances \ --instance-ids
i-0123a456700123456
\ --query"Reservations[*].Instances[*].Placement"
Output:
[ [ { "AvailabilityZone": "us-east-1c", "GroupName": "HDFS-Group-A", "PartitionNumber": 3, "Tenancy": "default" } ] ]
For more information, see Describing instances in a placement group
in the Amazon EC2 User Guide. Example 12: To filter to instances with the specified placement group and partition number
The following
describe-instances
example filters the results to only those instances with the specified placement group and partition number.aws ec2 describe-instances \ --filters
"Name=placement-group-name,Values=HDFS-Group-A"
"Name=placement-partition-number,Values=7"
The following shows only the relevant information from the output.
"Instances": [ { "InstanceId": "i-0123a456700123456", "InstanceType": "r4.large", "Placement": { "AvailabilityZone": "us-east-1c", "GroupName": "HDFS-Group-A", "PartitionNumber": 7, "Tenancy": "default" } }, { "InstanceId": "i-9876a543210987654", "InstanceType": "r4.large", "Placement": { "AvailabilityZone": "us-east-1c", "GroupName": "HDFS-Group-A", "PartitionNumber": 7, "Tenancy": "default" } ],
For more information, see Describing instances in a placement group
in the Amazon EC2 User Guide. Example 13: To filter to instances that are configured to allow access to tags from instance metadata
The following
describe-instances
example filters the results to only those instances that are configured to allow access to instance tags from instance metadata.aws ec2 describe-instances \ --filters
"Name=metadata-options.instance-metadata-tags,Values=enabled"
\ --query"Reservations[*].Instances[*].InstanceId"
\ --outputtext
The following shows the expected output.
i-1234567890abcdefg i-abcdefg1234567890 i-11111111aaaaaaaaa i-aaaaaaaa111111111
For more information, see Work with instance tags in instance metadata
in the Amazon EC2 User Guide. -
For API details, see DescribeInstances
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-internet-gateways
.
- Amazon CLI
-
To describe an internet gateway
The following
describe-internet-gateways
example describes the specified internet gateway.aws ec2 describe-internet-gateways \ --internet-gateway-ids
igw-0d0fb496b3EXAMPLE
Output:
{ "InternetGateways": [ { "Attachments": [ { "State": "available", "VpcId": "vpc-0a60eb65b4EXAMPLE" } ], "InternetGatewayId": "igw-0d0fb496b3EXAMPLE", "OwnerId": "123456789012", "Tags": [ { "Key": "Name", "Value": "my-igw" } ] } ] }
For more information, see Internet gateways
in the Amazon VPC User Guide. -
For API details, see DescribeInternetGateways
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-ipam-pools
.
- Amazon CLI
-
To view the details for an IPAM pool
The following
describe-ipam-pools
example shows the details for pools.(Linux):
aws ec2 describe-ipam-pools \ --filters
Name=owner-id,Values=123456789012
Name=ipam-scope-id,Values=ipam-scope-02fc38cd4c48e7d38
(Windows):
aws ec2 describe-ipam-pools
^
--filtersName=owner-id,Values=123456789012
Name=ipam-scope-id,Values=ipam-scope-02fc38cd4c48e7d38
Output:
{ "IpamPools": [ { "OwnerId": "123456789012", "IpamPoolId": "ipam-pool-02ec043a19bbe5d08", "IpamPoolArn": "arn:aws:ec2::123456789012:ipam-pool/ipam-pool-02ec043a19bbe5d08", "IpamScopeArn": "arn:aws:ec2::123456789012:ipam-scope/ipam-scope-02fc38cd4c48e7d38", "IpamScopeType": "private", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-08440e7a3acde3908", "IpamRegion": "us-east-1", "Locale": "None", "PoolDepth": 1, "State": "create-complete", "AutoImport": true, "AddressFamily": "ipv4", "AllocationMinNetmaskLength": 16, "AllocationMaxNetmaskLength": 26, "AllocationDefaultNetmaskLength": 24, "AllocationResourceTags": [ { "Key": "Environment", "Value": "Preprod" } ], "Tags": [ { "Key": "Name", "Value": "Preprod pool" } ] } ] }
-
For API details, see DescribeIpamPools
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-ipam-resource-discoveries
.
- Amazon CLI
-
Example 1: View complete details of resource discoveries
In this example, you're a delegated IPAM admin who wants to create and share a resource discovery with the IPAM admin in another Amazon Organization so that the admin can manage and monitor the IP addresses of resources in your organization.
This example may be useful if:
You tried to create a resource discovery, but you got an error that you've reached your limit of 1. You realize that you may have already created a resource discovery and you want to view it in your account.You have resources in a Region that are not being discovered by the IPAM. You want to view the
--operating-regions
defined for the resource and ensure that you've added the right Region as an operating Region so that the resources there can be discovered.The following
describe-ipam-resource-discoveries
example lists the details of the resource discovery in your Amazon account. You can have one resource discovery per Amazon Region.aws ec2 describe-ipam-resource-discoveries \ --region
us-east-1
Output:
{ "IpamResourceDiscoveries": [ { "OwnerId": "149977607591", "IpamResourceDiscoveryId": "ipam-res-disco-0f8bdee9067137c0d", "IpamResourceDiscoveryArn": "arn:aws:ec2::149977607591:ipam-resource-discovery/ipam-res-disco-0f8bdee9067137c0d", "IpamResourceDiscoveryRegion": "us-east-1", "OperatingRegions": [ { "RegionName": "us-east-1" } ], "IsDefault": false, "State": "create-complete", "Tags": [] } ] }
For more information, see Integrate IPAM with accounts outside of your organization
in the Amazon VPC IPAM User Guide. Example 2: View only resource discovery IDs
The following
describe-ipam-resource-discoveries
example lists the ID of the resource discovery in your Amazon account. You can have one resource discovery per Amazon Region.aws ec2 describe-ipam-resource-discoveries \ --query
"IpamResourceDiscoveries[*].IpamResourceDiscoveryId"
\ --outputtext
Output:
ipam-res-disco-0481e39b242860333
For more information, see Integrate IPAM with accounts outside of your organization
in the Amazon VPC IPAM User Guide. -
For API details, see DescribeIpamResourceDiscoveries
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-ipam-resource-discovery-associations
.
