GlobalAccelerator / Client / create_cross_account_attachment
create_cross_account_attachment#
- GlobalAccelerator.Client.create_cross_account_attachment(**kwargs)#
Create a cross-account attachment in Global Accelerator. You create a cross-account attachment to specify the principals who have permission to work with resources in accelerators in their own account. You specify, in the same attachment, the resources that are shared.
A principal can be an Amazon Web Services account number or the Amazon Resource Name (ARN) for an accelerator. For account numbers that are listed as principals, to work with a resource listed in the attachment, you must sign in to an account specified as a principal. Then, you can work with resources that are listed, with any of your accelerators. If an accelerator ARN is listed in the cross-account attachment as a principal, anyone with permission to make updates to the accelerator can work with resources that are listed in the attachment.
Specify each principal and resource separately. To specify two CIDR address pools, list them individually under
Resources, and so on. For a command line operation, for example, you might use a statement like the following:"Resources": [{"Cidr": "169.254.60.0/24"},{"Cidr": "169.254.59.0/24"}]For more information, see Working with cross-account attachments and resources in Global Accelerator in the Global Accelerator Developer Guide.
See also: AWS API Documentation
Request Syntax
response = client.create_cross_account_attachment( Name='string', Principals=[ 'string', ], Resources=[ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ], IdempotencyToken='string', Tags=[ { 'Key': 'string', 'Value': 'string' }, ] )
- Parameters:
Name (string) –
[REQUIRED]
The name of the cross-account attachment.
Principals (list) –
The principals to include in the cross-account attachment. A principal can be an Amazon Web Services account number or the Amazon Resource Name (ARN) for an accelerator.
(string) –
Resources (list) –
The Amazon Resource Names (ARNs) for the resources to include in the cross-account attachment. A resource can be any supported Amazon Web Services resource type for Global Accelerator or a CIDR range for a bring your own IP address (BYOIP) address pool.
(dict) –
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) –
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) –
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) –
The Amazon Web Services Region where a shared endpoint resource is located.
IdempotencyToken (string) –
[REQUIRED]
A unique, case-sensitive identifier that you provide to ensure the idempotency—that is, the uniqueness—of the request.
This field is autopopulated if not provided.
Tags (list) –
Add tags for a cross-account attachment.
For more information, see Tagging in Global Accelerator in the Global Accelerator Developer Guide.
(dict) –
A complex type that contains a
Tagkey andTagvalue.Key (string) – [REQUIRED]
A string that contains a
Tagkey.Value (string) – [REQUIRED]
A string that contains a
Tagvalue.
- Return type:
dict
- Returns:
Response Syntax
{ 'CrossAccountAttachment': { 'AttachmentArn': 'string', 'Name': 'string', 'Principals': [ 'string', ], 'Resources': [ { 'EndpointId': 'string', 'Cidr': 'string', 'Region': 'string' }, ], 'LastModifiedTime': datetime(2015, 1, 1), 'CreatedTime': datetime(2015, 1, 1) } }
Response Structure
(dict) –
CrossAccountAttachment (dict) –
Information about the cross-account attachment.
AttachmentArn (string) –
The Amazon Resource Name (ARN) of the cross-account attachment.
Name (string) –
The name of the cross-account attachment.
Principals (list) –
The principals included in the cross-account attachment.
(string) –
Resources (list) –
The resources included in the cross-account attachment.
(dict) –
A resource is one of the following: the ARN for an Amazon Web Services resource that is supported by Global Accelerator to be added as an endpoint, or a CIDR range that specifies a bring your own IP (BYOIP) address pool.
EndpointId (string) –
The endpoint ID for the endpoint that is specified as a Amazon Web Services resource.
An endpoint ID for the cross-account feature is the ARN of an Amazon Web Services resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator.
Cidr (string) –
An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator
For more information, see Bring your own IP addresses (BYOIP) in the Global Accelerator Developer Guide.
Region (string) –
The Amazon Web Services Region where a shared endpoint resource is located.
LastModifiedTime (datetime) –
The date and time that the cross-account attachment was last modified.
CreatedTime (datetime) –
The date and time that the cross-account attachment was created.
Exceptions