Amazon EC2 Driver Documentation

Amazon Elastic Compute Cloud (EC2) is one of the oldest IaaS service providers out there and a central part of Amazon.com’s cloud computing platform, Amazon Web Services (AWS).

../../_images/aws.png

It allows users to rent virtual servers in more than 8 regions such as:

  • US East (Northern Virginia) Region
  • US West (Oregon) Region
  • US West (Northern California) Region
  • EU (Ireland) Region
  • Asia Pacific (Singapore) Region
  • Asia Pacific (Sydney) Region
  • Asia Pacific (Tokyo) Region
  • South America (Sao Paulo) Region

Using temporary security credentials

Since Libcloud 0.14.0 above, all the Amazon drivers support using temporary security credentials.

Temporary credentials can be used by passing token argument to the driver constructor in addition to the access and secret key. In this case token represents a temporary session token, access key represents temporary access key and secret key represents a temporary secret key.

For example:

from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver

cls = get_driver(Provider.EC2_US_WEST)
driver = cls('temporary access key', 'temporary secret key',
             token='temporary session token')

For more information, please refer to the Using Temporary Security Credentials section of the official documentation.

Examples

Allocate, Associate, Disassociate, and Release an Elastic IP

from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver

ACCESS_ID = 'your access id'
SECRET_KEY = 'your secret key'

IMAGE_ID = 'ami-c8052d8d'
SIZE_ID = 't1.micro'

cls = get_driver(Provider.EC2_US_WEST)
driver = cls(ACCESS_ID, SECRET_KEY)

sizes = driver.list_sizes()
images = driver.list_images()

size = [s for s in sizes if s.id == SIZE_ID][0]
image = [i for i in images if i.id == IMAGE_ID][0]

node = driver.create_node(name='test-node', image=image, size=size)

# Here we allocate and associate an elastic IP
elastic_ip = driver.ex_allocate_address()
driver.ex_associate_address_with_node(node, elastic_ip)

# When we are done with our elastic IP, we can disassociate from our
# node, and release it
driver.ex_disassociate_address(elastic_ip)
driver.ex_release_address(elastic_ip)

Create a general purpose SSD volume

from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver

cls = get_driver(Provider.EC2, region='us-east-i1')
driver = cls('access key', 'secret key')

volume = driver.create_volume(size=100, name='Test GP volume',
                              ex_volume_type='gp2')

Create a provisioned IOPS volume

from libcloud.compute.types import Provider
from libcloud.compute.providers import get_driver

cls = get_driver(Provider.EC2, region='us-east-i1')
driver = cls('access key', 'secret key')

volume = driver.create_volume(size=100, name='Test IOPS volume',
                              ex_volume_type='io1', ex_iops=1000)

API Docs

class libcloud.compute.drivers.ec2.BaseEC2NodeDriver(key, secret=None, secure=True, host=None, port=None, api_version=None, **kwargs)[source]

Base Amazon EC2 node driver.

Used for main EC2 and other derivate driver classes to inherit from it.

connectionCls

alias of EC2Connection

copy_image(image, source_region, name=None, description=None)[source]

Copy an Amazon Machine Image from the specified source region to the current region.

@inherits: NodeDriver.copy_image

Parameters:
  • source_region (str) – The region where the image resides
  • image (NodeImage) – Instance of class NodeImage
  • name (str) – The name of the new image
  • description (str) – The description of the new image
Returns:

Instance of class NodeImage

Return type:

NodeImage

create_image(node, name, description=None, reboot=False, block_device_mapping=None)[source]

Create an Amazon Machine Image based off of an EBS-backed instance.

@inherits: NodeDriver.create_image

Parameters:
  • node – Instance of Node
  • name (str) – The name for the new image
  • block_device_mapping (list of dict) – A dictionary of the disk layout An example of this dict is included below.
  • reboot (bool) – Whether or not to shutdown the instance before creation. Amazon calls this NoReboot and sets it to false by default to ensure a clean image.
  • description (str) – An optional description for the new image

An example block device mapping dictionary is included:

mapping = [{‘VirtualName’: None,
‘Ebs’: {‘VolumeSize’: 10,
‘VolumeType’: ‘standard’, ‘DeleteOnTermination’: ‘true’}, ‘DeviceName’: ‘/dev/sda1’}]
Returns:Instance of class NodeImage
Return type:NodeImage
create_node(**kwargs)[source]

Create a new EC2 node.