- Amazon CLI
-
To view all resource discovery associations with your IPAM
In this example, you're a IPAM delegated admin who has associated resource discoveries with your IPAM to integrate other accounts with your IPAM. You've noticed that your IPAM is not discovering the resources in the operating Regions of the resource discovery as expected. You want to check the status and state of the resource discovery to ensure that the account that created it is still active and the resource discovery is still being shared.
The
--region
must be the home Region of your IPAM.The following
describe-ipam-resource-discovery-associations
example lists the resource discovery associations in your Amazon account.aws ec2 describe-ipam-resource-discovery-associations \ --region
us-east-1
Output:
{ "IpamResourceDiscoveryAssociations": [ { "OwnerId": "320805250157", "IpamResourceDiscoveryAssociationId": "ipam-res-disco-assoc-05e6b45eca5bf5cf7", "IpamResourceDiscoveryAssociationArn": "arn:aws:ec2::320805250157:ipam-resource-discovery-association/ipam-res-disco-assoc-05e6b45eca5bf5cf7", "IpamResourceDiscoveryId": "ipam-res-disco-0f4ef577a9f37a162", "IpamId": "ipam-005f921c17ebd5107", "IpamArn": "arn:aws:ec2::320805250157:ipam/ipam-005f921c17ebd5107", "IpamRegion": "us-east-1", "IsDefault": true, "ResourceDiscoveryStatus": "active", "State": "associate-complete", "Tags": [] }, { "OwnerId": "149977607591", "IpamResourceDiscoveryAssociationId": "ipam-res-disco-assoc-0dfd21ae189ab5f62", "IpamResourceDiscoveryAssociationArn": "arn:aws:ec2::149977607591:ipam-resource-discovery-association/ipam-res-disco-assoc-0dfd21ae189ab5f62", "IpamResourceDiscoveryId": "ipam-res-disco-0365d2977fc1672fe", "IpamId": "ipam-005f921c17ebd5107", "IpamArn": "arn:aws:ec2::149977607591:ipam/ipam-005f921c17ebd5107", "IpamRegion": "us-east-1", "IsDefault": false, "ResourceDiscoveryStatus": "active", "State": "create-complete", "Tags": [] } ] }
In this example, after running this command, you notice that you have one non-default resource discovery (
"IsDefault": false ``) that is ``"ResourceDiscoveryStatus": "not-found"
and"State": "create-complete"
. The resource discovery owner's account has been closed. If, in another case, you notice that is"ResourceDiscoveryStatus": "not-found"
and"State": "associate-complete"
, this indicates that one of the following has happened:The resource discovery was deleted by the resource discovery owner.The resource discovery owner unshared the resource discovery.
For more information, see Integrate IPAM with accounts outside of your organization
in the Amazon VPC IPAM User Guide. -
For API details, see DescribeIpamResourceDiscoveryAssociations
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-ipam-scopes
.
- Amazon CLI
-
To view the details for an IPAM scope
The following
describe-ipam-scopes
example shows the details for scopes.aws ec2 describe-ipam-scopes \ --filters
Name=owner-id,Values=123456789012
Name=ipam-id,Values=ipam-08440e7a3acde3908
Output:
{ "IpamScopes": [ { "OwnerId": "123456789012", "IpamScopeId": "ipam-scope-02fc38cd4c48e7d38", "IpamScopeArn": "arn:aws:ec2::123456789012:ipam-scope/ipam-scope-02fc38cd4c48e7d38", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-08440e7a3acde3908", "IpamRegion": "us-east-1", "IpamScopeType": "private", "IsDefault": true, "PoolCount": 2, "State": "create-complete", "Tags": [] }, { "OwnerId": "123456789012", "IpamScopeId": "ipam-scope-0b9eed026396dbc16", "IpamScopeArn": "arn:aws:ec2::123456789012:ipam-scope/ipam-scope-0b9eed026396dbc16", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-08440e7a3acde3908", "IpamRegion": "us-east-1", "IpamScopeType": "public", "IsDefault": true, "PoolCount": 0, "State": "create-complete", "Tags": [] }, { "OwnerId": "123456789012", "IpamScopeId": "ipam-scope-0f1aff29486355c22", "IpamScopeArn": "arn:aws:ec2::123456789012:ipam-scope/ipam-scope-0f1aff29486355c22", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-08440e7a3acde3908", "IpamRegion": "us-east-1", "IpamScopeType": "private", "IsDefault": false, "Description": "Example description", "PoolCount": 0, "State": "create-complete", "Tags": [ { "Key": "Name", "Value": "Example name value" } ] } ] }
-
For API details, see DescribeIpamScopes
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-ipams
.
- Amazon CLI
-
To view the details for an IPAM
The following
describe-ipams
example shows the details of an IPAM.aws ec2 describe-ipams \ --filters
Name=owner-id,Values=123456789012
Output:
{ "Ipams": [ { "OwnerId": "123456789012", "IpamId": "ipam-08440e7a3acde3908", "IpamArn": "arn:aws:ec2::123456789012:ipam/ipam-08440e7a3acde3908", "IpamRegion": "us-east-1", "PublicDefaultScopeId": "ipam-scope-0b9eed026396dbc16", "PrivateDefaultScopeId": "ipam-scope-02fc38cd4c48e7d38", "ScopeCount": 3, "OperatingRegions": [ { "RegionName": "us-east-1" }, { "RegionName": "us-east-2" }, { "RegionName": "us-west-1" } ], "State": "create-complete", "Tags": [ { "Key": "Name", "Value": "ExampleIPAM" } ] } ] }
-
For API details, see DescribeIpams
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-ipv6-pools
.
- Amazon CLI
-
To describe your IPv6 address pools
The following
describe-ipv6-pools
example displays details for all of your IPv6 address pools.aws ec2 describe-ipv6-pools
Output:
{ "Ipv6Pools": [ { "PoolId": "ipv6pool-ec2-012345abc12345abc", "PoolCidrBlocks": [ { "Cidr": "2001:db8:123::/48" } ], "Tags": [ { "Key": "pool-1", "Value": "public" } ] } ] }
-
For API details, see DescribeIpv6Pools
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-key-pairs
.
