# Making requests to the Amazon EC2 API
**Important**
As of **October 14, 2022**, HTTP responses from the Amazon EC2 APIs no longer include a reason-phrase element. As recommended by [RFC7230](https://datatracker.ietf.org/doc/html/rfc7230#section-3.1.2), you should ensure that your applications do not make use of the reason-phrase content. Ensure that your applications use the 3-digit status-code element included in the HTTP response instead.
We provide the Query API for Amazon EC2, as well as software development kits (SDK) for AWS that enable you to access Amazon EC2 from your preferred programming language. For more information, see the [Amazon EC2 Developer Guide](https://docs.aws.amazon.com/ec2/latest/devguide/).
**Topics**
+ [Required knowledge](#required-knowledge)
+ [Available APIs for Amazon EC2](#using-libraries)
+ [Query requests for Amazon EC2](Query-Requests.md)
+ [Troubleshooting API request errors](query-api-troubleshooting.md)
+ [Cross-origin resource sharing support and Amazon EC2](cors-support.md)
+ [VM Import Manifest](manifest.md)
## Required knowledge
If you plan to access Amazon EC2 through an API, you should be familiar with the following:
+ XML
+ Web services
+ HTTP requests
+ One or more programming languages, such as Java, PHP, Perl, Python, Ruby, C\$1, or C\$1\$1.
## Available APIs for Amazon EC2
The Amazon EC2 Query API provides HTTP or HTTPS requests that use the HTTP verb GET or POST and a Query parameter named `Action`.
AWS provides libraries, sample code, tutorials, and other resources for software developers who prefer to build applications using language-specific APIs instead of submitting a request over HTTP or HTTPS. These libraries provide basic functions that automatically take care of tasks such as cryptographically signing your requests, retrying requests, and handling error responses, so that it is easier for you to get started.
For more information, see [Create Amazon EC2 resources using an AWS SDK](https://docs.aws.amazon.com/ec2/latest/devguide/sdk-general-information-section.html) in the *Amazon EC2 Developer Guide*.
# Query requests for Amazon EC2
Query requests are HTTP or HTTPS requests that use the HTTP verb GET or POST and a Query parameter named `Action`. For each Amazon EC2 API action, you can choose whether to use GET or POST. Regardless of which verb you choose, the same data is sent and received. For a list of Amazon EC2 API actions, see [Actions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/query-apis.html).
**Topics**
+ [Structure of a GET request](#structure-of-a-get-request)
+ [Query parameters](#query-parameters)
+ [Query API authentication](#query-authentication)
+ [Query response structures](#api-responses)
+ [Pagination](#api-pagination)
+ [Preventing requests over HTTP](#prevent-http-requests)
## Structure of a GET request
The Amazon EC2 documentation presents the GET requests as URLs, which can be used directly in a browser.
**Note**
Because the GET requests are URLs, you must URL encode the parameter values. In the Amazon EC2 documentation, we leave the example GET requests unencoded to make them easier to read.
The request consists of the following:
+ **Endpoint**: The URL that serves as the entry point for the web service. For more information, see [Amazon EC2 service endpoints](https://docs.aws.amazon.com/ec2/latest/devguide/ec2-endpoints.html).
+ **Action**: The action that you want to perform; for example, use `RunInstances` to launch an instance.
+ **Parameters**: Any parameters for the action; each parameter is separated by an ampersand (&).
+ **Version**: The API version to use. For the Amazon EC2 API, the version is 2016-11-15.
+ **Authorization parameters**: The authorization parameters that AWS uses to ensure the validity and authenticity of the request. Amazon EC2 supports Signature Version 2 and Signature Version 4. We recommend that you use Signature Version 4. For more information, see [Signing AWS API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html) in the *IAM User Guide*.
The following optional parameters can be included in your request:
+ **DryRun**: Checks whether you have the required permissions for the action, without actually making the request. If you have the required permissions, the request returns `DryRunOperation`; otherwise, it returns `UnauthorizedOperation`.
+ **SecurityToken**: The temporary security token obtained through a call to AWS Security Token Service.
For more information about common parameters for API requests, see [Common query parameters](CommonParameters.md).
