VPC

Idempotency Support for Route Table and Network ACL Creation in Amazon VPC!

Abhijit Ghosh
· 1 min read
Idempotency Support for Route Table and Network ACL Creation in Amazon VPC!

Amazon VPN now supports idempotency for route table and network ACL creation. You can incorporate a retry mechanism in your creation workflow without creating duplicate resources.

When creating route tables and network ACLs using the AWS CLI or API, you can now specify a clientToken parameter (--client-token) to achieve idempotency.

ℹ️
A client token is a unique, case-sensitive string of up to 64 ASCII characters.

Sample AWS CLI command:

abhijit@AwsJunkie:~$ uuidgen
abf653c2-09a2-426d-bd2d-acaac0c98a28
abhijit@AwsJunkie:~$ aws ec2 create-route-table --vpc-id vpc-00c84bd9dcad1d728 --client-token abf653c2-09a2-426d-bd2d-acaac0c98a28
{
    "RouteTable": {
        "Associations": [],
        "PropagatingVgws": [],
        "RouteTableId": "rtb-0899b6226d3a3ef9a",
        "Routes": [
            {
                "DestinationCidrBlock": "172.31.0.0/16",
                "GatewayId": "local",
                "Origin": "CreateRouteTable",
                "State": "active"
            }
        ],
        "Tags": [],
        "VpcId": "vpc-00c84bd9dcad1d728",
        "OwnerId": "141035231386"
    },
    "ClientToken": "abf653c2-09a2-426d-bd2d-acaac0c98a28"
}

Now if we retry the RouteTable creation command using the same --client-token, it will return the same route table instead of creating a new one.

abhijit@AwsJunkie:~$ aws ec2 create-route-table --vpc-id vpc-00c84bd9dcad1d728 --client-token abf653c2-09a2-426d-bd2d-acaac0c98a28
{
    "RouteTable": {
        "Associations": [],
        "PropagatingVgws": [],
        "RouteTableId": "rtb-0899b6226d3a3ef9a",
        "Routes": [
            {
                "DestinationCidrBlock": "172.31.0.0/16",
                "GatewayId": "local",
                "Origin": "CreateRouteTable",
                "State": "active"
            }
        ],
        "Tags": [],
        "VpcId": "vpc-00c84bd9dcad1d728",
        "OwnerId": "141035231386"
    },
    "ClientToken": "abf653c2-09a2-426d-bd2d-acaac0c98a28"
}

But if we retry with a different parameter (e.g. different VPC) and the same token, it will throw IdempotentParameterMismatch error. 

abhijit@AwsJunkie:~$ aws ec2 create-route-table --vpc-id vpc-03683f950edba6643 --client-token abf653c2-09a2-426d-bd2d-acaac0c98a28

An error occurred (IdempotentParameterMismatch) when calling the CreateRouteTable operation: Wrong arguments for request with token abf653c2-09a2-426d-bd2d-acaac0c98a28

For a demo, check the below video.

Related Articles

CloudFormation IaC Generator

Effortless Automation: Rapidly Generate AWS CloudFormation Templates and CDK Apps for Your Existing Resources in Minutes!

· 1 min read
Explore the Power of Account-Level Subscription Filters in Amazon CloudWatch Logs!

Explore the Power of Account-Level Subscription Filters in Amazon CloudWatch Logs!

· 1 min read
[new capability] Amazon EC2 supports disabling Amazon Machine Image (or AMI)

[new capability] Amazon EC2 supports disabling Amazon Machine Image (or AMI)

· 2 min read
Multivalue answer (MVA) support for DNS queries of Amazon S3 endpoints

Multivalue answer (MVA) support for DNS queries of Amazon S3 endpoints

· 1 min read
Automatically set up connectivity between Amazon RDS or Aurora database and AWS Lambda in minutes

Automatically set up connectivity between Amazon RDS or Aurora database and AWS Lambda in minutes

· 2 min read
How to Access Amazon S3 Bucket like a Local File System

How to Access Amazon S3 Bucket like a Local File System

· 3 min read