Reference: http://bit.ly/8ZyPSy [docs.amazonwebservices.com]

@inherits: NodeDriver.create_node

Parameters:
  • ex_keyname (str) – The name of the key pair
  • ex_userdata (str) – User data
  • ex_security_groups (list) – A list of names of security groups to assign to the node.
  • ex_security_group_ids (list) – A list of ids of security groups to assign to the node.[for VPC nodes only]
  • ex_metadata (dict) – Key/Value metadata to associate with a node
  • ex_mincount (int) – Minimum number of instances to launch
  • ex_maxcount (int) – Maximum number of instances to launch
  • ex_clienttoken (str) – Unique identifier to ensure idempotency
  • ex_blockdevicemappings (list of dict) – list of dict block device mappings.
  • ex_iamprofile (str) – Name or ARN of IAM profile
  • ex_ebs_optimized (bool) – EBS-Optimized if True
  • ex_subnet (EC2Subnet) – The subnet to launch the instance into.
  • ex_placement_group (str) – The name of the placement group to launch the instance into.
create_volume(size, name, location=None, snapshot=None, ex_volume_type='standard', ex_iops=None)[source]
Parameters:
  • location (ExEC2AvailabilityZone) – Datacenter in which to create a volume in.
  • ex_volume_type (str) – Type of volume to create.
  • iops (int) – The number of I/O operations per second (IOPS) that the volume supports. Only used if ex_volume_type is io1.
create_volume_snapshot(volume, name=None)[source]

Create snapshot from volume

Parameters:
  • volume (StorageVolume) – Instance of StorageVolume
  • name (str) – Name of snapshot
Return type:

VolumeSnapshot

delete_image(image)[source]

Deletes an image at Amazon given a NodeImage object

@inherits: NodeDriver.delete_image

Parameters:image – Instance of NodeImage
Return type:bool
deploy_node(**kwargs)

Create a new node, and start deployment.

In order to be able to SSH into a created node access credentials are required.

A user can pass either a NodeAuthPassword or NodeAuthSSHKey to the auth argument. If the create_node implementation supports that kind if credential (as declared in self.features['create_node']) then it is passed on to create_node. Otherwise it is not passed on to create_node and it is only used for authentication.

If the auth parameter is not supplied but the driver declares it supports generates_password then the password returned by create_node will be used to SSH into the server.

Finally, if the ssh_key_file is supplied that key will be used to SSH into the server.

This function may raise a DeploymentException, if a create_node call was successful, but there is a later error (like SSH failing or timing out). This exception includes a Node object which you may want to destroy if incomplete deployments are not desirable.

>>> from libcloud.compute.drivers.dummy import DummyNodeDriver
>>> from libcloud.compute.deployment import ScriptDeployment
>>> from libcloud.compute.deployment import MultiStepDeployment
>>> from libcloud.compute.base import NodeAuthSSHKey
>>> driver = DummyNodeDriver(0)
>>> key = NodeAuthSSHKey('...') # read from file
>>> script = ScriptDeployment("yum -y install emacs strace tcpdump")
>>> msd = MultiStepDeployment([key, script])
>>> def d():
...     try:
...         driver.deploy_node(deploy=msd)
...     except NotImplementedError:
...         print ("not implemented for dummy driver")
>>> d()
not implemented for dummy driver

Deploy node is typically not overridden in subclasses. The existing implementation should be able to handle most such.

Parameters:
  • deploy (Deployment) – Deployment to run once machine is online and available to SSH.
  • ssh_username (str) – Optional name of the account which is used when connecting to SSH server (default is root)
  • ssh_alternate_usernames (list) – Optional list of ssh usernames to try to connect with if using the default one fails
  • ssh_port (int) – Optional SSH server port (default is 22)
  • ssh_timeout (float) – Optional SSH connection timeout in seconds (default is 10)
  • auth (NodeAuthSSHKey or NodeAuthPassword) – Initial authentication information for the node (optional)
  • ssh_key (str or list of str) – A path (or paths) to an SSH private key with which to attempt to authenticate. (optional)
  • timeout (int) – How many seconds to wait before timing out. (default is 600)
  • max_tries (int) – How many times to retry if a deployment fails before giving up (default is 3)
  • ssh_interface (str) – The interface to wait for. Default is ‘public_ips’, other option is ‘private_ips’.
ex_allocate_address(domain='standard')[source]

Allocate a new Elastic IP address for EC2 classic or VPC

Parameters:domain (str) – The domain to allocate the new address in (standard/vpc)
Returns:Instance of ElasticIP
Return type:ElasticIP
ex_associate_address_with_node(node, elastic_ip, domain=None)[source]

Associate an Elastic IP address with a particular node.