- Amazon CLI
-
To display a key pair
The following
describe-key-pairs
example displays information about the specified key pair.aws ec2 describe-key-pairs \ --key-names
my-key-pair
Output:
{ "KeyPairs": [ { "KeyPairId": "key-0b94643da6EXAMPLE", "KeyFingerprint": "1f:51:ae:28:bf:89:e9:d8:1f:25:5d:37:2d:7d:b8:ca:9f:f5:f1:6f", "KeyName": "my-key-pair", "KeyType": "rsa", "Tags": [], "CreateTime": "2022-05-27T21:51:16.000Z" } ] }
For more information, see Describe public keys
in the Amazon EC2 User Guide. -
For API details, see DescribeKeyPairs
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-launch-template-versions
.
- Amazon CLI
-
To describe launch template versions
This example describes the versions of the specified launch template.
Command:
aws ec2 describe-launch-template-versions --launch-template-id
lt-068f72b72934aff71
Output:
{ "LaunchTemplateVersions": [ { "LaunchTemplateId": "lt-068f72b72934aff71", "LaunchTemplateName": "Webservers", "VersionNumber": 3, "CreatedBy": "arn:aws:iam::123456789102:root", "LaunchTemplateData": { "KeyName": "kp-us-east", "ImageId": "ami-6057e21a", "InstanceType": "t2.small", "NetworkInterfaces": [ { "SubnetId": "subnet-7b16de0c", "DeviceIndex": 0, "Groups": [ "sg-7c227019" ] } ] }, "DefaultVersion": false, "CreateTime": "2017-11-20T13:19:54.000Z" }, { "LaunchTemplateId": "lt-068f72b72934aff71", "LaunchTemplateName": "Webservers", "VersionNumber": 2, "CreatedBy": "arn:aws:iam::123456789102:root", "LaunchTemplateData": { "KeyName": "kp-us-east", "ImageId": "ami-6057e21a", "InstanceType": "t2.medium", "NetworkInterfaces": [ { "SubnetId": "subnet-1a2b3c4d", "DeviceIndex": 0, "Groups": [ "sg-7c227019" ] } ] }, "DefaultVersion": false, "CreateTime": "2017-11-20T13:12:32.000Z" }, { "LaunchTemplateId": "lt-068f72b72934aff71", "LaunchTemplateName": "Webservers", "VersionNumber": 1, "CreatedBy": "arn:aws:iam::123456789102:root", "LaunchTemplateData": { "UserData": "", "KeyName": "kp-us-east", "ImageId": "ami-aabbcc11", "InstanceType": "t2.medium", "NetworkInterfaces": [ { "SubnetId": "subnet-7b16de0c", "DeviceIndex": 0, "DeleteOnTermination": false, "Groups": [ "sg-7c227019" ], "AssociatePublicIpAddress": true } ] }, "DefaultVersion": true, "CreateTime": "2017-11-20T12:52:33.000Z" } ] }
-
For API details, see DescribeLaunchTemplateVersions
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-launch-templates
.
- Amazon CLI
-
To describe launch templates
This example describes your launch templates.
Command:
aws ec2 describe-launch-templates
Output:
{ "LaunchTemplates": [ { "LatestVersionNumber": 2, "LaunchTemplateId": "lt-0e06d290751193123", "LaunchTemplateName": "TemplateForWebServer", "DefaultVersionNumber": 2, "CreatedBy": "arn:aws:iam::123456789012:root", "CreateTime": "2017-11-27T09:30:23.000Z" }, { "LatestVersionNumber": 6, "LaunchTemplateId": "lt-0c45b5e061ec98456", "LaunchTemplateName": "DBServersTemplate", "DefaultVersionNumber": 1, "CreatedBy": "arn:aws:iam::123456789012:root", "CreateTime": "2017-11-20T09:25:22.000Z" }, { "LatestVersionNumber": 1, "LaunchTemplateId": "lt-0d47d774e8e52dabc", "LaunchTemplateName": "MyLaunchTemplate2", "DefaultVersionNumber": 1, "CreatedBy": "arn:aws:iam::123456789012:root", "CreateTime": "2017-11-02T12:06:21.000Z" }, { "LatestVersionNumber": 3, "LaunchTemplateId": "lt-01e5f948eb4f589d6", "LaunchTemplateName": "testingtemplate2", "DefaultVersionNumber": 1, "CreatedBy": "arn:aws:sts::123456789012:assumed-role/AdminRole/i-03ee35176e2e5aabc", "CreateTime": "2017-12-01T08:19:48.000Z" }, ] }
-
For API details, see DescribeLaunchTemplates
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-local-gateway-route-table-virtual-interface-group-associations
.
- Amazon CLI
-
To describe associations between virtual interface groups and local gateway route tables
The following
describe-local-gateway-route-table-virtual-interface-group-associations
example describes the associations between virtual interface groups and local gateway route tables in your Amazon account.aws ec2 describe-local-gateway-route-table-virtual-interface-group-associations
Output:
{ "LocalGatewayRouteTableVirtualInterfaceGroupAssociations": [ { "LocalGatewayRouteTableVirtualInterfaceGroupAssociationId": "lgw-vif-grp-assoc-07145b276bEXAMPLE", "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-07145b276bEXAMPLE", "LocalGatewayId": "lgw-0ab1c23d4eEXAMPLE", "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE", "LocalGatewayRouteTableArn": "arn:aws:ec2:us-west-2:123456789012:local-gateway-route-table/lgw-rtb-059615ef7dEXAMPLE", "OwnerId": "123456789012", "State": "associated", "Tags": [] } ] }
For more information, see Working with local gateways
in the Amazon Outposts User Guide. -
For API details, see DescribeLocalGatewayRouteTableVirtualInterfaceGroupAssociations
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-local-gateway-route-table-vpc-associations
.
