Package @pulumi/aws
This page documents the language specification for the aws package. If you're looking for help working with the inputs, outputs, or functions of aws resources in a Pulumi program, please see the resource documentation for examples and API reference.
This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the
pulumi/pulumi-aws
repo; however, if that doesn’t turn up anything, please consult the sourceterraform-providers/terraform-provider-aws
repo.
var aws = require("@pulumi/aws");
import * as aws from "@pulumi/aws";
Modules
- accessanalyzer
- acm
- acmpca
- alb
- apigateway
- apigatewayv2
- appautoscaling
- appmesh
- appsync
- athena
- autoscaling
- autoscalingplans
- backup
- batch
- budgets
- cfg
- cloud9
- cloudformation
- cloudfront
- cloudhsmv2
- cloudtrail
- cloudwatch
- codeartifact
- codebuild
- codecommit
- codedeploy
- codepipeline
- codestarconnections
- codestarnotifications
- cognito
- config
- cur
- datapipeline
- datasync
- dax
- devicefarm
- directconnect
- directoryservice
- dlm
- dms
- docdb
- dynamodb
- ebs
- ec2
- ec2clientvpn
- ec2transitgateway
- ecr
- ecs
- efs
- eks
- elasticache
- elasticbeanstalk
- elasticsearch
- elastictranscoder
- elb
- emr
- fms
- fsx
- gamelift
- glacier
- globalaccelerator
- glue
- guardduty
- iam
- identitystore
- imagebuilder
- inspector
- iot
- kinesis
- kinesisanalyticsv2
- kms
- lakeformation
- lambda
- lb
- lex
- licensemanager
- lightsail
- macie
- mediaconvert
- mediapackage
- mediastore
- mq
- msk
- neptune
- networkfirewall
- opsworks
- organizations
- outposts
- pinpoint
- pricing
- qldb
- quicksight
- ram
- rds
- redshift
- resourcegroups
- route53
- s3
- s3control
- s3outposts
- sagemaker
- secretsmanager
- securityhub
- serverless
- serverlessrepository
- servicecatalog
- servicediscovery
- servicequotas
- ses
- sfn
- shield
- signer
- simpledb
- sns
- sqs
- ssm
- ssoadmin
- storagegateway
- swf
- transfer
- types
- waf
- wafregional
- wafv2
- worklink
- workspaces
- xray
namespace "."
Resources
Functions
- getAmi
- getAmiIds
- getArn
- getAutoscalingGroups
- getAvailabilityZone
- getAvailabilityZones
- getBillingServiceAccount
- getCallerIdentity
- getCanonicalUserId
- getElasticIp
- getIpRanges
- getPartition
- getPrefixList
- getRegion
- getRegions
Others
- AFSouth1Region
- APEast1Region
- APNortheast1Region
- APNortheast2Region
- APSouth1Region
- APSoutheast1Region
- APSouthEast2Region
- ARN
- CACentralRegion
- CNNorth1Region
- CNNorthWest1Region
- EUCentral1Region
- EUNorth1Region
- EUSouth1Region
- EUWest1Region
- EUWest2Region
- EUWest3Region
- GetAmiArgs
- GetAmiIdsArgs
- GetAmiIdsResult
- GetAmiResult
- GetArnArgs
- GetArnResult
- GetAutoscalingGroupsArgs
- GetAutoscalingGroupsResult
- GetAvailabilityZoneArgs
- GetAvailabilityZoneResult
- GetAvailabilityZonesArgs
- GetAvailabilityZonesResult
- GetBillingServiceAccountResult
- GetCallerIdentityResult
- GetCanonicalUserIdResult
- GetElasticIpArgs
- GetElasticIpResult
- getEnv
- getEnvBoolean
- getEnvNumber
- GetIpRangesArgs
- GetIpRangesResult
- GetPartitionResult
- GetPrefixListArgs
- GetPrefixListResult
- GetRegionArgs
- GetRegionResult
- GetRegionsArgs
- GetRegionsResult
- getVersion
- MESouth1Region
- Overwrite
- ProviderArgs
- SAEast1Region
- Tags
- USEast1Region
- USEast2Region
- USGovEast1Region
- USGovWest1Region
- USWest1Region
- USWest2Region
namespace "."
const sdk
const sdk: "/home/runner/work/docs/docs/pulumi-aws/sdk/nodejs/node_modules/aws-sdk/index";
Provides quick access to the “aws-sdk” SDK (https://github.com/aws/aws-sdk-js) within a javascript callback function that is serialized into an AWS Lambda. Inside a Pulumi app a program can be written like so:
import * as aws from "@pulumi/aws";
// ...