Parameters:
  • node (Node) – Node instance
  • elastic_ip (ElasticIP) – Elastic IP instance
  • domain (str) – The domain where the IP resides (vpc only)
Returns:

A string representation of the association ID which is required for VPC disassociation. EC2/standard addresses return None

Return type:

None or str

ex_associate_addresses(node, elastic_ip, domain=None)[source]

Note: This method has been deprecated in favor of the ex_associate_address_with_node method.

ex_associate_route_table(route_table, subnet)[source]

Associates a route table with a subnet within a VPC.

Note: A route table can be associated with multiple subnets.

Parameters:
  • route_table (EC2RouteTable) – The route table to associate.
  • subnet (EC2Subnet) – The subnet to associate with.
Returns:

Route table association ID.

Return type:

str

ex_attach_internet_gateway(gateway, network)[source]

Attach an Internet gateway to a VPC

Parameters:
  • gateway (VPCInternetGateway) – The gateway to attach
  • network (EC2Network) – The VPC network to attach to
Return type:

bool

ex_attach_network_interface_to_node(network_interface, node, device_index)[source]

Attach a network interface to an instance.

Parameters:
  • network_interface (EC2NetworkInterface) – EC2NetworkInterface instance
  • node (Node) – Node instance
  • device_index (int) – The interface device index
Returns:

String representation of the attachment id. This is required to detach the interface.

Return type:

str

ex_authorize_security_group(name, from_port, to_port, cidr_ip, protocol='tcp')[source]

Edit a Security Group to allow specific traffic.

@note: This is a non-standard extension API, and only works for EC2.

Parameters:
  • name (str) – The name of the security group to edit
  • from_port (str) – The beginning of the port range to open
  • to_port (str) – The end of the port range to open
  • cidr_ip (str) – The ip to allow traffic for.
  • protocol (str) – tcp/udp/icmp
Return type:

bool

ex_authorize_security_group_egress(id, from_port, to_port, cidr_ips, group_pairs=None, protocol='tcp')[source]

Edit a Security Group to allow specific egress traffic using CIDR blocks or either a group ID, group name or user ID (account). This call is not supported for EC2 classic and only works for VPC groups.

Parameters:
  • id (str) – The id of the security group to edit
  • from_port (int) – The beginning of the port range to open
  • to_port (int) – The end of the port range to open
  • cidr_ips (list) – The list of ip ranges to allow traffic for.
  • group_pairs (list of dict) –

    Source user/group pairs to allow traffic for. More info can be found at http://goo.gl/stBHJF

    EC2 Classic Example: To allow access from any system associated with the default group on account 1234567890

    [{‘group_name’: ‘default’, ‘user_id’: ‘1234567890’}]

    VPC Example: Allow access from any system associated with security group sg-47ad482e on your own account

    [{‘group_id’: ‘ sg-47ad482e’}]

  • protocol (str) – tcp/udp/icmp
Return type:

bool

ex_authorize_security_group_ingress(id, from_port, to_port, cidr_ips=None, group_pairs=None, protocol='tcp')[source]

Edit a Security Group to allow specific ingress traffic using CIDR blocks or either a group ID, group name or user ID (account).

Parameters:
  • id (str) – The id of the security group to edit
  • from_port (int) – The beginning of the port range to open
  • to_port (int) – The end of the port range to open
  • cidr_ips (list) – The list of ip ranges to allow traffic for.
  • group_pairs (list of dict) –

    Source user/group pairs to allow traffic for. More info can be found at http://goo.gl/stBHJF

    EC2 Classic Example: To allow access from any system associated with the default group on account 1234567890

    [{‘group_name’: ‘default’, ‘user_id’: ‘1234567890’}]

    VPC Example: Allow access from any system associated with security group sg-47ad482e on your own account

    [{‘group_id’: ‘ sg-47ad482e’}]

  • protocol (str) – tcp/udp/icmp
Return type:

bool

ex_authorize_security_group_permissive(name)[source]

Edit a Security Group to allow all traffic.

