:doc:`EC2 <../../ec2>` / Client / associate_client_vpn_target_network

***********************************
associate_client_vpn_target_network
***********************************



.. py:method:: EC2.Client.associate_client_vpn_target_network(**kwargs)

  

  Associates a target network with a Client VPN endpoint. A target network is a subnet in a VPC. You can associate multiple subnets from the same VPC with a Client VPN endpoint. You can associate only one subnet in each Availability Zone. We recommend that you associate at least two subnets to provide Availability Zone redundancy.

   

  If you specified a VPC when you created the Client VPN endpoint or if you have previous subnet associations, the specified subnet must be in the same VPC. To specify a subnet that's in a different VPC, you must first modify the Client VPN endpoint (  ModifyClientVpnEndpoint) and change the VPC that's associated with it.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateClientVpnTargetNetwork>`_  


  **Request Syntax**
  ::

    response = client.associate_client_vpn_target_network(
        ClientVpnEndpointId='string',
        SubnetId='string',
        ClientToken='string',
        DryRun=True|False
    )
    
  :type ClientVpnEndpointId: string
  :param ClientVpnEndpointId: **[REQUIRED]** 

    The ID of the Client VPN endpoint.

    

  
  :type SubnetId: string
  :param SubnetId: **[REQUIRED]** 

    The ID of the subnet to associate with the Client VPN endpoint.

    

  
  :type ClientToken: string
  :param ClientToken: 

    Unique, case-sensitive identifier that you provide to ensure the idempotency of the request. For more information, see `Ensuring idempotency <https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-idempotency.html>`__.

    This field is autopopulated if not provided.

  
  :type DryRun: boolean
  :param DryRun: 

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ``DryRunOperation``. Otherwise, it is ``UnauthorizedOperation``.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'AssociationId': 'string',
          'Status': {
              'Code': 'associating'|'associated'|'association-failed'|'disassociating'|'disassociated',
              'Message': 'string'
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **AssociationId** *(string) --* 

        The unique ID of the target network association.

        
      

      - **Status** *(dict) --* 

        The current state of the target network association.

        
        

        - **Code** *(string) --* 

          The state of the target network association.

          
        

        - **Message** *(string) --* 

          A message about the status of the target network association, if applicable.

          
    
  