The following is an example request that launches instances:
```
https://ec2.amazonaws.com/?Action=RunInstances&ImageId=ami-2bb65342&MaxCount=3&MinCount=1&Placement.AvailabilityZone=us-east-1a&Monitoring.Enabled=true&Version=2016-11-15&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIDEXAMPLE%2F20130813%2Fus-east-1%2Fec2%2Faws4_request&X-Amz-Date=20130813T150206Z&X-Amz-SignedHeaders=content-type%3Bhost%3Bx-amz-date&X-Amz-Signature=525d1a96c69b5549dd78dbbec8efe264102288b83ba87b7d58d4b76b71f59fd2
Content-type: application/json
host:ec2.amazonaws.com
```
To make these example requests even easier to read, AWS documentation may present them in the following format:
```
https://ec2.amazonaws.com/?Action=RunInstances
&ImageId=ami-2bb65342
&MaxCount=3
&MinCount=1
&Placement.AvailabilityZone=us-east-1a
&Monitoring.Enabled=true
&Version=2016-11-15
&X-Amz-Algorithm=AWS4-HMAC-SHA256
&X-Amz-Credential=AKIAIOSFODNN7EXAMPLEus-east-1%2Fec2%2Faws4_request
&X-Amz-Date=20130813T150206Z
&X-Amz-SignedHeaders=content-type%3Bhost%3Bx-amz-date
&X-Amz-Signature=ced6826de92d2bdeed8f846f0bf508e8559e98e4b0194b84example54174deb456c
Content-type: application/json
host:ec2.amazonaws.com
```
The first line specifies the endpoint of the request. After the endpoint is a question mark (?), which separates the endpoint from the parameters. For more information about Amazon EC2 endpoints, see [Amazon EC2 service endpoints](https://docs.aws.amazon.com/ec2/latest/devguide/ec2-endpoints.html).
The `Action` parameter indicates the action to perform. For a complete list of actions, see [Actions](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/query-apis.html). The remaining lines specify additional parameters for the request.
In the example Query requests we present in the Amazon EC2 API documentation, we omit the headers, [common required parameters](CommonParameters.md), and authentication parameters to make it easier for you to focus on the parameters for the action. We replace them with the `&AUTHPARAMS` literal string to remind you that you must include these parameters in your request; for example:
```
https://ec2.amazonaws.com/?Action=RunInstances
&ImageId=ami-2bb65342
&MaxCount=3
&MinCount=1
&Placement.AvailabilityZone=us-east-1a
&Monitoring.Enabled=true
&AUTHPARAMS
```
**Important**
Before you specify your access key ID for the `AWSAccessKeyId` or `Credential` parameter, review and follow the guidance in [AWS security credentials](https://docs.aws.amazon.com/IAM/latest/UserGuide/security-creds.html).
## Query parameters
Each Query request must include required common parameters to handle authentication and selection of an action. Query parameters are case sensitive.
Some operations take lists of parameters. These lists are specified using the *param.n* notation, where *n* is an integer starting from 1.
The following example adds multiple devices to a block device mapping using a list of `BlockDeviceMapping` parameters.
```
http://ec2.amazonaws.com/?Action=RunInstances
&ImageId.1=ami-72aa081b
...
&BlockDeviceMapping.1.DeviceName=/dev/sdj
&BlockDeviceMapping.1.Ebs.NoDevice=true
&BlockDeviceMapping.2.DeviceName=/dev/sdh
&BlockDeviceMapping.2.Ebs.VolumeSize=300
&BlockDeviceMapping.3.DeviceName=/dev/sdc
&BlockDeviceMapping.3.VirtualName=ephemeral1
&AUTHPARAMS
```
## Query API authentication
You can send Query requests over either the HTTP or HTTPS protocol.
Regardless of which protocol you use, you must include a signature in every Query request. Amazon EC2 supports Signature Version 2 and Signature Version 4. We recommend that you use Signature Version 4. For more information, see [Signing AWS API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html) in the *IAM User Guide*.