@note: This is a non-standard extension API, and only works for EC2.

Parameters:name (str) – The name of the security group to edit
Return type:list of str
ex_change_node_size(node, new_size)[source]

Change the node size. Note: Node must be turned of before changing the size.

Parameters:
  • node (Node) – Node instance
  • new_size (NodeSize) – NodeSize intance
Returns:

True on success, False otherwise.

Return type:

bool

ex_create_internet_gateway(name=None)[source]

Delete a VPC Internet gateway

Return type:bool
ex_create_keypair(name)[source]

Creates a new keypair

@note: This is a non-standard extension API, and only works for EC2.

Parameters:name (str) – The name of the keypair to Create. This must be unique, otherwise an InvalidKeyPair.Duplicate exception is raised.
Return type:dict
ex_create_network(cidr_block, name=None, instance_tenancy='default')[source]

Create a network/VPC

Parameters:
  • cidr_block (str) – The CIDR block assigned to the network
  • name (str) – An optional name for the network
  • instance_tenancy (str) – The allowed tenancy of instances launched into the VPC. Valid values: default/dedicated
Returns:

Dictionary of network properties

Return type:

dict

ex_create_network_interface(subnet, name=None, description=None, private_ip_address=None)[source]

Create a network interface within a VPC subnet.

Parameters:
  • subnet (EC2NetworkSubnet) – EC2NetworkSubnet instance
  • name (str) – Optional name of the interface
  • description (str) – Optional description of the network interface
  • private_ip_address (str) – Optional address to assign as the primary private IP address of the interface. If one is not provided then Amazon will automatically auto-assign an available IP. EC2 allows assignment of multiple IPs, but this will be the primary.
Returns:

EC2NetworkInterface instance

Return type:

:class EC2NetworkInterface

ex_create_placement_group(name)[source]

Creates new Placement Group

Parameters:name (str) – Name for new placement Group
Return type:bool
ex_create_route(route_table, cidr, internet_gateway=None, node=None, network_interface=None, vpc_peering_connection=None)[source]

Creates a route entry in the route table.

Parameters:
  • route_table (EC2RouteTable) – The route table to create the route in.
  • cidr (str) – The CIDR block used for the destination match.
  • internet_gateway (VPCInternetGateway) – The internet gateway to route traffic through.
  • node (Node) – The NAT instance to route traffic through.
  • network_interface (EC2NetworkInterface) – The network interface of the node to route traffic through.
  • vpc_peering_connection (VPCPeeringConnection) – The VPC peering connection.
Return type:

bool

Note: You must specify one of the following: internet_gateway,
node, network_interface, vpc_peering_connection.
ex_create_route_table(network, name=None)[source]

Create a route table within a VPC.

Parameters:vpc_id (EC2Network) – The VPC that the subnet should be created in.
Return type:
class:.EC2RouteTable
ex_create_security_group(name, description, vpc_id=None)[source]

Creates a new Security Group in EC2-Classic or a targeted VPC.

Parameters:
  • name (str) – The name of the security group to Create. This must be unique.
  • description (str) – Human readable description of a Security Group.
  • vpc_id (str) – Optional identifier for VPC networks
Return type:

dict

ex_create_subnet(vpc_id, cidr_block, availability_zone, name=None)[source]

Create a network subnet within a VPC

Parameters:
  • vpc_id (str) – The ID of the VPC that the subnet should be associated with
  • cidr_block (str) – The CIDR block assigned to the subnet
  • availability_zone (str) – The availability zone where the subnet should reside
  • name (str) – An optional name for the network
Return type:

class:EC2NetworkSubnet

ex_create_tags(resource, tags)[source]

Create tags for a resource (Node or StorageVolume).

Parameters:
  • resource (Node or StorageVolume) – Resource to be tagged
  • tags (dict) – A dictionary or other mapping of strings to strings, associating tag names with tag values.
Return type:

bool

ex_delete_internet_gateway(gateway)[source]

Delete a VPC Internet gateway

Parameters:gateway (VPCInternetGateway) – The gateway to delete
Return type:bool
ex_delete_keypair(keypair)[source]

Delete a key pair by name.

@note: This is a non-standard extension API, and only works with EC2.

Parameters:keypair (str) – The name of the keypair to delete.
Return type:bool
ex_delete_network(vpc)[source]

Deletes a network/VPC.

Parameters:vpc (EC2Network) – VPC to delete.
Return type:bool
ex_delete_network_interface(network_interface)[source]

Deletes a network interface.

Parameters:network_interface (EC2NetworkInterface) – EC2NetworkInterface instance
Return type:bool
ex_delete_placement_group(name)[source]

Deletes Placement Group

Parameters:name (str) – Placement Group name
Return type:bool
ex_delete_route(route_table, cidr)[source]

Deletes a route entry from the route table.

Parameters:
  • route_table (EC2RouteTable) – The route table to delete the route from.
  • cidr (str) – The CIDR block used for the destination match.
Return type:

bool

ex_delete_route_table(route_table)[source]

Deletes a VPC route table.

Parameters:route_table (EC2RouteTable) – The route table to delete.
Return type:bool
ex_delete_security_group(name)[source]

Wrapper method which calls ex_delete_security_group_by_name.

Parameters:name (str) – The name of the security group
Return type:bool
ex_delete_security_group_by_id(group_id)[source]

Deletes a new Security Group using the group id.

Parameters:group_id (str) – The ID of the security group
Return type:bool
ex_delete_security_group_by_name(group_name)[source]

Deletes a new Security Group using the group name.

Parameters:group_name (str) – The name of the security group
Return type:bool
ex_delete_subnet(subnet)[source]

Deletes a VPC subnet.

Parameters:subnet (EC2NetworkSubnet) – The subnet to delete
Return type:bool
ex_delete_tags(resource, tags)[source]

Delete tags from a resource.

Parameters:
  • resource (Node or StorageVolume) – Resource to be tagged
  • tags (dict) – A dictionary or other mapping of strings to strings, specifying the tag names and tag values to be deleted.
Return type:

bool

ex_describe_addresses(nodes)[source]

Return Elastic IP addresses for all the nodes in the provided list.

Parameters:nodes (list of Node) – List of Node instances
Returns:Dictionary where a key is a node ID and the value is a list with the Elastic IP addresses associated with this node.
Return type:dict
ex_describe_addresses_for_node(node)[source]

Return a list of Elastic IP addresses associated with this node.

Parameters:node (Node) – Node instance
Returns:list Elastic IP addresses attached to this node.
Return type:list of str
ex_describe_all_addresses(only_associated=False)[source]

Return all the Elastic IP addresses for this account optionally, return only addresses associated with nodes

Parameters:only_associated (bool) – If true, return only those addresses that are associated with an instance.
Returns:List of ElasticIP instances.
Return type:list of ElasticIP
ex_describe_all_keypairs()[source]

Return names for all the available key pairs.

@note: This is a non-standard extension API, and only works for EC2.

Return type:list of str
ex_describe_keypair(name)[source]

Describes a keypair by name.

@note: This is a non-standard extension API, and only works for EC2.

Parameters:name (str) – The name of the keypair to describe.
Return type:dict
ex_describe_keypairs(name)[source]

Here for backward compatibility.

ex_describe_tags(resource)[source]

Return a dictionary of tags for a resource (Node or StorageVolume).

Parameters:resource (Node or StorageVolume) – resource which should be used
Returns:dict Node tags
Return type:dict
ex_detach_internet_gateway(gateway, network)[source]

Detach an Internet gateway from a VPC

Parameters:
  • gateway (VPCInternetGateway) – The gateway to detach
  • network (EC2Network) – The VPC network to detach from
Return type:

bool

ex_detach_network_interface(attachment_id, force=False)[source]

Detach a network interface from an instance.

Parameters:
  • attachment_id (str) – The attachment ID associated with the interface
  • force (bool) – Forces the detachment.
Returns:

True on successful detachment, False otherwise.

Return type:

bool

ex_disassociate_address(elastic_ip, domain=None)[source]

Disassociate an Elastic IP address using the IP (EC2-Classic) or the association ID (VPC)

Parameters:
  • elastic_ip (ElasticIP) – ElasticIP instance
  • domain (str) – The domain where the IP resides (vpc only)
Returns:

True on success, False otherwise.

Return type:

bool

ex_dissociate_route_table(subnet_association)[source]

Dissociates a subnet from a route table.

