:doc:`IoTSecureTunneling <../../iotsecuretunneling>` / Client / open_tunnel

***********
open_tunnel
***********



.. py:method:: IoTSecureTunneling.Client.open_tunnel(**kwargs)

  

  Creates a new tunnel, and returns two client access tokens for clients to use to connect to the IoT Secure Tunneling proxy server.

   

  Requires permission to access the `OpenTunnel <https://docs.aws.amazon.com/service-authorization/latest/reference/list_awsiot.html#awsiot-actions-as-permissions>`__ action.

  

  See also: `AWS API Documentation <https://docs.aws.amazon.com/goto/WebAPI/iotsecuretunneling-2018-10-05/OpenTunnel>`_  


  **Request Syntax**
  ::

    response = client.open_tunnel(
        description='string',
        tags=[
            {
                'key': 'string',
                'value': 'string'
            },
        ],
        destinationConfig={
            'thingName': 'string',
            'services': [
                'string',
            ]
        },
        timeoutConfig={
            'maxLifetimeTimeoutMinutes': 123
        }
    )
    
  :type description: string
  :param description: 

    A short text description of the tunnel.

    

  
  :type tags: list
  :param tags: 

    A collection of tag metadata.

    

  
    - *(dict) --* 

      An arbitary key/value pair used to add searchable metadata to secure tunnel resources.

      

    
      - **key** *(string) --* **[REQUIRED]** 

        The key of the tag.

        

      
      - **value** *(string) --* **[REQUIRED]** 

        The value of the tag.

        

      
    

  :type destinationConfig: dict
  :param destinationConfig: 

    The destination configuration for the OpenTunnel request.

    

  
    - **thingName** *(string) --* 

      The name of the IoT thing to which you want to connect.

      

    
    - **services** *(list) --* **[REQUIRED]** 

      A list of service names that identify the target application. The IoT client running on the destination device reads this value and uses it to look up a port or an IP address and a port. The IoT client instantiates the local proxy, which uses this information to connect to the destination application.

      

    
      - *(string) --* 

      
  
  
  :type timeoutConfig: dict
  :param timeoutConfig: 

    Timeout configuration for a tunnel.

    

  
    - **maxLifetimeTimeoutMinutes** *(integer) --* 

      The maximum amount of time (in minutes) a tunnel can remain open. If not specified, maxLifetimeTimeoutMinutes defaults to 720 minutes. Valid values are from 1 minute to 12 hours (720 minutes)

      

    
  
  
  :rtype: dict
  :returns: 
    
    **Response Syntax**

    
    ::

      {
          'tunnelId': 'string',
          'tunnelArn': 'string',
          'sourceAccessToken': 'string',
          'destinationAccessToken': 'string'
      }
      
    **Response Structure**

    

    - *(dict) --* 
      

      - **tunnelId** *(string) --* 

        A unique alpha-numeric tunnel ID.

        
      

      - **tunnelArn** *(string) --* 

        The Amazon Resource Name for the tunnel.

        
      

      - **sourceAccessToken** *(string) --* 

        The access token the source local proxy uses to connect to IoT Secure Tunneling.

        
      

      - **destinationAccessToken** *(string) --* 

        The access token the destination local proxy uses to connect to IoT Secure Tunneling.

        
  
  **Exceptions**
  
  *   :py:class:`IoTSecureTunneling.Client.exceptions.LimitExceededException`

  