Signature Version 4 requests allow you to specify all the authorization parameters in a single header, for example:
```
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Amz-Date: 20130813T150211Z
Host: ec2.amazonaws.com
Authorization: AWS4-HMAC-SHA256 Credential=AKIDEXAMPLE/202230813/us-east-1/ec2/aws4_request, SignedHeaders=content-type;host;x-amz-date, Signature=ced6826de92d2bdeed8f846f0bf508e8559e98e4b0194b84example54174deb456c
http://ec2.amazonaws.com/?Action=RunInstances
ImageId=ami-2bb65342
&MaxCount=3
&MinCount=1
&Monitoring.Enabled=true
&Placement.AvailabilityZone=us-east-1a
&Version=2016-11-15
```
## Query response structures
In response to a Query request, the service returns an XML data structure that conforms to an XML schema defined for Amazon EC2. The structure of an XML response is specific to the associated request. In general, the response data types are named according to the operation performed and whether the data type is a container (can have children). Examples of containers include `groupSet` for security groups and `keySet` for key pairs (see the example that follows). Item elements are children of containers, and their contents vary according to the container's role.
Every successful response includes a request ID in a `requestId` element, and every unsuccessful response includes a request ID in a `RequestID` element. The value is a unique string that AWS assigns. If you ever have issues with a particular request, AWS will ask for the request ID to help troubleshoot the issue. The following shows an example response.
```
7a62c49f-347e-4fc4-9331-6e8eEXAMPLE
-
gsg-keypair
00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
```
**Considerations**
+ As of July 31 2024, for any new Amazon EC2 API actions or newly supported AWS Regions, the XML data structures in the responses won't include new lines and indentations. If you use a custom client, ensure that it does not rely on the responses including new lines and indentations.
+ As of July 31 2025, the XML data structures in the responses will no longer include new lines and indentations. This change will reduce the size of the responses. If you use a custom client, ensure that it does not rely on the responses including new lines and indentations.
+ The order of the elements in the response, including those within nested structures, might vary. Applications should not assume that the elements appear in a particular order.
## Pagination
For actions that can return a long list of items, the Amazon EC2 API includes parameters to support pagination: `MaxResults`, `NextToken` (input), and `nextToken` (output). With pagination, you specify a size for `MaxResults` and then each call returns 0 to `MaxResults` items and sets `nextToken`. If there are additional items to iterate, `nextToken` is non-null and you can specify its value in the `NextToken` parameter of a subsequent call to get the next set of items. With pagination, you continue to call the action until `nextToken` is null, even if you receive less than `MaxResults` items, including zero items.
If you call a describe API action with both a list of IDs and `MaxResults`, the request fails with the error `InvalidParameterCombination`.
We recommend that you use pagination when using describe actions that can potentially return a large number of results, such as `DescribeInstances`. Using pagination bounds the number of items returned and the time it takes for these calls to return.
For more information, see [Pagination](https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-pagination.html) in the *Amazon EC2 Developer Guide*.
## Preventing requests over HTTP
If your workload does not require you to use HTTP, we recommend that you avoid using it to prevent transmitting and receiving unencrypted data, and to use HTTPS instead. You can use the [https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-securetransport](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-securetransport) global IAM condition key in your IAM policies to prevent users from sending requests over HTTP.
The following example policy prevents users from sending requests over HTTP.
```
{
"Statement": [
{
"Sid": "AllowAllEC2HttpsRequests",
"Effect": "Allow",
"Action": "ec2:*",
"Resource": "*",
"Condition": {
"StringEqualsIgnoreCase": {
"aws:SecureTransport": "true"
}
}
}
]
}
```
# Troubleshooting API request errors
In the Amazon EC2 Query API, errors codes are indicated as being either client or server. Client errors usually occur because there is a problem with the structure, content, or validity of the request. Server errors usually indicate a server-side issue.
For more information about API error codes, see [Error Codes](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/api-error-codes.html).
**Topics**
+ [Query API request rate](#api-request-rate)
+ [Eventual consistency](#eventual-consistency)
+ [Unauthorized operation](#unauthorized-operation)
## Query API request rate
We throttle Amazon EC2 API requests for each AWS account on a per-Region basis to help the performance of the service. We ensure that all calls to the Amazon EC2 API (whether they originate from an application, calls to a command line interface, or the Amazon EC2 console) don't exceed the maximum allowed API request rate. The maximum API request rate may vary across Regions. Note that API requests made by users are attributed to the underlying AWS account.
For more information, see [Request throttling](https://docs.aws.amazon.com/ec2/latest/devguide/ec2-api-throttling.html) in the *Amazon EC2 Developer Guide*.