Parameters:subnet_association (EC2SubnetAssociation or str) – The subnet association object or subnet association ID.
Return type:bool
ex_find_or_import_keypair_by_key_material(pubkey)[source]

Given a public key, look it up in the EC2 KeyPair database. If it exists, return any information we have about it. Otherwise, create it.

Keys that are created are named based on their comment and fingerprint.

Return type:dict
ex_get_console_output(node)[source]

Get console output for the node.

Parameters:node (Node) – Node which should be used
Returns:Dictionary with the following keys: - instance_id (str) - timestamp (datetime.datetime) - ts of the last output - output (str) - console output
Return type:dict
ex_get_limits()[source]

Retrieve account resource limits.

Return type:dict
ex_get_metadata_for_node(node)[source]

Return the metadata associated with the node.

Parameters:node (Node) – Node instance
Returns:A dictionary or other mapping of strings to strings, associating tag names with tag values.
Rtype tags:dict
ex_get_security_groups(group_ids=None, group_names=None, filters=None)[source]

Return a list of EC2SecurityGroup objects for the current region.

Parameters:
  • group_ids (list) – Return only groups matching the provided group IDs.
  • group_names – Return only groups matching the provided group names.
  • filters (dict) – The filters so that the response includes information for only specific security groups.
Return type:

list of EC2SecurityGroup

ex_import_keypair(name, keyfile)[source]

imports a new public key where the public key is passed via a filename

@note: This is a non-standard extension API, and only works for EC2.

Parameters:
  • name (str) – The name of the public key to import. This must be unique, otherwise an InvalidKeyPair.Duplicate exception is raised.
  • keyfile (str) – The filename with path of the public key to import.
Return type:

dict

ex_import_keypair_from_string(name, key_material)[source]

imports a new public key where the public key is passed in as a string

@note: This is a non-standard extension API, and only works for EC2.

Parameters:
  • name (str) – The name of the public key to import. This must be unique, otherwise an InvalidKeyPair.Duplicate exception is raised.
  • key_material (str) – The contents of a public key file.
Return type:

dict

ex_list_availability_zones(only_available=True)[source]

Return a list of ExEC2AvailabilityZone objects for the current region.

Note: This is an extension method and is only available for EC2 driver.

Parameters:only_available (str) – If true, return only availability zones with state ‘available’
Return type:list of ExEC2AvailabilityZone
ex_list_internet_gateways(gateway_ids=None, filters=None)[source]

Describes available Internet gateways and whether or not they are attached to a VPC. These are required for VPC nodes to communicate over the Internet.

Parameters:
  • gateway_ids (list) – Return only intenet gateways matching the provided internet gateway IDs. If not specified, a list of all the internet gateways in the corresponding region is returned.
  • filters (dict) – The filters so that the response includes information for only certain gateways.
Return type:

list of VPCInternetGateway

ex_list_keypairs()[source]

Lists all the keypair names and fingerprints.

Return type:list of dict
ex_list_network_interfaces()[source]

Return all network interfaces

Returns:List of EC2NetworkInterface instances
Return type:list of :class EC2NetworkInterface
ex_list_networks(network_ids=None, filters=None)[source]

Return a list of EC2Network objects for the current region.

Parameters:
  • network_ids (list) – Return only networks matching the provided network IDs. If not specified, a list of all the networks in the corresponding region is returned.
  • filters (dict) – The filters so that the response includes information for only certain networks.
Return type:

list of EC2Network

ex_list_placement_groups(names=None)[source]

List Placement Groups

Parameters:names (list of str) – Placement Group names
Return type:list of EC2PlacementGroup
ex_list_reserved_nodes()[source]

List all reserved instances/nodes which can be purchased from Amazon for one or three year terms. Reservations are made at a region level and reduce the hourly charge for instances.

More information can be found at http://goo.gl/ulXCC7.

Return type:list of EC2ReservedNode
ex_list_route_tables(route_table_ids=None, filters=None)[source]

Describes one or more of a VPC’s route tables. These are used to determine where network traffic is directed.

Parameters:
  • route_table_ids (list) – Return only route tables matching the provided route table IDs. If not specified, a list of all the route tables in the corresponding region is returned.
  • filters (dict) – The filters so that the response includes information for only certain route tables.
Return type:

list of EC2RouteTable

ex_list_security_groups()[source]

List existing Security Groups.

@note: This is a non-standard extension API, and only works for EC2.

