EC2 / Client / create_transit_gateway

create_transit_gateway#

EC2.Client.create_transit_gateway(**kwargs)#

Creates a transit gateway.

You can use a transit gateway to interconnect your virtual private clouds (VPC) and on-premises networks. After the transit gateway enters the available state, you can attach your VPCs and VPN connections to the transit gateway.

To attach your VPCs, use CreateTransitGatewayVpcAttachment.

To attach a VPN connection, use CreateCustomerGateway to create a customer gateway and specify the ID of the customer gateway and the ID of the transit gateway in a call to CreateVpnConnection.

When you create a transit gateway, we create a default transit gateway route table and use it as the default association route table and the default propagation route table. You can use CreateTransitGatewayRouteTable to create additional transit gateway route tables. If you disable automatic route propagation, we do not create a default transit gateway route table. You can use EnableTransitGatewayRouteTablePropagation to propagate routes from a resource attachment to a transit gateway route table. If you disable automatic associations, you can use AssociateTransitGatewayRouteTable to associate a resource attachment with a transit gateway route table.

See also: AWS API Documentation

Request Syntax

response = client.create_transit_gateway(
    Description='string',
    Options={
        'AmazonSideAsn': 123,
        'AutoAcceptSharedAttachments': 'enable'|'disable',
        'DefaultRouteTableAssociation': 'enable'|'disable',
        'DefaultRouteTablePropagation': 'enable'|'disable',
        'VpnEcmpSupport': 'enable'|'disable',
        'DnsSupport': 'enable'|'disable',
        'SecurityGroupReferencingSupport': 'enable'|'disable',
        'MulticastSupport': 'enable'|'disable',
        'TransitGatewayCidrBlocks': [
            'string',
        ]
    },
    TagSpecifications=[
        {
            'ResourceType': 'capacity-reservation'|'client-vpn-endpoint'|'customer-gateway'|'carrier-gateway'|'coip-pool'|'dedicated-host'|'dhcp-options'|'egress-only-internet-gateway'|'elastic-ip'|'elastic-gpu'|'export-image-task'|'export-instance-task'|'fleet'|'fpga-image'|'host-reservation'|'image'|'import-image-task'|'import-snapshot-task'|'instance'|'instance-event-window'|'internet-gateway'|'ipam'|'ipam-pool'|'ipam-scope'|'ipv4pool-ec2'|'ipv6pool-ec2'|'key-pair'|'launch-template'|'local-gateway'|'local-gateway-route-table'|'local-gateway-virtual-interface'|'local-gateway-virtual-interface-group'|'local-gateway-route-table-vpc-association'|'local-gateway-route-table-virtual-interface-group-association'|'natgateway'|'network-acl'|'network-interface'|'network-insights-analysis'|'network-insights-path'|'network-insights-access-scope'|'network-insights-access-scope-analysis'|'placement-group'|'prefix-list'|'replace-root-volume-task'|'reserved-instances'|'route-table'|'security-group'|'security-group-rule'|'snapshot'|'spot-fleet-request'|'spot-instances-request'|'subnet'|'subnet-cidr-reservation'|'traffic-mirror-filter'|'traffic-mirror-session'|'traffic-mirror-target'|'transit-gateway'|'transit-gateway-attachment'|'transit-gateway-connect-peer'|'transit-gateway-multicast-domain'|'transit-gateway-policy-table'|'transit-gateway-route-table'|'transit-gateway-route-table-announcement'|'volume'|'vpc'|'vpc-endpoint'|'vpc-endpoint-connection'|'vpc-endpoint-service'|'vpc-endpoint-service-permission'|'vpc-peering-connection'|'vpn-connection'|'vpn-gateway'|'vpc-flow-log'|'capacity-reservation-fleet'|'traffic-mirror-filter-rule'|'vpc-endpoint-connection-device-type'|'verified-access-instance'|'verified-access-group'|'verified-access-endpoint'|'verified-access-policy'|'verified-access-trust-provider'|'vpn-connection-device-type'|'vpc-block-public-access-exclusion'|'ipam-resource-discovery'|'ipam-resource-discovery-association'|'instance-connect-endpoint',
            'Tags': [
                {
                    'Key': 'string',
                    'Value': 'string'
                },
            ]
        },
    ],
    DryRun=True|False
)
Parameters:

  • Description (string) – A description of the transit gateway.

  • Options (dict) –

    The transit gateway options.

    • AmazonSideAsn (integer) –

      A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs. The default is 64512.

    • AutoAcceptSharedAttachments (string) –

      Enable or disable automatic acceptance of attachment requests. Disabled by default.

    • DefaultRouteTableAssociation (string) –

      Enable or disable automatic association with the default association route table. Enabled by default.