// inside the callback function for an AWS Lambda:
const client = new aws.sdk.DynamoDB.DocumentClient(...opt-args...);
Note: this property will give you the aws-sdk module that AWS automatically includes with any javascript Lambda.
Resources
Resource Provider
class Provider extends ProviderResource
The provider type for the aws package. By default, resources use package-wide configuration
settings, however an explicit Provider
instance may be created and passed during resource
construction to achieve fine-grained programmatic control over provider settings. See the
documentation for more information.
constructor
new Provider(name: string, args?: ProviderArgs, opts?: pulumi.ResourceOptions)
Create a Provider resource with the given unique name, arguments, and options.
name
The unique name of the resource.args
The arguments to use to populate this resource's properties.opts
A bag of options that control this resource's behavior.
method getProvider
getProvider(moduleMember: string): ProviderResource | undefined
method isInstance
public static isInstance(obj: any): obj is Provider
Returns true if the given object is an instance of Provider. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.
method register
static register(provider: ProviderResource | undefined): Promise<string | undefined>
property id
id: Output<ID>;
id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.
property urn
urn: Output<URN>;
urn is the stable logical URN used to distinctly address a resource, both before and after deployments.
Functions
Function getAmi
getAmi(args: GetAmiArgs, opts?: pulumi.InvokeOptions): Promise<GetAmiResult>
Use this data source to get the ID of a registered AMI for use in other resources.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = pulumi.output(aws.getAmi({
executableUsers: ["self"],
filters: [
{
name: "name",
values: ["myami-*"],
},
{
name: "root-device-type",
values: ["ebs"],
},
{
name: "virtualization-type",
values: ["hvm"],
},
],
mostRecent: true,
nameRegex: "^myami-\\d{3}",
owners: ["self"],
}, { async: true }));
Function getAmiIds
getAmiIds(args: GetAmiIdsArgs, opts?: pulumi.InvokeOptions): Promise<GetAmiIdsResult>
Use this data source to get a list of AMI IDs matching the specified criteria.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const ubuntu = pulumi.output(aws.getAmiIds({
filters: [{
name: "name",
values: ["ubuntu/images/ubuntu-*-*-amd64-server-*"],
}],
owners: ["099720109477"],
}, { async: true }));
Function getArn
getArn(args: GetArnArgs, opts?: pulumi.InvokeOptions): Promise<GetArnResult>
Parses an Amazon Resource Name (ARN) into its constituent parts.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const dbInstance = pulumi.output(aws.getArn({
arn: "arn:aws:rds:eu-west-1:123456789012:db:mysql-db",
}, { async: true }));
Function getAutoscalingGroups
getAutoscalingGroups(args?: GetAutoscalingGroupsArgs, opts?: pulumi.InvokeOptions): Promise<GetAutoscalingGroupsResult>
The Autoscaling Groups data source allows access to the list of AWS ASGs within a specific region. This will allow you to pass a list of AutoScaling Groups to other resources.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const groups = aws.getAutoscalingGroups({
filters: [
{
name: "key",
values: ["Team"],
},
{
name: "value",
values: ["Pets"],
},
],
});
const slackNotifications = new aws.autoscaling.Notification("slackNotifications", {
groupNames: groups.then(groups => groups.names),
notifications: [
"autoscaling:EC2_INSTANCE_LAUNCH",
"autoscaling:EC2_INSTANCE_TERMINATE",
"autoscaling:EC2_INSTANCE_LAUNCH_ERROR",
"autoscaling:EC2_INSTANCE_TERMINATE_ERROR",
],
topicArn: "TOPIC ARN",
});
Function getAvailabilityZone
getAvailabilityZone(args?: GetAvailabilityZoneArgs, opts?: pulumi.InvokeOptions): Promise<GetAvailabilityZoneResult>
aws.getAvailabilityZone
provides details about a specific availability zone (AZ)
in the current region.
