CreateVpcPeeringAuthorization - Amazon GameLift
Request SyntaxRequest ParametersResponse SyntaxResponse ElementsErrorsExamplesSee Also
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

CreateVpcPeeringAuthorization

Requests authorization to create or delete a peer connection between the VPC for your Amazon GameLift fleet and a virtual private cloud (VPC) in your Amazon account. VPC peering enables the game servers on your fleet to communicate directly with other Amazon resources. After you've received authorization, use CreateVpcPeeringConnection to establish the peering connection. For more information, see VPC Peering with Amazon GameLift Fleets.

You can peer with VPCs that are owned by any Amazon account you have access to, including the account that you use to manage your Amazon GameLift fleets. You cannot peer with VPCs that are in different Regions.

To request authorization to create a connection, call this operation from the Amazon account with the VPC that you want to peer to your Amazon GameLift fleet. For example, to enable your game servers to retrieve data from a DynamoDB table, use the account that manages that DynamoDB resource. Identify the following values: (1) The ID of the VPC that you want to peer with, and (2) the ID of the Amazon account that you use to manage Amazon GameLift. If successful, VPC peering is authorized for the specified VPC.

To request authorization to delete a connection, call this operation from the Amazon account with the VPC that is peered with your Amazon GameLift fleet. Identify the following values: (1) VPC ID that you want to delete the peering connection for, and (2) ID of the Amazon account that you use to manage Amazon GameLift.

The authorization remains valid for 24 hours unless it is canceled. You must create or delete the peering connection while the authorization is valid.

Related actions

All APIs by task

Request Syntax

{
   "GameLiftAwsAccountId": "string",
   "PeerVpcId": "string"
}

Request Parameters

For information about the parameters that are common to all actions, see Common Parameters.

The request accepts the following data in JSON format.

Note

In the following list, the required parameters are described first.

GameLiftAwsAccountId

A unique identifier for the Amazon account that you use to manage your Amazon GameLift fleet. You can find your Account ID in the Amazon Web Services Management Console under account settings.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Required: Yes

PeerVpcId

A unique identifier for a VPC with resources to be accessed by your Amazon GameLift fleet. The VPC must be in the same Region as your fleet. To look up a VPC ID, use the VPC Dashboard in the Amazon Web Services Management Console. Learn more about VPC peering in VPC Peering with Amazon GameLift Fleets.

Type: String

Length Constraints: Minimum length of 1. Maximum length of 1024.

Required: Yes

Response Syntax

{
   "VpcPeeringAuthorization": { 
      "CreationTime": number,
      "ExpirationTime": number,
      "GameLiftAwsAccountId": "string",
      "PeerVpcAwsAccountId": "string",
      "PeerVpcId": "string"
   }
}

Response Elements

If the action is successful, the service sends back an HTTP 200 response.

The following data is returned in JSON format by the service.

VpcPeeringAuthorization

Details on the requested VPC peering authorization, including expiration.

Type: VpcPeeringAuthorization object

Errors

For information about the errors that are common to all actions, see Common Errors.

InternalServiceException

The service encountered an unrecoverable internal failure while processing the request. Clients can retry such requests immediately or after a waiting period.

HTTP Status Code: 500

InvalidRequestException

One or more parameter values in the request are invalid. Correct the invalid parameter values before retrying.

HTTP Status Code: 400

NotFoundException

The requested resources was not found. The resource was either not created yet or deleted.

HTTP Status Code: 400

UnauthorizedException

The client failed authentication. Clients should not retry such requests.

HTTP Status Code: 400

Examples

Authorize VPC peering between your Amazon GameLift fleet and resources on your Amazon GameLift account

In this example, you want your Amazon GameLift hosted game servers to access a web service. You manage the Amazon GameLift fleet and the web service through the same Amazon account (account ID 111122223333). The web service already has a VPC set up, with ID vpc-a12bc345.

When making this request, use credentials for Amazon account 111122223333.

Sample Request

POST / HTTP/1.1
Host: gamelift.us-west-2.amazonaws.com;
Accept-Encoding: identity
Content-Length: 77
User-Agent: aws-cli/1.11.36 Python/2.7.9 Windows/7 botocore/1.4.93
Content-Type: application/x-amz-json-1.0
Authorization: AWS4-HMAC-SHA256  Credential=AKIAIOSFODNN7EXAMPLE/20170406/us-west-2/gamelift/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
X-Amz-Date: 20170406T004805Z
X-Amz-Target: GameLift.CreateVpcPeeringAuthorization 

{ "GameLiftAwsAccountId": "111122223333",
    "PeerVpcId": "vpc-a12bc345"
}

Sample Response

HTTP/1.1 200 OK
x-amzn-RequestId: b34f8665-EXAMPLE
Content-Type: application/x-amz-json-1.1
Content-Length: 225
Date: Thu, 06 Apr 2017 00:48:07 GMT

{"VpcPeeringAuthorization": 
  {"CreationTime": 1503608847.489, 
   "ExpirationTime": 1503695247, 
   "GameLiftAwsAccountId": "111122223333", 
   "PeerVpcAwsAccountId": "111122223333", 
   "PeerVpcId": "vpc-a12bc345"}
}

Authorize VPC peering between your Amazon GameLift fleet and resources on a different account

As in the previous example, you want your game servers to access a web service. But in this example, the Amazon GameLift fleet and the web service are managed through different Amazon accounts. Your Amazon GameLift account ID is 111122223333, while the web service account ID is 444455556666. A VPC on account 444455556666 with the web service is set up with the ID vpc-c67ef890.

When making this request, use credentials for Amazon account 444455556666. If you don't have rights to this account, work with the account owner to make the request. You'll need to provide your Amazon GameLift account ID.

Sample Request

POST / HTTP/1.1
Host: gamelift.us-west-2.amazonaws.com;
Accept-Encoding: identity
Content-Length: 82
User-Agent: aws-cli/1.11.36 Python/2.7.9 Windows/7 botocore/1.4.93
Content-Type: application/x-amz-json-1.0
Authorization: AWS4-HMAC-SHA256  Credential=AKIAIOSFODNN7EXAMPLE/20170406/us-west-2/gamelift/aws4_request, SignedHeaders=content-type;host;x-amz-date;x-amz-target, Signature=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
X-Amz-Date: 20170406T004805Z
X-Amz-Target: GameLift.CreateVpcPeeringAuthorization 

{
    "GameLiftAwsAccountId": "111122223333",
    "PeerVpcId": "vpc-c67ef890"
}

Sample Response

HTTP/1.1 200 OK
x-amzn-RequestId: b34f8665-EXAMPLE
Content-Type: application/x-amz-json-1.1
Content-Length: 225
Date: Thu, 06 Apr 2017 00:48:07 GMT

{"VpcPeeringAuthorization": 
  {"CreationTime": 1503608847.489, 
   "ExpirationTime": 1503695247, 
   "GameLiftAwsAccountId": "111122223333", 
   "PeerVpcAwsAccountId": "444455556666", 
   "PeerVpcId": "vpc-c67ef890"}
}

See Also

For more information about using this API in one of the language-specific Amazon SDKs, see the following: