Package @pulumi/aws

new Provider(name: string, args?: ProviderArgs, opts?: pulumi.ResourceOptions)

Create a Provider resource with the given unique name, arguments, and options.

• name The unique name of the resource.
• args The arguments to use to populate this resource's properties.
• opts A bag of options that control this resource's behavior.

getProvider(moduleMember: string): ProviderResource | undefined

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Provider. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

executableUsers?: string[];

Limit search to users with explicit launch permission on the image. Valid items are the numeric account ID or self.

filters?: {
    name: string;
    values: string[];
}[];

One or more name/value pairs to filter off of. There are several valid keys, for a full reference, check out [describe-images in the AWS CLI reference][1].

mostRecent?: undefined | false | true;

If more than one result is returned, use the most recent AMI.

nameRegex?: undefined | string;

A regex string to apply to the AMI list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other options to narrow down the list AWS returns.

owners: string[];

List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, self (the current account), or an AWS owner alias (e.g. amazon, aws-marketplace, microsoft).

tags?: undefined | {[key: string]: any};

executableUsers?: string[];

Limit search to users with explicit launch permission on the image. Valid items are the numeric account ID or self.

filters?: {
    name: string;
    values: string[];
}[];

One or more name/value pairs to filter off of. There are several valid keys, for a full reference, check out [describe-images in the AWS CLI reference][1].

nameRegex?: undefined | string;

A regex string to apply to the AMI list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other options to narrow down the list AWS returns.

owners: string[];

List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, self (the current account), or an AWS owner alias (e.g. amazon, aws-marketplace, microsoft).

sortAscending?: undefined | false | true;

Used to sort AMIs by creation time.

executableUsers?: string[];

filters?: {
    name: string;
    values: string[];
}[];

id: string;

id is the provider-assigned unique ID for this managed resource.

ids: string[];

nameRegex?: undefined | string;

owners: string[];

sortAscending?: undefined | false | true;

architecture: string;

The OS architecture of the AMI (ie: i386 or x8664).

blockDeviceMappings: {
    deviceName: string;
    ebs: {[key: string]: any};
    noDevice: string;
    virtualName: string;
}[];

The block device mappings of the AMI. * block_device_mappings.#.device_name - The physical name of the device. * block_device_mappings.#.ebs.delete_on_termination - true if the EBS volume will be deleted on termination. * block_device_mappings.#.ebs.encrypted - true if the EBS volume is encrypted. * block_device_mappings.#.ebs.iops - 0 if the EBS volume is not a provisioned IOPS image, otherwise the supported IOPS count. * block_device_mappings.#.ebs.snapshot_id - The ID of the snapshot. * block_device_mappings.#.ebs.volume_size - The size of the volume, in GiB. * block_device_mappings.#.ebs.volume_type - The volume type. * block_device_mappings.#.no_device - Suppresses the specified device included in the block device mapping of the AMI. * block_device_mappings.#.virtual_name - The virtual device name (for instance stores).

creationDate: string;

The date and time the image was created.

description: string;

The description of the AMI that was provided during image creation.

executableUsers?: string[];

filters?: {
    name: string;
    values: string[];
}[];

hypervisor: string;

The hypervisor type of the image.

id: string;

id is the provider-assigned unique ID for this managed resource.

imageId: string;

The ID of the AMI. Should be the same as the resource id.

imageLocation: string;

The location of the AMI.

imageOwnerAlias: string;

The AWS account alias (for example, amazon, self) or the AWS account ID of the AMI owner.

imageType: string;

The type of image.

kernelId: string;

The kernel associated with the image, if any. Only applicable for machine images.

mostRecent?: undefined | false | true;

name: string;

The name of the AMI that was provided during image creation.

nameRegex?: undefined | string;

ownerId: string;

The AWS account ID of the image owner.

owners: string[];

platform: string;

The value is Windows for Windows AMIs; otherwise blank.

productCodes: {
    productCodeId: string;
    productCodeType: string;
}[];

Any product codes associated with the AMI. * product_codes.#.product_code_id - The product code. * product_codes.#.product_code_type - The type of product code.

public: boolean;

true if the image has public launch permissions.

ramdiskId: string;

The RAM disk associated with the image, if any. Only applicable for machine images.

rootDeviceName: string;

The device name of the root device.

rootDeviceType: string;

The type of root device (ie: ebs or instance-store).

rootSnapshotId: string;

The snapshot id associated with the root device, if any (only applies to ebs root devices).

sriovNetSupport: string;

Specifies whether enhanced networking is enabled.

state: string;

The current state of the AMI. If the state is available, the image is successfully registered and can be used to launch an instance.

stateReason: {[key: string]: any};

Describes a state change. Fields are UNSET if not available. * state_reason.code - The reason code for the state change. * state_reason.message - The message for the state change.

tags: {[key: string]: any};

Any tags assigned to the image. * tags.#.key - The key name of the tag. * tags.#.value - The value of the tag.

virtualizationType: string;

The type of virtualization of the AMI (ie: hvm or paravirtual).

arn: string;

The ARN to parse.

account: string;

The ID of the AWS account that owns the resource, without the hyphens.

arn: string;

id: string;

id is the provider-assigned unique ID for this managed resource.

partition: string;

The partition that the resource is in.

region: string;

The region the resource resides in. Note that the ARNs for some resources do not require a region, so this component might be omitted.

resource: string;

The content of this part of the ARN varies by service. It often includes an indicator of the type of resource—for example, an IAM user or Amazon RDS database —followed by a slash (/) or a colon (:), followed by the resource name itself.

service: string;

The service namespace that identifies the AWS product.

filters?: {
    name: string;
    values: string[];
}[];

A filter used to scope the list e.g. by tags. See related docs.

arns: string[];

A list of the Autoscaling Groups Arns in the current region.

filters?: {
    name: string;
    values: string[];
}[];

id: string;

id is the provider-assigned unique ID for this managed resource.

names: string[];

A list of the Autoscaling Groups in the current region.

name?: undefined | string;

The full name of the availability zone to select.

state?: undefined | string;

A specific availability zone state to require. May be any of "available", "information" or "impaired".

zoneId?: undefined | string;

The zone ID of the availability zone to select.

id: string;

id is the provider-assigned unique ID for this managed resource.

name: string;

The name of the selected availability zone.

nameSuffix: string;

The part of the AZ name that appears after the region name, uniquely identifying the AZ within its region.

region: string;

The region where the selected availability zone resides. This is always the region selected on the provider, since this data source searches only within that region.

state: string;

The current state of the AZ.

zoneId: string;

(Optional) The zone ID of the selected availability zone.

blacklistedNames?: string[];

List of blacklisted Availability Zone names.

blacklistedZoneIds?: string[];

List of blacklisted Availability Zone IDs.

state?: undefined | string;

Allows to filter list of Availability Zones based on their current state. Can be either "available", "information", "impaired" or "unavailable". By default the list includes a complete set of Availability Zones to which the underlying AWS account has access, regardless of their state.

blacklistedNames?: string[];

blacklistedZoneIds?: string[];

id: string;

id is the provider-assigned unique ID for this managed resource.

names: string[];

A list of the Availability Zone names available to the account.

state?: undefined | string;

zoneIds: string[];

A list of the Availability Zone IDs available to the account.

arn: string;

The ARN of the AWS billing service account.

id: string;

id is the provider-assigned unique ID for this managed resource.

accountId: string;

The AWS Account ID number of the account that owns or contains the calling entity.

arn: string;

The AWS ARN associated with the calling entity.

id: string;

id is the provider-assigned unique ID for this managed resource.

userId: string;

The unique identifier of the calling entity.

displayName: string;

The human-friendly name linked to the canonical user ID. The bucket owner’s display name. NOTE: This value is only included in the response in the US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Ireland), and South America (São Paulo) regions.

id: string;

id is the provider-assigned unique ID for this managed resource.

filters?: {
    name: string;
    values: string[];
}[];

One or more name/value pairs to use as filters. There are several valid keys, for a full reference, check out the EC2 API Reference.

id?: undefined | string;

The allocation id of the specific VPC EIP to retrieve. If a classic EIP is required, do NOT set id, only set publicIp

publicIp?: undefined | string;

The public IP of the specific EIP to retrieve.

tags?: undefined | {[key: string]: any};

A mapping of tags, each pair of which must exactly match a pair on the desired Elastic IP

associationId: string;

The ID representing the association of the address with an instance in a VPC.

domain: string;

Indicates whether the address is for use in EC2-Classic (standard) or in a VPC (vpc).

filters?: {
    name: string;
    values: string[];
}[];

id: string;

If VPC Elastic IP, the allocation identifier. If EC2-Classic Elastic IP, the public IP address.

instanceId: string;

The ID of the instance that the address is associated with (if any).

networkInterfaceId: string;

The ID of the network interface.

networkInterfaceOwnerId: string;

The ID of the AWS account that owns the network interface.

privateDns: string;

The Private DNS associated with the Elastic IP address.

privateIp: string;

The private IP address associated with the Elastic IP address.

publicDns: string;

Public DNS associated with the Elastic IP address.

publicIp: string;

Public IP address of Elastic IP.

publicIpv4Pool: string;

The ID of an address pool.

tags: {[key: string]: any};

Key-value map of tags associated with Elastic IP.

regions?: string[];

Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g. eu-central-1)

services: string[];

Filter IP ranges by services. Valid items are amazon (for amazon.com), cloudfront, codebuild, ec2, route53, route53Healthchecks and S3.

url?: undefined | string;

Custom URL for source JSON file. Syntax must match [AWS IP Address Ranges documention][1]. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

cidrBlocks: string[];

The lexically ordered list of CIDR blocks.

createDate: string;

The publication time of the IP ranges (e.g. 2016-08-03-23-46-05).

id: string;

id is the provider-assigned unique ID for this managed resource.

ipv6CidrBlocks: string[];

The lexically ordered list of IPv6 CIDR blocks.

regions?: string[];

services: string[];

syncToken: number;

The publication time of the IP ranges, in Unix epoch time format (e.g. 1470267965).

url?: undefined | string;

dnsSuffix: string;

id: string;

id is the provider-assigned unique ID for this managed resource.

partition: string;

name?: undefined | string;

The name of the prefix list to select.

prefixListId?: undefined | string;

The ID of the prefix list to select.

cidrBlocks: string[];

The list of CIDR blocks for the AWS service associated with the prefix list.

id: string;

id is the provider-assigned unique ID for this managed resource.

name: string;

The name of the selected prefix list.

prefixListId?: undefined | string;

endpoint?: undefined | string;

The EC2 endpoint of the region to select.

name?: undefined | string;

The full name of the region to select.

description: string;

The region’s description in this format: “Location (Region name)”.

endpoint: string;

The EC2 endpoint for the selected region.

id: string;

id is the provider-assigned unique ID for this managed resource.

name: string;

The name of the selected region.

accessKey?: pulumi.Input<string>;

The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.

allowedAccountIds?: pulumi.Input<pulumi.Input<string>[]>;

assumeRole?: pulumi.Input<{
    externalId: pulumi.Input<string>;
    policy: pulumi.Input<string>;
    roleArn: pulumi.Input<string>;
    sessionName: pulumi.Input<string>;
}>;

endpoints?: pulumi.Input<pulumi.Input<{
    acm: pulumi.Input<string>;
    acmpca: pulumi.Input<string>;
    apigateway: pulumi.Input<string>;
    applicationautoscaling: pulumi.Input<string>;
    applicationinsights: pulumi.Input<string>;
    appmesh: pulumi.Input<string>;
    appsync: pulumi.Input<string>;
    athena: pulumi.Input<string>;
    autoscaling: pulumi.Input<string>;
    autoscalingplans: pulumi.Input<string>;
    backup: pulumi.Input<string>;
    batch: pulumi.Input<string>;
    budgets: pulumi.Input<string>;
    cloud9: pulumi.Input<string>;
    cloudformation: pulumi.Input<string>;
    cloudfront: pulumi.Input<string>;
    cloudhsm: pulumi.Input<string>;
    cloudsearch: pulumi.Input<string>;
    cloudtrail: pulumi.Input<string>;
    cloudwatch: pulumi.Input<string>;
    cloudwatchevents: pulumi.Input<string>;
    cloudwatchlogs: pulumi.Input<string>;
    codebuild: pulumi.Input<string>;
    codecommit: pulumi.Input<string>;
    codedeploy: pulumi.Input<string>;
    codepipeline: pulumi.Input<string>;
    cognitoidentity: pulumi.Input<string>;
    cognitoidp: pulumi.Input<string>;
    configservice: pulumi.Input<string>;
    cur: pulumi.Input<string>;
    datapipeline: pulumi.Input<string>;
    datasync: pulumi.Input<string>;
    dax: pulumi.Input<string>;
    devicefarm: pulumi.Input<string>;
    directconnect: pulumi.Input<string>;
    dlm: pulumi.Input<string>;
    dms: pulumi.Input<string>;
    docdb: pulumi.Input<string>;
    ds: pulumi.Input<string>;
    dynamodb: pulumi.Input<string>;
    ec2: pulumi.Input<string>;
    ecr: pulumi.Input<string>;
    ecs: pulumi.Input<string>;
    efs: pulumi.Input<string>;
    eks: pulumi.Input<string>;
    elasticache: pulumi.Input<string>;
    elasticbeanstalk: pulumi.Input<string>;
    elastictranscoder: pulumi.Input<string>;
    elb: pulumi.Input<string>;
    emr: pulumi.Input<string>;
    es: pulumi.Input<string>;
    firehose: pulumi.Input<string>;
    fms: pulumi.Input<string>;
    fsx: pulumi.Input<string>;
    gamelift: pulumi.Input<string>;
    glacier: pulumi.Input<string>;
    globalaccelerator: pulumi.Input<string>;
    glue: pulumi.Input<string>;
    guardduty: pulumi.Input<string>;
    iam: pulumi.Input<string>;
    inspector: pulumi.Input<string>;
    iot: pulumi.Input<string>;
    kafka: pulumi.Input<string>;
    kinesis: pulumi.Input<string>;
    kinesisAnalytics: pulumi.Input<string>;
    kinesisanalytics: pulumi.Input<string>;
    kinesisvideo: pulumi.Input<string>;
    kms: pulumi.Input<string>;
    lambda: pulumi.Input<string>;
    lexmodels: pulumi.Input<string>;
    licensemanager: pulumi.Input<string>;
    lightsail: pulumi.Input<string>;
    macie: pulumi.Input<string>;
    managedblockchain: pulumi.Input<string>;
    mediaconnect: pulumi.Input<string>;
    mediaconvert: pulumi.Input<string>;
    medialive: pulumi.Input<string>;
    mediapackage: pulumi.Input<string>;
    mediastore: pulumi.Input<string>;
    mediastoredata: pulumi.Input<string>;
    mq: pulumi.Input<string>;
    neptune: pulumi.Input<string>;
    opsworks: pulumi.Input<string>;
    organizations: pulumi.Input<string>;
    pinpoint: pulumi.Input<string>;
    pricing: pulumi.Input<string>;
    quicksight: pulumi.Input<string>;
    r53: pulumi.Input<string>;
    ram: pulumi.Input<string>;
    rds: pulumi.Input<string>;
    redshift: pulumi.Input<string>;
    resourcegroups: pulumi.Input<string>;
    route53: pulumi.Input<string>;
    route53resolver: pulumi.Input<string>;
    s3: pulumi.Input<string>;
    s3control: pulumi.Input<string>;
    sagemaker: pulumi.Input<string>;
    sdb: pulumi.Input<string>;
    secretsmanager: pulumi.Input<string>;
    securityhub: pulumi.Input<string>;
    serverlessrepo: pulumi.Input<string>;
    servicecatalog: pulumi.Input<string>;
    servicediscovery: pulumi.Input<string>;
    servicequotas: pulumi.Input<string>;
    ses: pulumi.Input<string>;
    shield: pulumi.Input<string>;
    sns: pulumi.Input<string>;
    sqs: pulumi.Input<string>;
    ssm: pulumi.Input<string>;
    stepfunctions: pulumi.Input<string>;
    storagegateway: pulumi.Input<string>;
    sts: pulumi.Input<string>;
    swf: pulumi.Input<string>;
    transfer: pulumi.Input<string>;
    waf: pulumi.Input<string>;
    wafregional: pulumi.Input<string>;
    worklink: pulumi.Input<string>;
    workspaces: pulumi.Input<string>;
    xray: pulumi.Input<string>;
}>[]>;

forbiddenAccountIds?: pulumi.Input<pulumi.Input<string>[]>;

insecure?: pulumi.Input<boolean>;

Explicitly allow the provider to perform “insecure” SSL requests. If omitted,default value is false

maxRetries?: pulumi.Input<number>;

The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.

profile?: pulumi.Input<string>;

The profile for API operations. If not set, the default profile created with aws configure will be used.

region?: pulumi.Input<Region>;

The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc.

s3ForcePathStyle?: pulumi.Input<boolean>;

Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.

secretKey?: pulumi.Input<string>;

The secret key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.

sharedCredentialsFile?: pulumi.Input<string>;

The path to the shared credentials file. If not set this defaults to ~/.aws/credentials.

skipCredentialsValidation?: pulumi.Input<boolean>;

Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.

skipGetEc2Platforms?: pulumi.Input<boolean>;

Skip getting the supported EC2 platforms. Used by users that don’t have ec2:DescribeAccountAttributes permissions.

skipMetadataApiCheck?: pulumi.Input<boolean>;

skipRegionValidation?: pulumi.Input<boolean>;

Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are not public (yet).

skipRequestingAccountId?: pulumi.Input<boolean>;

Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.

token?: pulumi.Input<string>;

session token. A session token is only required if you are using temporary security credentials.