This can be used both to validate an availability zone given in a variable and to split the AZ name into its component parts of an AWS region and an AZ identifier letter. The latter may be useful e.g. for implementing a consistent subnet numbering scheme across several regions by mapping both the region and the subnet letter to network numbers.
This is different from the aws.getAvailabilityZones
(plural) data source,
which provides a list of the available zones.
Function getAvailabilityZones
getAvailabilityZones(args?: GetAvailabilityZonesArgs, opts?: pulumi.InvokeOptions): Promise<GetAvailabilityZonesResult>
The Availability Zones data source allows access to the list of AWS Availability Zones which can be accessed by an AWS account within the region configured in the provider.
This is different from the aws.getAvailabilityZone
(singular) data source,
which provides some details about a specific availability zone.
When Local Zones are enabled in a region, by default the API and this data source include both Local Zones and Availability Zones. To return only Availability Zones, see the example section below.
Example Usage
By State
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const available = aws.getAvailabilityZones({
state: "available",
});
const primary = new aws.ec2.Subnet("primary", {availabilityZone: available.then(available => available.names[0])});
// ...
const secondary = new aws.ec2.Subnet("secondary", {availabilityZone: available.then(available => available.names[1])});
// ...
By Filter
All Local Zones (regardless of opt-in status):
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = pulumi.output(aws.getAvailabilityZones({
allAvailabilityZones: true,
filters: [{
name: "opt-in-status",
values: [
"not-opted-in",
"opted-in",
],
}],
}, { async: true }));
Only Availability Zones (no Local Zones):
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = pulumi.output(aws.getAvailabilityZones({
filters: [{
name: "opt-in-status",
values: ["opt-in-not-required"],
}],
}, { async: true }));
Function getBillingServiceAccount
getBillingServiceAccount(opts?: pulumi.InvokeOptions): Promise<GetBillingServiceAccountResult>
Use this data source to get the Account ID of the AWS Billing and Cost Management Service Account for the purpose of permitting in S3 bucket policy.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const main = pulumi.output(aws.getBillingServiceAccount({ async: true }));
const billingLogs = new aws.s3.Bucket("billing_logs", {
acl: "private",
policy: pulumi.interpolate`{
"Id": "Policy",
"Version": "2012-10-17",
"Statement": [
{
"Action": [
"s3:GetBucketAcl", "s3:GetBucketPolicy"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket",
"Principal": {
"AWS": [
"${main.arn}"
]
}
},
{
"Action": [
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::my-billing-tf-test-bucket/*",
"Principal": {
"AWS": [
"${main.arn}"
]
}
}
]
}
`,
});
Function getCallerIdentity
getCallerIdentity(opts?: pulumi.InvokeOptions): Promise<GetCallerIdentityResult>
Use this data source to get the access to the effective Account ID, User ID, and ARN in which this provider is authorized.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = aws.getCallerIdentity({});
export const accountId = current.then(current => current.accountId);
export const callerArn = current.then(current => current.arn);
export const callerUser = current.then(current => current.userId);
Function getCanonicalUserId
getCanonicalUserId(opts?: pulumi.InvokeOptions): Promise<GetCanonicalUserIdResult>
The Canonical User ID data source allows access to the canonical user ID for the effective account in which this provider is working.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = aws.getCanonicalUserId({});
export const canonicalUserId = current.then(current => current.id);
Function getElasticIp
getElasticIp(args?: GetElasticIpArgs, opts?: pulumi.InvokeOptions): Promise<GetElasticIpResult>
aws.ec2.Eip
provides details about a specific Elastic IP.