## Eventual consistency
The Amazon EC2 API follows an eventual consistency model, due to the distributed nature of the system supporting the API. This means that the result of an API command you run that affects your Amazon EC2 resources might not be immediately visible to all subsequent commands you run. You should keep this in mind when you carry out an API command that immediately follows a previous API command.
For more information, see [Eventual consistency](https://docs.aws.amazon.com/ec2/latest/devguide/eventual-consistency.html) in the *Amazon EC2 Developer Guide*.
## Unauthorized operation
By default, users, groups, and roles don't have permission to create or modify Amazon EC2 resources, or perform tasks using the Amazon EC2 API. You must explicitly grant permission through IAM policies. If a user attempts to perform an action for which permission has not been granted, the request returns the following error: `Client.UnauthorizedOperation`.
This error may occur when a policy is unintentionally restrictive. For example, to allow a user to launch instances into a specific subnet, you need to grant permissions for the following resources by specifying their ARNs in your IAM policy: instances, volumes, AMIs, the specific subnet, network interfaces, key pairs, and security groups. If you omit the permission for volumes, for example, the user is only able to launch an instance from an instance store-backed AMI, as they do not have permission to create the root EBS volume for an EBS-backed instance.
For more information about creating IAM policies for Amazon EC2, see [IAM policies for Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/iam-policies-for-amazon-ec2.html) in the *Amazon EC2 User Guide*.
For more information about which ARNs you can use with which Amazon EC2 API actions, see [Actions, resources, and condition keys for Amazon EC2](https://docs.aws.amazon.com/service-authorization/latest/reference/list_amazonec2.html) in the *Service Authorization Reference*.
# Cross-origin resource sharing support and Amazon EC2
The Amazon EC2 API supports cross-origin resource sharing (CORS). CORS defines a way for client web applications that are loaded in one domain to interact with resources in a different domain. For more information, go to the [Cross-Origin Resource Sharing W3C Recommendation](http://www.w3.org/TR/cors/). With CORS support for Amazon EC2, you can build rich client-side web applications that leverage the Amazon EC2 API. For example, suppose you are hosting a web site, `mywebsite.example.com`, and you want to use JavaScript on your web pages to make requests to the Amazon EC2 API. Normally, a browser blocks JavaScript from allowing these requests, but with CORS, you are able to make cross-origin Amazon EC2 API calls from `mywebsite.example.com`.
CORS is already enabled for the Amazon EC2 API, and is ready for you to use. You do not need to perform any additional configuration steps to start using this feature. There is no change to the way that you make calls to the Amazon EC2 API; they must still be signed with valid AWS credentials to ensure that AWS can authenticate the requester. For more information, see [Signing AWS API requests](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_aws-signing.html) in the *IAM User Guide*.
The implementation of CORS in the Amazon EC2 API is standardized. Your application can send a simple request to the Amazon EC2 API, or, depending on the content of the request, a preflight request followed by an actual request. Amazon EC2 allows the request from any origin
For more information about CORS and examples of how it works, go to the following article on the Mozilla Developer Network: [HTTP access control (CORS)](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS).
## Simple requests
The following are the criteria that define a simple or actual request:
+ Requests only use the `GET` or `POST` HTTP methods. If the `POST` method is used, then `Content-Type` can only be one of the following: `application/x-www-form-urlencoded`, `multipart/form-data`, or `text/plain`.
+ Requests do not set custom headers, such as `X-Other-Header`.
Amazon EC2 allows the request from any origin. Any `GET` or `POST` request that attempts to use browser credentials by setting the `Access-Control-Allow-Credentials` value to `true` (where `XMLHttpRequest.withCredentials = true`) will fail.
The following information describes the request headers to Amazon EC2:
**Simple request header values**
+ `Origin`: Specifies the domain that would like access to the resource (in this case, the resource is Amazon EC2). This is inserted by the browser in a cross-origin request.
The following information describes the response headers that Amazon EC2 returns (or does not return) after a simple or actual request:
**Simple response header values**
+ `Access-Control-Allow-Origin`: Specifies the domain that can access the resource (in this case, the resource is Amazon EC2). This is always returned with a \$1 value. Therefore, Amazon EC2 allows any cross-domain origin, and never allows browser credentials, such as cookies.
+ `Access-Control-Allow-Credentials`: Indicates whether browser credentials can be used to make the actual request. This is never returned. Therefore, the browser should interpret the value as `Access-Control-Allow-Credentials: false`.