    • DefaultRouteTablePropagation (string) –

      Enable or disable automatic propagation of routes to the default propagation route table. Enabled by default.

    • VpnEcmpSupport (string) –

      Enable or disable Equal Cost Multipath Protocol support. Enabled by default.

    • DnsSupport (string) –

      Enable or disable DNS support. Enabled by default.

    • SecurityGroupReferencingSupport (string) –

      Note

      This parameter is in preview and may not be available for your account.

      Enables you to reference a security group across VPCs attached to a transit gateway. Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.

    • MulticastSupport (string) –

      Indicates whether multicast is enabled on the transit gateway

    • TransitGatewayCidrBlocks (list) –

      One or more IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.

      • (string) –

  • TagSpecifications (list) –

    The tags to apply to the transit gateway.

    • (dict) –

      The tags to apply to a resource when the resource is being created. When you specify a tag, you must specify the resource type to tag, otherwise the request will fail.

      Note

      The Valid Values lists all the resource types that can be tagged. However, the action you’re using might not support tagging all of these resource types. If you try to tag a resource type that is unsupported for the action you’re using, you’ll get an error.

      • ResourceType (string) –

        The type of resource to tag on creation.

      • Tags (list) –

        The tags to apply to the resource.

        • (dict) –

          Describes a tag.

          • Key (string) –

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:.

          • Value (string) –

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

  • DryRun (boolean) – Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is DryRunOperation. Otherwise, it is UnauthorizedOperation.

Return type:

dict

Returns:

Response Syntax

{
    'TransitGateway': {
        'TransitGatewayId': 'string',
        'TransitGatewayArn': 'string',
        'State': 'pending'|'available'|'modifying'|'deleting'|'deleted',
        'OwnerId': 'string',
        'Description': 'string',
        'CreationTime': datetime(2015, 1, 1),
        'Options': {
            'AmazonSideAsn': 123,
            'TransitGatewayCidrBlocks': [
                'string',
            ],
            'AutoAcceptSharedAttachments': 'enable'|'disable',
            'DefaultRouteTableAssociation': 'enable'|'disable',
            'AssociationDefaultRouteTableId': 'string',
            'DefaultRouteTablePropagation': 'enable'|'disable',
            'PropagationDefaultRouteTableId': 'string',
            'VpnEcmpSupport': 'enable'|'disable',
            'DnsSupport': 'enable'|'disable',
            'SecurityGroupReferencingSupport': 'enable'|'disable',
            'MulticastSupport': 'enable'|'disable'
        },
        'Tags': [
            {
                'Key': 'string',
                'Value': 'string'
            },
        ]
    }
}

Response Structure

  • (dict) –

    • TransitGateway (dict) –

      Information about the transit gateway.

      • TransitGatewayId (string) –

        The ID of the transit gateway.

      • TransitGatewayArn (string) –

        The Amazon Resource Name (ARN) of the transit gateway.

      • State (string) –

        The state of the transit gateway.

      • OwnerId (string) –

        The ID of the Amazon Web Services account that owns the transit gateway.

      • Description (string) –

        The description of the transit gateway.

      • CreationTime (datetime) –

        The creation time.

      • Options (dict) –

        The transit gateway options.

        • AmazonSideAsn (integer) –

          A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.

        • TransitGatewayCidrBlocks (list) –

          The transit gateway CIDR blocks.

          • (string) –

        • AutoAcceptSharedAttachments (string) –

          Indicates whether attachment requests are automatically accepted.

        • DefaultRouteTableAssociation (string) –

          Indicates whether resource attachments are automatically associated with the default association route table.

        • AssociationDefaultRouteTableId (string) –

          The ID of the default association route table.

        • DefaultRouteTablePropagation (string) –

          Indicates whether resource attachments automatically propagate routes to the default propagation route table.

        • PropagationDefaultRouteTableId (string) –

          The ID of the default propagation route table.

        • VpnEcmpSupport (string) –

          Indicates whether Equal Cost Multipath Protocol support is enabled.

        • DnsSupport (string) –

          Indicates whether DNS support is enabled.

        • SecurityGroupReferencingSupport (string) –

          Note

          This parameter is in preview and may not be available for your account.

          Enables you to reference a security group across VPCs attached to a transit gateway. Use this option to simplify security group management and control of instance-to-instance traffic across VPCs that are connected by transit gateway. You can also use this option to migrate from VPC peering (which was the only option that supported security group referencing) to transit gateways (which now also support security group referencing). This option is disabled by default and there are no additional costs to use this feature.

        • MulticastSupport (string) –

          Indicates whether multicast is enabled on the transit gateway

      • Tags (list) –

        The tags for the transit gateway.

        • (dict) –

          Describes a tag.

          • Key (string) –

            The key of the tag.

            Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with aws:.

          • Value (string) –

            The value of the tag.

            Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.