Example Usage
Search By Allocation ID (VPC only)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const byAllocationId = pulumi.output(aws.getElasticIp({
id: "eipalloc-12345678",
}, { async: true }));
Search By Filters (EC2-Classic or VPC)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const byFilter = pulumi.output(aws.getElasticIp({
filters: [{
name: "tag:Name",
values: ["exampleNameTagValue"],
}],
}, { async: true }));
Search By Public IP (EC2-Classic or VPC)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const byPublicIp = pulumi.output(aws.getElasticIp({
publicIp: "1.2.3.4",
}, { async: true }));
Search By Tags (EC2-Classic or VPC)
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const byTags = pulumi.output(aws.getElasticIp({
tags: {
Name: "exampleNameTagValue",
},
}, { async: true }));
Function getIpRanges
getIpRanges(args: GetIpRangesArgs, opts?: pulumi.InvokeOptions): Promise<GetIpRangesResult>
Use this data source to get the IP ranges of various AWS products and services. For more information about the contents of this data source and required JSON syntax if referencing a custom URL, see the AWS IP Address Ranges documentation.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const europeanEc2 = aws.getIpRanges({
regions: [
"eu-west-1",
"eu-central-1",
],
services: ["ec2"],
});
const fromEurope = new aws.ec2.SecurityGroup("fromEurope", {
ingress: [{
fromPort: "443",
toPort: "443",
protocol: "tcp",
cidrBlocks: europeanEc2.then(europeanEc2 => europeanEc2.cidrBlocks),
ipv6CidrBlocks: europeanEc2.then(europeanEc2 => europeanEc2.ipv6CidrBlocks),
}],
tags: {
CreateDate: europeanEc2.then(europeanEc2 => europeanEc2.createDate),
SyncToken: europeanEc2.then(europeanEc2 => europeanEc2.syncToken),
},
});
Function getPartition
getPartition(opts?: pulumi.InvokeOptions): Promise<GetPartitionResult>
Use this data source to lookup current AWS partition in which this provider is working
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = pulumi.output(aws.getPartition({ async: true }));
const s3Policy = current.apply(current => aws.iam.getPolicyDocument({
statements: [{
actions: ["s3:ListBucket"],
resources: [`arn:${current.partition}:s3:::my-bucket`],
sid: "1",
}],
}, { async: true }));
Function getPrefixList
getPrefixList(args?: GetPrefixListArgs, opts?: pulumi.InvokeOptions): Promise<GetPrefixListResult>
aws.getPrefixList
provides details about a specific prefix list (PL)
in the current region.
This can be used both to validate a prefix list given in a variable and to obtain the CIDR blocks (IP address ranges) for the associated AWS service. The latter may be useful e.g. for adding network ACL rules.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const privateS3VpcEndpoint = new aws.ec2.VpcEndpoint("privateS3VpcEndpoint", {
vpcId: aws_vpc.foo.id,
serviceName: "com.amazonaws.us-west-2.s3",
});
const privateS3PrefixList = privateS3VpcEndpoint.prefixListId.apply(prefixListId => aws.getPrefixList({
prefixListId: prefixListId,
}));
const bar = new aws.ec2.NetworkAcl("bar", {vpcId: aws_vpc.foo.id});
const privateS3NetworkAclRule = new aws.ec2.NetworkAclRule("privateS3NetworkAclRule", {
networkAclId: bar.id,
ruleNumber: 200,
egress: false,
protocol: "tcp",
ruleAction: "allow",
cidrBlock: privateS3PrefixList.cidrBlocks[0],
fromPort: 443,
toPort: 443,
});
Filter
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const test = pulumi.output(aws.getPrefixList({
filters: [{
name: "prefix-list-id",
values: ["pl-68a54001"],
}],
}, { async: true }));
Function getRegion
getRegion(args?: GetRegionArgs, opts?: pulumi.InvokeOptions): Promise<GetRegionResult>
aws.getRegion
provides details about a specific AWS region.
As well as validating a given region name this resource can be used to discover the name of the region configured within the provider. The latter can be useful in a child module which is inheriting an AWS provider configuration from its parent module.
Example Usage
The following example shows how the resource might be used to obtain the name of the AWS region configured on the provider.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = pulumi.output(aws.getRegion({ async: true }));
Function getRegions
getRegions(args?: GetRegionsArgs, opts?: pulumi.InvokeOptions): Promise<GetRegionsResult>
Provides information about AWS Regions. Can be used to filter regions i.e. by Opt-In status or only regions enabled for current account. To get details like endpoint and description of each region the data source can be combined with the aws.getRegion
data source.
