:doc:`EC2 <../../ec2>` / Client / modify_transit_gateway

**********************
modify_transit_gateway
**********************



.. py:method:: EC2.Client.modify_transit_gateway(**kwargs)

  

  Modifies the specified transit gateway. When you modify a transit gateway, the modified options are applied to new transit gateway attachments only. Your existing transit gateway attachments are not modified.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyTransitGateway>`_  


  **Request Syntax**
  ::

    response = client.modify_transit_gateway(
        TransitGatewayId='string',
        Description='string',
        Options={
            'AddTransitGatewayCidrBlocks': [
                'string',
            ],
            'RemoveTransitGatewayCidrBlocks': [
                'string',
            ],
            'VpnEcmpSupport': 'enable'|'disable',
            'DnsSupport': 'enable'|'disable',
            'SecurityGroupReferencingSupport': 'enable'|'disable',
            'AutoAcceptSharedAttachments': 'enable'|'disable',
            'DefaultRouteTableAssociation': 'enable'|'disable',
            'AssociationDefaultRouteTableId': 'string',
            'DefaultRouteTablePropagation': 'enable'|'disable',
            'PropagationDefaultRouteTableId': 'string',
            'AmazonSideAsn': 123,
            'EncryptionSupport': 'enable'|'disable'
        },
        DryRun=True|False
    )
    
  :type TransitGatewayId: string
  :param TransitGatewayId: **[REQUIRED]** 

    The ID of the transit gateway.

    

  
  :type Description: string
  :param Description: 

    The description for the transit gateway.

    

  
  :type Options: dict
  :param Options: 

    The options to modify.

    

  
    - **AddTransitGatewayCidrBlocks** *(list) --* 

      Adds IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for IPv6.

      

    
      - *(string) --* 

      
  
    - **RemoveTransitGatewayCidrBlocks** *(list) --* 

      Removes CIDR blocks for the transit gateway.

      

    
      - *(string) --* 

      
  
    - **VpnEcmpSupport** *(string) --* 

      Enable or disable Equal Cost Multipath Protocol support.

      

    
    - **DnsSupport** *(string) --* 

      Enable or disable DNS support.

      

    
    - **SecurityGroupReferencingSupport** *(string) --* 

      Enables you to reference a security group across VPCs attached to a transit gateway to simplify security group management.

       

      This option is disabled by default.

       

      For more information about security group referencing, see `Security group referencing <https://docs.aws.amazon.com/vpc/latest/tgw/tgw-vpc-attachments.html#vpc-attachment-security>`__ in the *Amazon Web Services Transit Gateways Guide*.

      

    
    - **AutoAcceptSharedAttachments** *(string) --* 

      Enable or disable automatic acceptance of attachment requests.

      

    
    - **DefaultRouteTableAssociation** *(string) --* 

      Enable or disable automatic association with the default association route table.

      

    
    - **AssociationDefaultRouteTableId** *(string) --* 

      The ID of the default association route table.

      

    
    - **DefaultRouteTablePropagation** *(string) --* 

      Indicates whether resource attachments automatically propagate routes to the default propagation route table. Enabled by default. If ``defaultRouteTablePropagation`` is set to ``enable``, Amazon Web Services Transit Gateway will create the default transit gateway route table.

      

    
    - **PropagationDefaultRouteTableId** *(string) --* 

      The ID of the default propagation route table.

      

    
    - **AmazonSideAsn** *(integer) --* 

      A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.

       

      The modify ASN operation is not allowed on a transit gateway if it has the following attachments:

       

      
      * Dynamic VPN
       
      * Static VPN
       
      * Direct Connect Gateway
       
      * Connect
      

       

      You must first delete all transit gateway attachments configured prior to modifying the ASN on the transit gateway.

      

    
    - **EncryptionSupport** *(string) --* 

      Enable or disable encryption support for VPC Encryption Control.

      

    
  
  :type DryRun: boolean
  :param DryRun: 

    Checks whether you have the required permissions for the action, without actually making the request, and provides an error response. If you have the required permissions, the error response is ``DryRunOperation``. Otherwise, it is ``UnauthorizedOperation``.