- Amazon CLI
-
To describe the associations between VPCs and local gateway route tables
The following
describe-local-gateway-route-table-vpc-associations
example displays information about the specified association between VPCs and local gateway route tables.aws ec2 describe-local-gateway-route-table-vpc-associations \ --local-gateway-route-table-vpc-association-ids
lgw-vpc-assoc-0e0f27af15EXAMPLE
Output:
{ "LocalGatewayRouteTableVpcAssociation": { "LocalGatewayRouteTableVpcAssociationId": "lgw-vpc-assoc-0e0f27af1EXAMPLE", "LocalGatewayRouteTableId": "lgw-rtb-059615ef7dEXAMPLE", "LocalGatewayId": "lgw-09b493aa7cEXAMPLE", "VpcId": "vpc-0efe9bde08EXAMPLE", "State": "associated" } }
For more information, see Local gateway route tables
in the Outposts User Guide. -
For API details, see DescribeLocalGatewayRouteTableVpcAssociations
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-local-gateway-route-tables
.
- Amazon CLI
-
To describe your Local Gateway Route Tables
The following
describe-local-gateway-route-tables
example displays details about the local gateway route tables.aws ec2 describe-local-gateway-route-tables
Output:
{ "LocalGatewayRouteTables": [ { "LocalGatewayRouteTableId": "lgw-rtb-059615ef7deEXAMPLE", "LocalGatewayId": "lgw-09b493aa7cEXAMPLE", "OutpostArn": "arn:aws:outposts:us-west-2:111122223333:outpost/op-0dc11b66edEXAMPLE", "State": "available" } ] }
-
For API details, see DescribeLocalGatewayRouteTables
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-local-gateway-virtual-interface-groups
.
- Amazon CLI
-
To describe local gateway virtual interface groups
The following
describe-local-gateway-virtual-interface-groups
example describes the local gateway virtual interface groups in your Amazon account.aws ec2 describe-local-gateway-virtual-interface-groups
Output:
{ "LocalGatewayVirtualInterfaceGroups": [ { "LocalGatewayVirtualInterfaceGroupId": "lgw-vif-grp-07145b276bEXAMPLE", "LocalGatewayVirtualInterfaceIds": [ "lgw-vif-01a23bc4d5EXAMPLE", "lgw-vif-543ab21012EXAMPLE" ], "LocalGatewayId": "lgw-0ab1c23d4eEXAMPLE", "OwnerId": "123456789012", "Tags": [] } ] }
For more information, see Working with local gateways
in the Amazon Outposts User Guide. -
For API details, see DescribeLocalGatewayVirtualInterfaceGroups
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-local-gateway-virtual-interfaces
.
- Amazon CLI
-
To describe local gateway virtual interfaces
The following
describe-local-gateway-virtual-interfaces
example describes the local gateway virtual interfaces in your Amazon account.aws ec2 describe-local-gateway-virtual-interfaces
Output:
{ "LocalGatewayVirtualInterfaces": [ { "LocalGatewayVirtualInterfaceId": "lgw-vif-01a23bc4d5EXAMPLE", "LocalGatewayId": "lgw-0ab1c23d4eEXAMPLE", "Vlan": 2410, "LocalAddress": "0.0.0.0/0", "PeerAddress": "0.0.0.0/0", "LocalBgpAsn": 65010, "PeerBgpAsn": 65000, "OwnerId": "123456789012", "Tags": [] }, { "LocalGatewayVirtualInterfaceId": "lgw-vif-543ab21012EXAMPLE", "LocalGatewayId": "lgw-0ab1c23d4eEXAMPLE", "Vlan": 2410, "LocalAddress": "0.0.0.0/0", "PeerAddress": "0.0.0.0/0", "LocalBgpAsn": 65010, "PeerBgpAsn": 65000, "OwnerId": "123456789012", "Tags": [] } ] }
For more information, see Working with local gateways
in the Amazon Outposts User Guide. -
For API details, see DescribeLocalGatewayVirtualInterfaces
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-local-gateways
.
- Amazon CLI
-
To describe your Local Gateways
The following
describe-local-gateways
example displays details for the local gateways that are available to you.aws ec2 describe-local-gateways
Output:
{ "LocalGateways": [ { "LocalGatewayId": "lgw-09b493aa7cEXAMPLE", "OutpostArn": "arn:aws:outposts:us-west-2:123456789012:outpost/op-0dc11b66ed59f995a", "OwnerId": "123456789012", "State": "available" } ] }
-
For API details, see DescribeLocalGateways
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-locked-snapshots
.
- Amazon CLI
-
To describe the lock status of a snapshot
The following
describe-locked-snapshots
example describes the lock status of the specified snapshot.aws ec2 describe-locked-snapshots \ --snapshot-ids
snap-0b5e733b4a8df6e0d
Output:
{ "Snapshots": [ { "OwnerId": "123456789012", "SnapshotId": "snap-0b5e733b4a8df6e0d", "LockState": "governance", "LockDuration": 365, "LockCreatedOn": "2024-05-05T00:56:06.208000+00:00", "LockDurationStartTime": "2024-05-05T00:56:06.208000+00:00", "LockExpiresOn": "2025-05-05T00:56:06.208000+00:00" } ] }
For more information, see Snapshot lock
in the Amazon EBS User Guide. -
For API details, see DescribeLockedSnapshots
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-managed-prefix-lists
.
- Amazon CLI
-
To describe managed prefix lists
The following
describe-managed-prefix-lists
example describes the prefix lists owned by Amazon account123456789012
.aws ec2 describe-managed-prefix-lists \ --filters
Name=owner-id,Values=123456789012
Output:
{ "PrefixLists": [ { "PrefixListId": "pl-11223344556677aab", "AddressFamily": "IPv6", "State": "create-complete", "PrefixListArn": "arn:aws:ec2:us-west-2:123456789012:prefix-list/pl-11223344556677aab", "PrefixListName": "vpc-ipv6-cidrs", "MaxEntries": 25, "Version": 1, "Tags": [], "OwnerId": "123456789012" }, { "PrefixListId": "pl-0123456abcabcabc1", "AddressFamily": "IPv4", "State": "active", "PrefixListArn": "arn:aws:ec2:us-west-2:123456789012:prefix-list/pl-0123456abcabcabc1", "PrefixListName": "vpc-cidrs", "MaxEntries": 10, "Version": 1, "Tags": [], "OwnerId": "123456789012" } ] }
For more information, see Managed prefix lists
in the Amazon VPC User Guide. -
For API details, see DescribeManagedPrefixLists
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-moving-addresses
.
- Amazon CLI
-
To describe your moving addresses
This example describes all of your moving Elastic IP addresses.
Command:
aws ec2 describe-moving-addresses
Output:
{ "MovingAddressStatuses": [ { "PublicIp": "198.51.100.0", "MoveStatus": "MovingToVpc" } ] }
This example describes all addresses that are moving to the EC2-VPC platform.
Command:
aws ec2 describe-moving-addresses --filters
Name=moving-status,Values=MovingToVpc
-
For API details, see DescribeMovingAddresses
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-nat-gateways
.
- Amazon CLI
-
Example 1: To describe a public NAT gateway
The following
describe-nat-gateways
example describes the specified public NAT gateway.aws ec2 describe-nat-gateways \ --nat-gateway-id
nat-01234567890abcdef
Output:
{ "NatGateways": [ { "CreateTime": "2023-08-25T01:56:51.000Z", "NatGatewayAddresses": [ { "AllocationId": "eipalloc-0790180cd2EXAMPLE", "NetworkInterfaceId": "eni-09cc4b2558794f7f9", "PrivateIp": "10.0.0.211", "PublicIp": "54.85.121.213", "AssociationId": "eipassoc-04d295cc9b8815b24", "IsPrimary": true, "Status": "succeeded" }, { "AllocationId": "eipalloc-0be6ecac95EXAMPLE", "NetworkInterfaceId": "eni-09cc4b2558794f7f9", "PrivateIp": "10.0.0.74", "PublicIp": "3.211.231.218", "AssociationId": "eipassoc-0f96bdca17EXAMPLE", "IsPrimary": false, "Status": "succeeded" } ], "NatGatewayId": "nat-01234567890abcdef", "State": "available", "SubnetId": "subnet-655eab5f08EXAMPLE", "VpcId": "vpc-098eb5ef58EXAMPLE", "Tags": [ { "Key": "Name", "Value": "public-nat" } ], "ConnectivityType": "public" } ] }
Example 2: To describe a private NAT gateway
The following
describe-nat-gateways
example describes the specified private NAT gateway.aws ec2 describe-nat-gateways \ --nat-gateway-id
nat-1234567890abcdef0
Output:
{ "NatGateways": [ { "CreateTime": "2023-08-25T00:50:05.000Z", "NatGatewayAddresses": [ { "NetworkInterfaceId": "eni-0065a61b324d1897a", "PrivateIp": "10.0.20.240", "IsPrimary": true, "Status": "succeeded" }, { "NetworkInterfaceId": "eni-0065a61b324d1897a", "PrivateIp": "10.0.20.33", "IsPrimary": false, "Status": "succeeded" }, { "NetworkInterfaceId": "eni-0065a61b324d1897a", "PrivateIp": "10.0.20.197", "IsPrimary": false, "Status": "succeeded" } ], "NatGatewayId": "nat-1234567890abcdef0", "State": "available", "SubnetId": "subnet-08fc749671EXAMPLE", "VpcId": "vpc-098eb5ef58EXAMPLE", "Tags": [ { "Key": "Name", "Value": "private-nat" } ], "ConnectivityType": "private" } ] }
For more information, see NAT gateways
in the Amazon VPC User Guide. -
For API details, see DescribeNatGateways
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-network-acls
.
- Amazon CLI
-
To describe your network ACLs
The following
describe-network-acls
example retrieves details about your network ACLs.aws ec2 describe-network-acls
Output:
{ "NetworkAcls": [ { "Associations": [ { "NetworkAclAssociationId": "aclassoc-0c1679dc41EXAMPLE", "NetworkAclId": "acl-0ea1f54ca7EXAMPLE", "SubnetId": "subnet-0931fc2fa5EXAMPLE" } ], "Entries": [ { "CidrBlock": "0.0.0.0/0", "Egress": true, "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 100 }, { "CidrBlock": "0.0.0.0/0", "Egress": true, "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32767 }, { "CidrBlock": "0.0.0.0/0", "Egress": false, "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 100 }, { "CidrBlock": "0.0.0.0/0", "Egress": false, "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32767 } ], "IsDefault": true, "NetworkAclId": "acl-0ea1f54ca7EXAMPLE", "Tags": [], "VpcId": "vpc-06e4ab6c6cEXAMPLE", "OwnerId": "111122223333" }, { "Associations": [], "Entries": [ { "CidrBlock": "0.0.0.0/0", "Egress": true, "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 100 }, { "Egress": true, "Ipv6CidrBlock": "::/0", "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 101 }, { "CidrBlock": "0.0.0.0/0", "Egress": true, "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32767 }, { "Egress": true, "Ipv6CidrBlock": "::/0", "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32768 }, { "CidrBlock": "0.0.0.0/0", "Egress": false, "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 100 }, { "Egress": false, "Ipv6CidrBlock": "::/0", "Protocol": "-1", "RuleAction": "allow", "RuleNumber": 101 }, { "CidrBlock": "0.0.0.0/0", "Egress": false, "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32767 }, { "Egress": false, "Ipv6CidrBlock": "::/0", "Protocol": "-1", "RuleAction": "deny", "RuleNumber": 32768 } ], "IsDefault": true, "NetworkAclId": "acl-0e2a78e4e2EXAMPLE", "Tags": [], "VpcId": "vpc-03914afb3eEXAMPLE", "OwnerId": "111122223333" } ] }
For more information, see Network ACLs
in the Amazon VPC User Guide. -
For API details, see DescribeNetworkAcls
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-network-insights-access-scope-analyses
.
