Select your cookie preferences

We use essential cookies and similar tools that are necessary to provide our site and services. We use performance cookies to collect anonymous statistics, so we can understand how customers use our site and make improvements. Essential cookies cannot be deactivated, but you can choose “Customize” or “Decline” to decline performance cookies.

If you agree, AWS and approved third parties will also use cookies to provide useful site features, remember your preferences, and display relevant content, including relevant advertising. To accept or decline all non-essential cookies, choose “Accept” or “Decline.” To make more detailed choices, choose “Customize.”

AWS Logo
Menu

Idempotency Support for Route Table and Network ACL Creation in Amazon VPC!

Amazon VPN now supports idempotency for route table and network ACL creation.

amazon-vpcroute-tablenetwork-aclidempotency
Abhijit Ghosh
Published Feb 9, 2024
Comments
Amazon VPN now supports idempotency for route table and network ACL creation. You can incorporate a retry mechanism in your creation workflow without creating duplicate resources.
When creating route tables and network ACLs using the AWS CLI or API, you can now specify a clientToken parameter (--client-token) to achieve idempotency.
"A client token is a unique, case-sensitive string of up to 64 ASCII characters."
Sample AWS CLI command:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
abhijit@AwsJunkie:~$ uuidgen
abf653c2-09a2-426d-bd2d-acaac0c98a28
abhijit@AwsJunkie:~$ aws ec2 create-route-table --vpc-id vpc-00c84bd9dcad1d728 --client-token abf653c2-09a2-426d-bd2d-acaac0c98a28
{
"RouteTable": {
"Associations": [],
"PropagatingVgws": [],
"RouteTableId": "rtb-0899b6226d3a3ef9a",
"Routes": [
{
"DestinationCidrBlock": "172.31.0.0/16",
"GatewayId": "local",
"Origin": "CreateRouteTable",
"State": "active"
}
],
"Tags": [],
"VpcId": "vpc-00c84bd9dcad1d728",
"OwnerId": "141035231386"
},
"ClientToken": "abf653c2-09a2-426d-bd2d-acaac0c98a28"
}
Now if we retry the RouteTable creation command using the same --client-token, it will return the same route table instead of creating a new one.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
abhijit@AwsJunkie:~$ aws ec2 create-route-table --vpc-id vpc-00c84bd9dcad1d728 --client-token abf653c2-09a2-426d-bd2d-acaac0c98a28
{
"RouteTable": {
"Associations": [],
"PropagatingVgws": [],
"RouteTableId": "rtb-0899b6226d3a3ef9a",
"Routes": [
{
"DestinationCidrBlock": "172.31.0.0/16",
"GatewayId": "local",
"Origin": "CreateRouteTable",
"State": "active"
}
],
"Tags": [],
"VpcId": "vpc-00c84bd9dcad1d728",
"OwnerId": "141035231386"
},
"ClientToken": "abf653c2-09a2-426d-bd2d-acaac0c98a28"
}
But if we retry with a different parameter (e.g. different VPC) and the same token, it will throw IdempotentParameterMismatch error.
1
2
3
abhijit@AwsJunkie:~$ aws ec2 create-route-table --vpc-id vpc-03683f950edba6643 --client-token abf653c2-09a2-426d-bd2d-acaac0c98a28

An error occurred (IdempotentParameterMismatch) when calling the CreateRouteTable operation: Wrong arguments for request with token abf653c2-09a2-426d-bd2d-acaac0c98a28
For a demo, check the video below.
 
Comments

Comments

Log in to comment