## Preflight requests
If the content of your request meets the criteria below, then your request is checked for whether the actual request should be sent. A preflight request first sends an HTTP request to the resource (in this case, Amazon EC2) using the `OPTIONS` method.
The following are the criteria that define a preflight request:
+ Requests use HTTP methods other than `GET` or `POST`. However, if the `POST` method is used, then the `Content-Type` is not one of the following: `application/x-www-form-urlencoded`, `multipart/form-data`, or `text/plain`.
+ Requests set custom headers; for example, `X-Other-Header`.
The Amazon EC2 CORS implementation allows any headers, and allows any origin in the actual request.
The following information describes the request headers for a preflight request to Amazon EC2:
**Preflight request header values**
+ `Origin`: Specifies the domain that would like access to the resource (in this case, the resource is Amazon EC2). This is inserted by the browser in a cross-origin request.
+ `Access-Control-Request-Method`: The HTTP method to be used in the actual request from the browser.
+ `Access-Control-Request-Headers`: The custom headers to be sent in the actual cross-origin request.
The following information is about the response headers that Amazon EC2 returns (or does not return) after a preflight request:
**Preflight response header values**
+ `Access-Control-Allow-Origin`: Specifies the domain that can access the resource (in this case, the resource is Amazon EC2). This is always returned with a \$1 value. Therefore, Amazon EC2 allows any cross-domain origin, and never allows browser credentials, such as cookies.
+ `Access-Control-Allow-Credentials`: Indicates whether browser credentials can be used to make the actual request. This is never returned by Amazon EC2. Therefore, the browser should interpret the value as `Access-Control-Allow-Credentials: false`.
+ `Access-Control-Expose-Headers`: Allows headers to be exposed to the browser. This is never returned by Amazon EC2. Therefore, no return headers from Amazon EC2 can be read by the requesting domain.
+ `Access-Control-Max-Age`: Specifies how long preflight request results can be cached. The value is set to 1800 seconds (30 minutes).
+ `Access-Control-Allow-Methods`: Indicates which methods are allowed when making an actual request. The following methods are allowed: `GET`, `POST`, `OPTIONS`, `DELETE`, and `PUT`. This also depends on how you are calling the Amazon EC2 API; for example, by using the Query API, or by using REST.
+ `Access-Control-Allow-Headers`: Indicates which headers can be used in the actual request. Amazon EC2 accepts any headers in preflight requests. If the HTTP headers are not relevant in the actual request, they are ignored.
# VM Import Manifest
The import manifest is an XML file created and consumed by the Amazon EC2 API operations [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) and [ImportVolume](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportVolume.html). Note that these operations are not supported by the AWS CLI.
The manifest allows a virtual machine image to be broken into small parts for transfer and then reassembled at the destination, with support for retrying failed partial transfers. This file is generally created, consumed, and destroyed by the Amazon EC2 tools without user intervention.
In some exceptional situations, developers may wish to construct a manifest manually or programmatically, making it possible to bypass certain API operations while still providing a manifest for other operations that require the file as a parameter value.
This topic documents the structure of the manifest and provides a sample file.
**Note**
Direct manipulation of the manifest departs from the standard workflow of the Amazon EC2 API. We recommend that you follow the procedures in [VM Import/Export processes](https://docs.aws.amazon.com/vm-import/latest/userguide/import-export-processes.html) instead.
## Manifest Schema
The schema below describes the format of the manifest. Documentation for the schema elements is presented inline.
```
Version designator for the manifest file,
File format of volume to be imported, with value RAW,
VHD, or VMDK.
Complex type describing the software that created the
manifest.
Signed URL used to delete the stored manifest file.
Complex type describing the size and chunking of the
volume file.
Name of the software that created the manifest.
Version of the software that created the manifest.
Release number of the software that created the manifest.
Exact size of the file to be imported (bytes on disk).
Rounded size in gigabytes of volume to be imported.
Complex type describing and counting the parts into which the
file is split.
Definition of a particular part. Any number of parts may be
defined.
Total count of the parts.
Complex type defining the starting and ending byte count of a
part.
The S3 object name of the part.
Signed URLs for issuing a HEAD request on the S3 object
containing this part.
Signed URLs for issuing a GET request on the S3 object
containing this part.
Signed URLs for issuing a DELETE request on the S3 object
containing this part.