- Amazon CLI
-
To describe Network Insights access scope analyses
The following
describe-network-insights-access-scope-analyses
example describes the access scope analysis in your Amazon account.aws ec2 describe-network-insights-access-scope-analyses \ --region
us-east-1
Output:
{ "NetworkInsightsAccessScopeAnalyses": [ { "NetworkInsightsAccessScopeAnalysisId": "nisa-123456789111", "NetworkInsightsAccessScopeAnalysisArn": "arn:aws:ec2:us-east-1:123456789012:network-insights-access-scope-analysis/nisa-123456789111", "NetworkInsightsAccessScopeId": "nis-123456789222", "Status": "succeeded", "StartDate": "2022-01-25T19:45:36.842000+00:00", "FindingsFound": "true", "Tags": [] } ] }
For more information, see Getting started with Network Access Analyzer using the Amazon CLI
in the Network Access Analyzer Guide. -
For API details, see DescribeNetworkInsightsAccessScopeAnalyses
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-network-insights-access-scopes
.
- Amazon CLI
-
To describe Network Insights access scopes
The following
describe-network-insights-access-scopes
example describes the access-scope analyses in your Amazon account.aws ec2 describe-network-insights-access-scopes \ --region
us-east-1
Output:
{ "NetworkInsightsAccessScopes": [ { "NetworkInsightsAccessScopeId": "nis-123456789111", "NetworkInsightsAccessScopeArn": "arn:aws:ec2:us-east-1:123456789012:network-insights-access-scope/nis-123456789111", "CreatedDate": "2021-11-29T21:12:41.416000+00:00", "UpdatedDate": "2021-11-29T21:12:41.416000+00:00", "Tags": [] } ] }
For more information, see Getting started with Network Access Analyzer using the Amazon CLI
in the Network Access Analyzer Guide. -
For API details, see DescribeNetworkInsightsAccessScopes
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-network-insights-analyses
.
- Amazon CLI
-
To view the results of a path analysis
The following
describe-network-insights-analyses
example describes the specified analysis. In this example, the source is an internet gateway, the destination is an EC2 instance, and the protocol is TCP. The analysis succeeded (Status
issucceeded
) and the path is not reachable (NetworkPathFound
isfalse
). The explanation codeENI_SG_RULES_MISMATCH
indicates that the security group for the instance does not contain a rule that allows traffic on the destination port.aws ec2 describe-network-insights-analyses \ --network-insights-analysis-ids
nia-02207aa13eb480c7a
Output:
{ "NetworkInsightsAnalyses": [ { "NetworkInsightsAnalysisId": "nia-02207aa13eb480c7a", "NetworkInsightsAnalysisArn": "arn:aws:ec2:us-east-1:123456789012:network-insights-analysis/nia-02207aa13eb480c7a", "NetworkInsightsPathId": "nip-0b26f224f1d131fa8", "StartDate": "2021-01-20T22:58:37.495Z", "Status": "succeeded", "NetworkPathFound": false, "Explanations": [ { "Direction": "ingress", "ExplanationCode": "ENI_SG_RULES_MISMATCH", "NetworkInterface": { "Id": "eni-0a25edef15a6cc08c", "Arn": "arn:aws:ec2:us-east-1:123456789012:network-interface/eni-0a25edef15a6cc08c" }, "SecurityGroups": [ { "Id": "sg-02f0d35a850ba727f", "Arn": "arn:aws:ec2:us-east-1:123456789012:security-group/sg-02f0d35a850ba727f" } ], "Subnet": { "Id": "subnet-004ff41eccb4d1194", "Arn": "arn:aws:ec2:us-east-1:123456789012:subnet/subnet-004ff41eccb4d1194" }, "Vpc": { "Id": "vpc-f1663d98ad28331c7", "Arn": "arn:aws:ec2:us-east-1:123456789012:vpc/vpc-f1663d98ad28331c7" } } ], "Tags": [] } ] }
For more information, see Getting started using the Amazon CLI
in the Reachability Analyzer Guide. -
For API details, see DescribeNetworkInsightsAnalyses
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-network-insights-paths
.
- Amazon CLI
-
To describe a path
The following
describe-network-insights-paths
example describes the specified path.aws ec2 describe-network-insights-paths \ --network-insights-path-ids
nip-0b26f224f1d131fa8
Output:
{ "NetworkInsightsPaths": [ { "NetworkInsightsPathId": "nip-0b26f224f1d131fa8", "NetworkInsightsPathArn": "arn:aws:ec2:us-east-1:123456789012:network-insights-path/nip-0b26f224f1d131fa8", "CreatedDate": "2021-01-20T22:43:46.933Z", "Source": "igw-0797cccdc9d73b0e5", "Destination": "i-0495d385ad28331c7", "Protocol": "tcp" } ] }
For more information, see Getting started using the Amazon CLI
in the Reachability Analyzer Guide. -
For API details, see DescribeNetworkInsightsPaths
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-network-interface-attribute
.
- Amazon CLI
-
To describe the attachment attribute of a network interface
This example command describes the
attachment
attribute of the specified network interface.Command:
aws ec2 describe-network-interface-attribute --network-interface-id
eni-686ea200
--attributeattachment
Output:
{ "NetworkInterfaceId": "eni-686ea200", "Attachment": { "Status": "attached", "DeviceIndex": 0, "AttachTime": "2015-05-21T20:02:20.000Z", "InstanceId": "i-1234567890abcdef0", "DeleteOnTermination": true, "AttachmentId": "eni-attach-43348162", "InstanceOwnerId": "123456789012" } }
To describe the description attribute of a network interface
This example command describes the
description
attribute of the specified network interface.Command:
aws ec2 describe-network-interface-attribute --network-interface-id
eni-686ea200
--attributedescription
Output:
{ "NetworkInterfaceId": "eni-686ea200", "Description": { "Value": "My description" } }
To describe the groupSet attribute of a network interface
This example command describes the
groupSet
attribute of the specified network interface.Command:
aws ec2 describe-network-interface-attribute --network-interface-id
eni-686ea200
--attributegroupSet
Output:
{ "NetworkInterfaceId": "eni-686ea200", "Groups": [ { "GroupName": "my-security-group", "GroupId": "sg-903004f8" } ] }
To describe the sourceDestCheck attribute of a network interface
This example command describes the
sourceDestCheck
attribute of the specified network interface.Command:
aws ec2 describe-network-interface-attribute --network-interface-id
eni-686ea200
--attributesourceDestCheck
Output:
{ "NetworkInterfaceId": "eni-686ea200", "SourceDestCheck": { "Value": true } }
-
For API details, see DescribeNetworkInterfaceAttribute
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-network-interface-permissions
.