Return type:list of str
ex_list_subnets(subnet_ids=None, filters=None)[source]

Return a list of EC2NetworkSubnet objects for the current region.

Parameters:
  • subnet_ids (list) – Return only subnets matching the provided subnet IDs. If not specified, a list of all the subnets in the corresponding region is returned.
  • filters (dict) – The filters so that the response includes information for only certain subnets.
Return type:

list of EC2NetworkSubnet

ex_modify_image_attribute(image, attributes)[source]

Modify image attributes.

Parameters:
  • image (NodeImage) – NodeImage instance
  • attributes (dict) – Dictionary with node attributes
Returns:

True on success, False otherwise.

Return type:

bool

ex_modify_instance_attribute(node, attributes)[source]

Modify node attributes. A list of valid attributes can be found at http://goo.gl/gxcj8

Parameters:
  • node (Node) – Node instance
  • attributes (dict) – Dictionary with node attributes
Returns:

True on success, False otherwise.

Return type:

bool

ex_register_image(name, description=None, architecture=None, image_location=None, root_device_name=None, block_device_mapping=None, kernel_id=None, ramdisk_id=None, virtualization_type=None)[source]

Registers an Amazon Machine Image based off of an EBS-backed instance. Can also be used to create images from snapshots. More information can be found at http://goo.gl/hqZq0a.

Parameters:
  • name (str) – The name for the AMI being registered
  • description (str) – The description of the AMI (optional)
  • architecture (str) – The architecture of the AMI (i386/x86_64) (optional)
  • image_location (str) – The location of the AMI within Amazon S3 Required if registering an instance store-backed AMI
  • root_device_name (str) – The device name for the root device Required if registering an EBS-backed AMI
  • block_device_mapping (dict) – A dictionary of the disk layout (optional)
  • kernel_id (str) – Kernel id for AMI (optional)
  • ramdisk_id (str) – RAM disk for AMI (optional)
  • virtualization_type (str) – The type of virtualization for the AMI you are registering, paravirt or hvm (optional)
Return type:

NodeImage

ex_release_address(elastic_ip, domain=None)[source]

Release an Elastic IP address using the IP (EC2-Classic) or using the allocation ID (VPC)

Parameters:
  • elastic_ip (ElasticIP) – Elastic IP instance
  • domain (str) – The domain where the IP resides (vpc only)
Returns:

True on success, False otherwise.

Return type:

bool

ex_replace_route(route_table, cidr, internet_gateway=None, node=None, network_interface=None, vpc_peering_connection=None)[source]

Replaces an existing route entry within a route table in a VPC.

Parameters:
  • route_table (EC2RouteTable) – The route table to replace the route in.
  • cidr (str) – The CIDR block used for the destination match.
  • internet_gateway (VPCInternetGateway) – The new internet gateway to route traffic through.
  • node (Node) – The new NAT instance to route traffic through.
  • network_interface (EC2NetworkInterface) – The new network interface of the node to route traffic through.
  • vpc_peering_connection (VPCPeeringConnection) – The new VPC peering connection.
Return type:

bool

Note: You must specify one of the following: internet_gateway,
node, network_interface, vpc_peering_connection.
ex_replace_route_table_association(subnet_association, route_table)[source]

Changes the route table associated with a given subnet in a VPC.

Note: This method can be used to change which table is the main route
table in the VPC (Specify the main route table’s association ID and the route table to be the new main route table).
Parameters:
  • subnet_association (EC2SubnetAssociation or str) – The subnet association object or subnet association ID.
  • route_table (EC2RouteTable) – The new route table to associate.
Returns:

New route table association ID.

Return type:

str

ex_revoke_security_group_egress(id, from_port, to_port, cidr_ips=None, group_pairs=None, protocol='tcp')[source]

Edit a Security Group to revoke specific egress traffic using CIDR blocks or either a group ID, group name or user ID (account). This call is not supported for EC2 classic and only works for VPC groups.