    

  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'TransitGateway': {
              'TransitGatewayId': 'string',
              'TransitGatewayArn': 'string',
              'State': 'pending'|'available'|'modifying'|'deleting'|'deleted',
              'OwnerId': 'string',
              'Description': 'string',
              'CreationTime': datetime(2015, 1, 1),
              'Options': {
                  'AmazonSideAsn': 123,
                  'TransitGatewayCidrBlocks': [
                      'string',
                  ],
                  'AutoAcceptSharedAttachments': 'enable'|'disable',
                  'DefaultRouteTableAssociation': 'enable'|'disable',
                  'AssociationDefaultRouteTableId': 'string',
                  'DefaultRouteTablePropagation': 'enable'|'disable',
                  'PropagationDefaultRouteTableId': 'string',
                  'VpnEcmpSupport': 'enable'|'disable',
                  'DnsSupport': 'enable'|'disable',
                  'SecurityGroupReferencingSupport': 'enable'|'disable',
                  'MulticastSupport': 'enable'|'disable',
                  'EncryptionSupport': {
                      'EncryptionState': 'enabling'|'enabled'|'disabling'|'disabled',
                      'StateMessage': 'string'
                  }
              },
              'Tags': [
                  {
                      'Key': 'string',
                      'Value': 'string'
                  },
              ]
          }
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **TransitGateway** *(dict) --* 

        Information about the transit gateway.

        
        

        - **TransitGatewayId** *(string) --* 

          The ID of the transit gateway.

          
        

        - **TransitGatewayArn** *(string) --* 

          The Amazon Resource Name (ARN) of the transit gateway.

          
        

        - **State** *(string) --* 

          The state of the transit gateway.

          
        

        - **OwnerId** *(string) --* 

          The ID of the Amazon Web Services account that owns the transit gateway.

          
        

        - **Description** *(string) --* 

          The description of the transit gateway.

          
        

        - **CreationTime** *(datetime) --* 

          The creation time.

          
        

        - **Options** *(dict) --* 

          The transit gateway options.

          
          

          - **AmazonSideAsn** *(integer) --* 

            A private Autonomous System Number (ASN) for the Amazon side of a BGP session. The range is 64512 to 65534 for 16-bit ASNs and 4200000000 to 4294967294 for 32-bit ASNs.

            
          

          - **TransitGatewayCidrBlocks** *(list) --* 

            The transit gateway CIDR blocks.

            
            

            - *(string) --* 
        
          

          - **AutoAcceptSharedAttachments** *(string) --* 

            Indicates whether attachment requests are automatically accepted.

            
          

          - **DefaultRouteTableAssociation** *(string) --* 

            Indicates whether resource attachments are automatically associated with the default association route table. Enabled by default. Either ``defaultRouteTableAssociation`` or ``defaultRouteTablePropagation`` must be set to ``enable`` for Amazon Web Services Transit Gateway to create the default transit gateway route table.

            
          

          - **AssociationDefaultRouteTableId** *(string) --* 

            The ID of the default association route table.

            
          

          - **DefaultRouteTablePropagation** *(string) --* 

            Indicates whether resource attachments automatically propagate routes to the default propagation route table. Enabled by default. If ``defaultRouteTablePropagation`` is set to ``enable``, Amazon Web Services Transit Gateway creates the default transit gateway route table.

            
          

          - **PropagationDefaultRouteTableId** *(string) --* 

            The ID of the default propagation route table.

            
          

          - **VpnEcmpSupport** *(string) --* 

            Indicates whether Equal Cost Multipath Protocol support is enabled.

            
          

          - **DnsSupport** *(string) --* 

            Indicates whether DNS support is enabled.

            
          

          - **SecurityGroupReferencingSupport** *(string) --* 

            Enables you to reference a security group across VPCs attached to a transit gateway to simplify security group management.

             

            This option is disabled by default.

            
          

          - **MulticastSupport** *(string) --* 

            Indicates whether multicast is enabled on the transit gateway

            
          

          - **EncryptionSupport** *(dict) --* 

            Defines if the Transit Gateway supports VPC Encryption Control.

            
            

            - **EncryptionState** *(string) --* 

              The current encryption state of the resource.

              
            

            - **StateMessage** *(string) --* 

              A message describing the encryption state.

              
        
      
        

        - **Tags** *(list) --* 

          The tags for the transit gateway.

          
          

          - *(dict) --* 

            Describes a tag.

            
            

            - **Key** *(string) --* 

              The key of the tag.

               

              Constraints: Tag keys are case-sensitive and accept a maximum of 127 Unicode characters. May not begin with ``aws:``.

              
            

            - **Value** *(string) --* 

              The value of the tag.

               

              Constraints: Tag values are case-sensitive and accept a maximum of 256 Unicode characters.

              
        
      
    
  