- Amazon CLI
-
To describe your network interface permissions
This example describes all of your network interface permissions.
Command:
aws ec2 describe-network-interface-permissions
Output:
{ "NetworkInterfacePermissions": [ { "PermissionState": { "State": "GRANTED" }, "NetworkInterfacePermissionId": "eni-perm-06fd19020ede149ea", "NetworkInterfaceId": "eni-b909511a", "Permission": "INSTANCE-ATTACH", "AwsAccountId": "123456789012" } ] }
-
For API details, see DescribeNetworkInterfacePermissions
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-network-interfaces
.
- Amazon CLI
-
To describe your network interfaces
This example describes all your network interfaces.
Command:
aws ec2 describe-network-interfaces
Output:
{ "NetworkInterfaces": [ { "Status": "in-use", "MacAddress": "02:2f:8f:b0:cf:75", "SourceDestCheck": true, "VpcId": "vpc-a01106c2", "Description": "my network interface", "Association": { "PublicIp": "203.0.113.12", "AssociationId": "eipassoc-0fbb766a", "PublicDnsName": "ec2-203-0-113-12.compute-1.amazonaws.com", "IpOwnerId": "123456789012" }, "NetworkInterfaceId": "eni-e5aa89a3", "PrivateIpAddresses": [ { "PrivateDnsName": "ip-10-0-1-17.ec2.internal", "Association": { "PublicIp": "203.0.113.12", "AssociationId": "eipassoc-0fbb766a", "PublicDnsName": "ec2-203-0-113-12.compute-1.amazonaws.com", "IpOwnerId": "123456789012" }, "Primary": true, "PrivateIpAddress": "10.0.1.17" } ], "RequesterManaged": false, "Ipv6Addresses": [], "PrivateDnsName": "ip-10-0-1-17.ec2.internal", "AvailabilityZone": "us-east-1d", "Attachment": { "Status": "attached", "DeviceIndex": 1, "AttachTime": "2013-11-30T23:36:42.000Z", "InstanceId": "i-1234567890abcdef0", "DeleteOnTermination": false, "AttachmentId": "eni-attach-66c4350a", "InstanceOwnerId": "123456789012" }, "Groups": [ { "GroupName": "default", "GroupId": "sg-8637d3e3" } ], "SubnetId": "subnet-b61f49f0", "OwnerId": "123456789012", "TagSet": [], "PrivateIpAddress": "10.0.1.17" }, { "Status": "in-use", "MacAddress": "02:58:f5:ef:4b:06", "SourceDestCheck": true, "VpcId": "vpc-a01106c2", "Description": "Primary network interface", "Association": { "PublicIp": "198.51.100.0", "IpOwnerId": "amazon" }, "NetworkInterfaceId": "eni-f9ba99bf", "PrivateIpAddresses": [ { "Association": { "PublicIp": "198.51.100.0", "IpOwnerId": "amazon" }, "Primary": true, "PrivateIpAddress": "10.0.1.149" } ], "RequesterManaged": false, "Ipv6Addresses": [], "AvailabilityZone": "us-east-1d", "Attachment": { "Status": "attached", "DeviceIndex": 0, "AttachTime": "2013-11-30T23:35:33.000Z", "InstanceId": "i-0598c7d356eba48d7", "DeleteOnTermination": true, "AttachmentId": "eni-attach-1b9db777", "InstanceOwnerId": "123456789012" }, "Groups": [ { "GroupName": "default", "GroupId": "sg-8637d3e3" } ], "SubnetId": "subnet-b61f49f0", "OwnerId": "123456789012", "TagSet": [], "PrivateIpAddress": "10.0.1.149" } ] }
This example describes network interfaces that have a tag with the key
Purpose
and the valueProd
.Command:
aws ec2 describe-network-interfaces --filters
Name=tag:Purpose,Values=Prod
Output:
{ "NetworkInterfaces": [ { "Status": "available", "MacAddress": "12:2c:bd:f9:bf:17", "SourceDestCheck": true, "VpcId": "vpc-8941ebec", "Description": "ProdENI", "NetworkInterfaceId": "eni-b9a5ac93", "PrivateIpAddresses": [ { "PrivateDnsName": "ip-10-0-1-55.ec2.internal", "Primary": true, "PrivateIpAddress": "10.0.1.55" }, { "PrivateDnsName": "ip-10-0-1-117.ec2.internal", "Primary": false, "PrivateIpAddress": "10.0.1.117" } ], "RequesterManaged": false, "PrivateDnsName": "ip-10-0-1-55.ec2.internal", "AvailabilityZone": "us-east-1d", "Ipv6Addresses": [], "Groups": [ { "GroupName": "MySG", "GroupId": "sg-905002f5" } ], "SubnetId": "subnet-31d6c219", "OwnerId": "123456789012", "TagSet": [ { "Value": "Prod", "Key": "Purpose" } ], "PrivateIpAddress": "10.0.1.55" } ] }
-
For API details, see DescribeNetworkInterfaces
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-placement-groups
.
- Amazon CLI
-
To describe your placement groups
This example command describes all of your placement groups.
Command:
aws ec2 describe-placement-groups
Output:
{ "PlacementGroups": [ { "GroupName": "my-cluster", "State": "available", "Strategy": "cluster" }, ... ] }
-
For API details, see DescribePlacementGroups
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-prefix-lists
.
- Amazon CLI
-
To describe prefix lists
This example lists all available prefix lists for the region.
Command:
aws ec2 describe-prefix-lists
Output:
{ "PrefixLists": [ { "PrefixListName": "com.amazonaws.us-east-1.s3", "Cidrs": [ "54.231.0.0/17" ], "PrefixListId": "pl-63a5400a" } ] }
-
For API details, see DescribePrefixLists
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-principal-id-format
.