Parameters:
  • id (str) – The id of the security group to edit
  • from_port (int) – The beginning of the port range to open
  • to_port (int) – The end of the port range to open
  • cidr_ips (list) – The list of ip ranges to allow traffic for.
  • group_pairs (list of dict) –

    Source user/group pairs to allow traffic for. More info can be found at http://goo.gl/stBHJF

    EC2 Classic Example: To allow access from any system associated with the default group on account 1234567890

    [{‘group_name’: ‘default’, ‘user_id’: ‘1234567890’}]

    VPC Example: Allow access from any system associated with security group sg-47ad482e on your own account

    [{‘group_id’: ‘ sg-47ad482e’}]

  • protocol (str) – tcp/udp/icmp
Return type:

bool

ex_revoke_security_group_ingress(id, from_port, to_port, cidr_ips=None, group_pairs=None, protocol='tcp')[source]

Edit a Security Group to revoke specific ingress traffic using CIDR blocks or either a group ID, group name or user ID (account).

Parameters:
  • id (str) – The id of the security group to edit
  • from_port (int) – The beginning of the port range to open
  • to_port (int) – The end of the port range to open
  • cidr_ips (list) – The list of ip ranges to allow traffic for.
  • group_pairs (list of dict) –

    Source user/group pairs to allow traffic for. More info can be found at http://goo.gl/stBHJF

    EC2 Classic Example: To allow access from any system associated with the default group on account 1234567890

    [{‘group_name’: ‘default’, ‘user_id’: ‘1234567890’}]

    VPC Example: Allow access from any system associated with security group sg-47ad482e on your own account

    [{‘group_id’: ‘ sg-47ad482e’}]

  • protocol (str) – tcp/udp/icmp
Return type:

bool

ex_start_node(node)[source]

Start the node by passing in the node object, does not work with instance store backed instances

Parameters:node (Node) – Node which should be used
Return type:bool
ex_stop_node(node)[source]

Stop the node by passing in the node object, does not work with instance store backed instances

Parameters:node (Node) – Node which should be used
Return type:bool
get_image(image_id)[source]

Get an image based on an image_id

Parameters:image_id (str) – Image identifier
Returns:A NodeImage object
Return type:NodeImage
import_key_pair_from_file(name, key_file_path)

Import a new public key from string.

Parameters:
  • name (str) – Key pair name.
  • key_file_path (str) – Path to the public key file.
Return type:

KeyPair object

list_images(location=None, ex_image_ids=None, ex_owner=None, ex_executableby=None)[source]

List all images @inherits: NodeDriver.list_images

Ex_image_ids parameter is used to filter the list of images that should be returned. Only the images with the corresponding image ids will be returned.

Ex_owner parameter is used to filter the list of images that should be returned. Only the images with the corresponding owner will be returned. Valid values: amazon|aws-marketplace|self|all|aws id

Ex_executableby parameter describes images for which the specified user has explicit launch permissions. The user can be an AWS account ID, self to return images for which the sender of the request has explicit launch permissions, or all to return images with public launch permissions. Valid values: all|self|aws id

Parameters:
  • ex_image_ids (list of str) – List of NodeImage.id
  • ex_owner (str) – Owner name
  • ex_executableby (str) – Executable by
Return type:

list of NodeImage

list_nodes(ex_node_ids=None, ex_filters=None)[source]

List all nodes

Ex_node_ids parameter is used to filter the list of nodes that should be returned. Only the nodes with the corresponding node ids will be returned.

Parameters:
  • ex_node_ids (list of str) – List of node.id
  • ex_filters (dict) – The filters so that the response includes information for only certain nodes.
Return type:

list of Node

list_snapshots(snapshot=None, owner=None)[source]

Describe all snapshots.

Parameters:
  • snapshot – If provided, only return snapshot information for the provided snapshot.
  • owner (str) – Owner for snapshot: self|amazon|ID
Return type:

list of VolumeSnapshot

wait_until_running(nodes, wait_period=3, timeout=600, ssh_interface='public_ips', force_ipv4=True)

Block until the provided nodes are considered running.

Node is considered running when it’s state is “running” and when it has at least one IP address assigned.

Parameters:
  • nodes (list of Node) – List of nodes to wait for.
  • wait_period (int) – How many seconds to wait between each loop iteration. (default is 3)
  • timeout (int) – How many seconds to wait before giving up. (default is 600)
  • ssh_interface (str) – Which attribute on the node to use to obtain an IP address. Valid options: public_ips, private_ips. Default is public_ips.
  • force_ipv4 (bool) – Ignore IPv6 addresses (default is True).
Returns:

[(Node, ip_addresses)] list of tuple of Node instance and list of ip_address on success.

Return type:

list of tuple