Example Usage
Enabled AWS Regions:
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = pulumi.output(aws.getRegions({ async: true }));
All the regions regardless of the availability
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = pulumi.output(aws.getRegions({
allRegions: true,
}, { async: true }));
To see regions that are filtered by "not-opted-in"
, the allRegions
argument needs to be set to true
or no results will be returned.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const current = pulumi.output(aws.getRegions({
allRegions: true,
filters: [{
name: "opt-in-status",
values: ["not-opted-in"],
}],
}, { async: true }));
Others
let AFSouth1Region
let AFSouth1Region: Region = "af-south-1";
The AFSouth1Region constant is deprecated, use Region.AFSouth1 instead.
let APEast1Region
let APEast1Region: Region = "ap-east-1";
The APEast1Region constant is deprecated, use Region.AFEast1 instead.
let APNortheast1Region
let APNortheast1Region: Region = "ap-northeast-1";
The APNortheast1Region constant is deprecated, use Region.AFNortheast1 instead.
let APNortheast2Region
let APNortheast2Region: Region = "ap-northeast-2";
The APNortheast2Region constant is deprecated, use Region.APNortheast2 instead.
let APSouth1Region
let APSouth1Region: Region = "ap-south-1";
The APSouth1Region constant is deprecated, use Region.APSouth1 instead.
let APSoutheast1Region
let APSoutheast1Region: Region = "ap-southeast-1";
The APSoutheast1Region constant is deprecated, use Region.APSoutheast1 instead.
let APSouthEast2Region
let APSouthEast2Region: Region = "ap-southeast-2";
The APSouthEast2Region constant is deprecated, use Region.APSoutheast2 instead.
type ARN
type ARN = string | ManagedPolicy;
An ARN is an Amazon Resource Name, and uniquely identifies a region globally across all accounts and regions.
let CACentralRegion
let CACentralRegion: Region = "ca-central-1";
The CACentralRegion constant is deprecated, use Region.CACentral1 instead.
let CNNorth1Region
let CNNorth1Region: Region = "cn-north-1";
The CNNorth1Region constant is deprecated, use Region.CNNorth1 instead.
let CNNorthWest1Region
let CNNorthWest1Region: Region = "cn-northwest-1";
The CNNorthWest1Region constant is deprecated, use Region.CNNorthwest1 instead.
let EUCentral1Region
let EUCentral1Region: Region = "eu-central-1";
The EUCentral1Region constant is deprecated, use Region.EUCentral1 instead.
let EUNorth1Region
let EUNorth1Region: Region = "eu-north-1";
The EUNorth1Region constant is deprecated, use Region.EUNorth1 instead.
let EUSouth1Region
let EUSouth1Region: Region = "eu-south-1";
The EUSouth1Region constant is deprecated, use Region.EUSouth1 instead.
let EUWest1Region
let EUWest1Region: Region = "eu-west-1";
The EUWest1Region constant is deprecated, use Region.EUWest1 instead.
let EUWest2Region
let EUWest2Region: Region = "eu-west-2";
The EUWest2Region constant is deprecated, use Region.EUWest2 instead.
let EUWest3Region
let EUWest3Region: Region = "eu-west-3";
The EUWest3Region constant is deprecated, use Region.EUWest3 instead.
interface GetAmiArgs
interface GetAmiArgs
A collection of arguments for invoking getAmi.
property executableUsers
executableUsers?: string[];
Limit search to users with explicit launch permission on
the image. Valid items are the numeric account ID or self
.
property filters
filters?: GetAmiFilter[];
One or more name/value pairs to filter off of. There are several valid keys, for a full reference, check out [describe-images in the AWS CLI reference][1].
property mostRecent
mostRecent?: undefined | false | true;
If more than one result is returned, use the most recent AMI.
property nameRegex
nameRegex?: undefined | string;
A regex string to apply to the AMI list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other options to narrow down the list AWS returns.
property owners
owners: string[];
List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, self
(the current account), or an AWS owner alias (e.g. amazon
, aws-marketplace
, microsoft
).
property tags
tags?: undefined | {[key: string]: string};
Any tags assigned to the image.
* tags.#.key
- The key name of the tag.