Index number of this part.
Offset of a part's first byte in the disk image.
Offset of a part's last byte in the disk image.
```
## Examples
This first example of a manifest describes a volume image with two parts. The files containing the parts are on a local system and must be uploaded to Amazon S3.
```
2010-11-15
VMDK
ec2-upload-disk-image
1.0.0
2010-11-15
https://example-disk-part-bucket.s3.amazonaws.com/d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdkmanifest.xml?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Expires=1416618486&Signature=m%2Bl%2FkuKuvfEeD%2Fya%2B0TrgeiH%2FLM%3D
12595200
1
d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdk.part0
https://example-disk-part-bucket.s3.amazonaws.com/d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdk.part0?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Expires=1416618486&Signature=2yqS2VGYXGmqcbu%2FrQEn8FGIKaI%3D
https://example-disk-part-bucket.s3.amazonaws.com/d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdk.part0?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Expires=1416618486&Signature=nEvl8VhFoEuIjJFRkAYB2IWKRtY%3D
https://example-disk-part-bucket.s3.amazonaws.com/d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdk.part0?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Expires=1416618486&Signature=CX19zc4Eys8BN%2FXsoepk%2Bi3i4No%3D
d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdk.part1
https://example-disk-part-bucket.s3.amazonaws.com/d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdk.part1?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Expires=1416618486&Signature=3b%2F8ky92L8g%2BBf15Ou194VnR4Js%3D
https://example-disk-part-bucket.s3.amazonaws.com/d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdk.part1?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Expires=1416618486&Signature=W%2FxagI5ChmfqqgY8WwyDJ3Rgviw%3D
https://example-disk-part-bucket.s3.amazonaws.com/d6e1ca17-72f6-4ab0-b2c8-d7ba8186cb23/cirros-0.3.2-x86_64-disk.vmdk.part1?AWSAccessKeyId=AKIAIOSFODNN7EXAMPLE&Expires=1416618486&Signature=08FH3QPwkIcNURnNpT9DIvvhQ0I%3D
```
The second example describes a volume image with a single part that has already been uploaded to Amazon S3.
```
2010-11-15
VMDK
Linux_RHEL_59_64.vmdk
1.0.0
2010-11-15
https://example-disk-part-bucket.s3.ap-northeast-2.amazonaws.com/Linux_RHEL_59_64.vmdk?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ26ZRPZDGYJT4KAQFEXAMPLE%2Fap-northeast-2%2Fs3%2Faws4_request&X-Amz-Date=20151119T234529Z&X-Amz-Expires=604800&X-Amz-Signature=4dbf803f2e52fb6a876d3b63778033af42ec11155b37366ab4fca56691672807&X-Amz-SignedHeaders=Host
994433536
1
Linux_RHEL_59_64.vmdk
https://example-disk-part-bucket.s3.ap-northeast-2.amazonaws.com/Linux_RHEL_59_64.vmdk?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ26ZRPZDGYJT4KAQFEXAMPLE%2Fap-northeast-2%2Fs3%2Faws4_request&X-Amz-Date=20151119T234529Z&X-Amz-Expires=604800&X-Amz-Signature=4c3a7bdf3ef8fa53a5585fc67747c81ea1f65bf09f3768998a575dabf5dfda2e&X-Amz-SignedHeaders=Host
https://example-disk-part-bucket.s3.ap-northeast-2.amazonaws.com/Linux_RHEL_59_64.vmdk?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ26ZRPZDGYJT4KAQFEXAMPLE%2Fap-northeast-2%2Fs3%2Faws4_request&X-Amz-Date=20151119T234529Z&X-Amz-Expires=604800&X-Amz-Signature=329d6abb673e4ce11c0aa602f34f62fb8ced703e8ae6c04f24c16e79d7699e52&X-Amz-SignedHeaders=Host
https://example-disk-part-bucket.s3.ap-northeast-2.amazonaws.com/Linux_RHEL_59_64.vmdk?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAJ26ZRPZDGYJT4KAQFEXAMPLE%2Fap-northeast-2%2Fs3%2Faws4_request&X-Amz-Date=20151119T234529Z&X-Amz-Expires=604800&X-Amz-Signature=4dbf803f2e52fb6a876d3b63778033af42ec11155b37366ab4fca56691672807&X-Amz-SignedHeaders=Host
```