Skip to main content

subnets

Creates, updates, deletes or gets a subnet resource or lists subnets in a region

Overview

Namesubnets
TypeResource
DescriptionSpecifies a subnet for the specified VPC.
For an IPv4 only subnet, specify an IPv4 CIDR block. If the VPC has an IPv6 CIDR block, you can create an IPv6 only subnet or a dual stack subnet instead. For an IPv6 only subnet, specify an IPv6 CIDR block. For a dual stack subnet, specify both an IPv4 CIDR block and an IPv6 CIDR block.
For more information, see [Subnets for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html) in the *Amazon VPC User Guide*.
Idawscc.ec2.subnets

Fields

NameDatatypeDescription
assign_ipv6_address_on_creationbooleanIndicates whether a network interface created in this subnet receives an IPv6 address. The default value is &#96;&#96;false&#96;&#96;.<br />If you specify &#96;&#96;AssignIpv6AddressOnCreation&#96;&#96;, you must also specify an IPv6 CIDR block.
vpc_idstringThe ID of the VPC the subnet is in.<br />If you update this property, you must also update the &#96;&#96;CidrBlock&#96;&#96; property.
map_public_ip_on_launchbooleanIndicates whether instances launched in this subnet receive a public IPv4 address. The default value is &#96;&#96;false&#96;&#96;.<br />AWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the &#42;Public IPv4 Address&#42; tab on the &#91;VPC pricing page&#93;(https://docs.aws.amazon.com/vpc/pricing/).
enable_lni_at_device_indexintegerIndicates the device position for local network interfaces in this subnet. For example, &#96;&#96;1&#96;&#96; indicates local network interfaces in this subnet are the secondary network interface (eth1).
network_acl_association_idstring
availability_zonestringThe Availability Zone of the subnet.<br />If you update this property, you must also update the &#96;&#96;CidrBlock&#96;&#96; property.
availability_zone_idstringThe AZ ID of the subnet.
cidr_blockstringThe IPv4 CIDR block assigned to the subnet.<br />If you update this property, we create a new subnet, and then delete the existing one.
subnet_idstring
ipv6_cidr_blocksarray
ipv6_cidr_blockstringThe IPv6 CIDR block.<br />If you specify &#96;&#96;AssignIpv6AddressOnCreation&#96;&#96;, you must also specify an IPv6 CIDR block.
outpost_arnstringThe Amazon Resource Name (ARN) of the Outpost.
ipv6_nativebooleanIndicates whether this is an IPv6 only subnet. For more information, see &#91;Subnet basics&#93;(https://docs.aws.amazon.com/vpc/latest/userguide/VPC&#95;Subnets.html#subnet-basics) in the &#42;User Guide&#42;.
enable_dns64booleanIndicates whether DNS queries made to the Amazon-provided DNS Resolver in this subnet should return synthetic IPv6 addresses for IPv4-only destinations.<br />You must first configure a NAT gateway in a public subnet (separate from the subnet containing the IPv6-only workloads). For example, the subnet containing the NAT gateway should have a &#96;&#96;0.0.0.0/0&#96;&#96; route pointing to the internet gateway. For more information, see &#91;Configure DNS64 and NAT64&#93;(https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateway-nat64-dns64.html#nat-gateway-nat64-dns64-walkthrough) in the &#42;User Guide&#42;.
private_dns_name_options_on_launchobjectThe hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see &#91;Amazon EC2 instance hostname types&#93;(https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the &#42;User Guide&#42;.<br />Available options:<br />+ EnableResourceNameDnsAAAARecord (true &#124; false)<br />+ EnableResourceNameDnsARecord (true &#124; false)<br />+ HostnameType (ip-name &#124; resource-name)
tagsarrayAny tags assigned to the subnet.
ipv4_ipam_pool_idstringAn IPv4 IPAM pool ID for the subnet.
ipv4_netmask_lengthintegerAn IPv4 netmask length for the subnet.
ipv6_ipam_pool_idstringAn IPv6 IPAM pool ID for the subnet.
ipv6_netmask_lengthintegerAn IPv6 netmask length for the subnet.
block_public_access_statesobject
regionstringAWS region.

For more information, see AWS::EC2::Subnet.

Methods

NameAccessible byRequired Params
create_resourceINSERTVpcId, region
delete_resourceDELETEdata__Identifier, region
update_resourceUPDATEdata__Identifier, data__PatchDocument, region
list_resourcesSELECTregion
get_resourceSELECTdata__Identifier, region

SELECT examples

Gets all properties from an individual subnet.

SELECT
region,
assign_ipv6_address_on_creation,
vpc_id,
map_public_ip_on_launch,
enable_lni_at_device_index,
network_acl_association_id,
availability_zone,
availability_zone_id,
cidr_block,
subnet_id,
ipv6_cidr_blocks,
ipv6_cidr_block,
outpost_arn,
ipv6_native,
enable_dns64,
private_dns_name_options_on_launch,
tags,
ipv4_ipam_pool_id,
ipv4_netmask_length,
ipv6_ipam_pool_id,
ipv6_netmask_length,
block_public_access_states
FROM awscc.ec2.subnets
WHERE region = 'us-east-1' AND data__Identifier = '<SubnetId>';

INSERT example

Use the following StackQL query and manifest file to create a new subnet resource, using stack-deploy.

/*+ create */
INSERT INTO awscc.ec2.subnets (
 VpcId,
 region
)
SELECT 
'{{ VpcId }}',
'{{ region }}';

DELETE example

/*+ delete */
DELETE FROM awscc.ec2.subnets
WHERE data__Identifier = '<SubnetId>'
AND region = 'us-east-1';

Permissions

To operate on the subnets resource, the following permissions are required:

Create

ec2:DescribeSubnets,
ec2:CreateSubnet,
ec2:CreateTags,
ec2:ModifySubnetAttribute

Read

ec2:DescribeSubnets,
ec2:DescribeNetworkAcls

Update

ec2:DescribeSubnets,
ec2:ModifySubnetAttribute,
ec2:CreateTags,
ec2:DeleteTags,
ec2:AssociateSubnetCidrBlock,
ec2:DisassociateSubnetCidrBlock

Delete

ec2:DescribeSubnets,
ec2:DeleteSubnet

List

ec2:DescribeSubnets,
ec2:DescribeNetworkAcls