- Amazon CLI
-
To describe the ID format for IAM users and roles with long ID format enabled
The following
describe-principal-id-format
example describes the ID format for the root user, all IAM roles, and all IAM users with long ID format enabled.aws ec2 describe-principal-id-format \ --resource
instance
Output:
{ "Principals": [ { "Arn": "arn:aws:iam::123456789012:root", "Statuses": [ { "Deadline": "2016-12-15T00:00:00.000Z", "Resource": "reservation", "UseLongIds": true }, { "Deadline": "2016-12-15T00:00:00.000Z", "Resource": "instance", "UseLongIds": true }, { "Deadline": "2016-12-15T00:00:00.000Z", "Resource": "volume", "UseLongIds": true }, ] }, ... ] }
-
For API details, see DescribePrincipalIdFormat
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-public-ipv4-pools
.
- Amazon CLI
-
To describe your public IPv4 address pools
The following
describe-public-ipv4-pools
example displays details about the address pools that were created when you provisioned public IPv4 address ranges using Bring Your Own IP Addresses (BYOIP).aws ec2 describe-public-ipv4-pools
Output:
{ "PublicIpv4Pools": [ { "PoolId": "ipv4pool-ec2-1234567890abcdef0", "PoolAddressRanges": [ { "FirstAddress": "203.0.113.0", "LastAddress": "203.0.113.255", "AddressCount": 256, "AvailableAddressCount": 256 } ], "TotalAddressCount": 256, "TotalAvailableAddressCount": 256 } ] }
-
For API details, see DescribePublicIpv4Pools
in Amazon CLI Command Reference.
-
The following code example shows how to use describe-regions
.
- Amazon CLI
-
Example 1: To describe all of your enabled Regions
The following
describe-regions
example describes all of the Regions that are enabled for your account.aws ec2 describe-regions
Output:
{ "Regions": [ { "Endpoint": "ec2.eu-north-1.amazonaws.com", "RegionName": "eu-north-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-south-1.amazonaws.com", "RegionName": "ap-south-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.eu-west-3.amazonaws.com", "RegionName": "eu-west-3", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.eu-west-2.amazonaws.com", "RegionName": "eu-west-2", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.eu-west-1.amazonaws.com", "RegionName": "eu-west-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-northeast-3.amazonaws.com", "RegionName": "ap-northeast-3", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-northeast-2.amazonaws.com", "RegionName": "ap-northeast-2", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-northeast-1.amazonaws.com", "RegionName": "ap-northeast-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.sa-east-1.amazonaws.com", "RegionName": "sa-east-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ca-central-1.amazonaws.com", "RegionName": "ca-central-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-southeast-1.amazonaws.com", "RegionName": "ap-southeast-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-southeast-2.amazonaws.com", "RegionName": "ap-southeast-2", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.eu-central-1.amazonaws.com", "RegionName": "eu-central-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.us-east-1.amazonaws.com", "RegionName": "us-east-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.us-east-2.amazonaws.com", "RegionName": "us-east-2", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.us-west-1.amazonaws.com", "RegionName": "us-west-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.us-west-2.amazonaws.com", "RegionName": "us-west-2", "OptInStatus": "opt-in-not-required" } ] }
For more information, see Regions and Zones
in the Amazon EC2 User Guide. Example 2: To describe enabled Regions with an endpoint whose name contains a specific string
The following
describe-regions
example describes all Regions that you have enabled that have the string "us" in the endpoint.aws ec2 describe-regions \ --filters
"Name=endpoint,Values=*us*"
Output:
{ "Regions": [ { "Endpoint": "ec2.us-east-1.amazonaws.com", "RegionName": "us-east-1" }, { "Endpoint": "ec2.us-east-2.amazonaws.com", "RegionName": "us-east-2" }, { "Endpoint": "ec2.us-west-1.amazonaws.com", "RegionName": "us-west-1" }, { "Endpoint": "ec2.us-west-2.amazonaws.com", "RegionName": "us-west-2" } ] }
For more information, see Regions and Zones
in the Amazon EC2 User Guide. Example 3: To describe all Regions
The following
describe-regions
example describes all available Regions, including Regions that are disabled.aws ec2 describe-regions \ --all-regions
Output:
{ "Regions": [ { "Endpoint": "ec2.eu-north-1.amazonaws.com", "RegionName": "eu-north-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-south-1.amazonaws.com", "RegionName": "ap-south-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.eu-west-3.amazonaws.com", "RegionName": "eu-west-3", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.eu-west-2.amazonaws.com", "RegionName": "eu-west-2", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.eu-west-1.amazonaws.com", "RegionName": "eu-west-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-northeast-3.amazonaws.com", "RegionName": "ap-northeast-3", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.me-south-1.amazonaws.com", "RegionName": "me-south-1", "OptInStatus": "not-opted-in" }, { "Endpoint": "ec2.ap-northeast-2.amazonaws.com", "RegionName": "ap-northeast-2", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-northeast-1.amazonaws.com", "RegionName": "ap-northeast-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.sa-east-1.amazonaws.com", "RegionName": "sa-east-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ca-central-1.amazonaws.com", "RegionName": "ca-central-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-east-1.amazonaws.com", "RegionName": "ap-east-1", "OptInStatus": "not-opted-in" }, { "Endpoint": "ec2.ap-southeast-1.amazonaws.com", "RegionName": "ap-southeast-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.ap-southeast-2.amazonaws.com", "RegionName": "ap-southeast-2", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.eu-central-1.amazonaws.com", "RegionName": "eu-central-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.us-east-1.amazonaws.com", "RegionName": "us-east-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.us-east-2.amazonaws.com", "RegionName": "us-east-2", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.us-west-1.amazonaws.com", "RegionName": "us-west-1", "OptInStatus": "opt-in-not-required" }, { "Endpoint": "ec2.us-west-2.amazonaws.com", "RegionName": "us-west-2", "OptInStatus": "opt-in-not-required" } ] }
For more information, see Regions and Zones
in the Amazon EC2 User Guide. Example 4: To list the Region names only
The following
describe-regions
example uses the--query
parameter to filter the output and return only the names of the Regions as text.