* tags.#.value
- The value of the tag.
interface GetAmiIdsArgs
interface GetAmiIdsArgs
A collection of arguments for invoking getAmiIds.
property executableUsers
executableUsers?: string[];
Limit search to users with explicit launch
permission on the image. Valid items are the numeric account ID or self
.
property filters
filters?: GetAmiIdsFilter[];
One or more name/value pairs to filter off of. There are several valid keys, for a full reference, check out [describe-images in the AWS CLI reference][1].
property nameRegex
nameRegex?: undefined | string;
A regex string to apply to the AMI list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other options to narrow down the list AWS returns.
property owners
owners: string[];
List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, self
(the current account), or an AWS owner alias (e.g. amazon
, aws-marketplace
, microsoft
).
property sortAscending
sortAscending?: undefined | false | true;
Used to sort AMIs by creation time.
interface GetAmiIdsResult
interface GetAmiIdsResult
A collection of values returned by getAmiIds.
property executableUsers
executableUsers?: string[];
property filters
filters?: GetAmiIdsFilter[];
property id
id: string;
The provider-assigned unique ID for this managed resource.
property ids
ids: string[];
property nameRegex
nameRegex?: undefined | string;
property owners
owners: string[];
property sortAscending
sortAscending?: undefined | false | true;
interface GetAmiResult
interface GetAmiResult
A collection of values returned by getAmi.
property architecture
architecture: string;
The OS architecture of the AMI (ie: i386
or x8664
).
property arn
arn: string;
The ARN of the AMI.
property blockDeviceMappings
blockDeviceMappings: GetAmiBlockDeviceMapping[];
The block device mappings of the AMI.
* block_device_mappings.#.device_name
- The physical name of the device.
* block_device_mappings.#.ebs.delete_on_termination
- true
if the EBS volume
will be deleted on termination.
* block_device_mappings.#.ebs.encrypted
- true
if the EBS volume
is encrypted.
* block_device_mappings.#.ebs.iops
- 0
if the EBS volume is
not a provisioned IOPS image, otherwise the supported IOPS count.
* block_device_mappings.#.ebs.snapshot_id
- The ID of the snapshot.
* block_device_mappings.#.ebs.volume_size
- The size of the volume, in GiB.
* block_device_mappings.#.ebs.volume_type
- The volume type.
* block_device_mappings.#.no_device
- Suppresses the specified device
included in the block device mapping of the AMI.
* block_device_mappings.#.virtual_name
- The virtual device name (for
instance stores).
property creationDate
creationDate: string;
The date and time the image was created.
property description
description: string;
The description of the AMI that was provided during image creation.
property executableUsers
executableUsers?: string[];
property filters
filters?: GetAmiFilter[];
property hypervisor
hypervisor: string;
The hypervisor type of the image.
property id
id: string;
The provider-assigned unique ID for this managed resource.
property imageId
imageId: string;
The ID of the AMI. Should be the same as the resource id
.
property imageLocation
imageLocation: string;
The location of the AMI.
property imageOwnerAlias
imageOwnerAlias: string;
The AWS account alias (for example, amazon
, self
) or
the AWS account ID of the AMI owner.
property imageType
imageType: string;
The type of image.
property kernelId
kernelId: string;
The kernel associated with the image, if any. Only applicable for machine images.
property mostRecent
mostRecent?: undefined | false | true;
property name
name: string;
The name of the AMI that was provided during image creation.
property nameRegex
nameRegex?: undefined | string;
property ownerId
ownerId: string;
The AWS account ID of the image owner.
property owners
owners: string[];
property platform
platform: string;
The value is Windows for Windows
AMIs; otherwise blank.
property productCodes
productCodes: GetAmiProductCode[];
Any product codes associated with the AMI.
* product_codes.#.product_code_id
- The product code.
* product_codes.#.product_code_type
- The type of product code.
property public
public: boolean;
true
if the image has public launch permissions.
property ramdiskId
ramdiskId: string;
The RAM disk associated with the image, if any. Only applicable for machine images.
property rootDeviceName
rootDeviceName: string;
The device name of the root device.
property rootDeviceType
rootDeviceType: string;
The type of root device (ie: ebs
or instance-store
).
property rootSnapshotId
rootSnapshotId: string;
The snapshot id associated with the root device, if any
(only applies to ebs
root devices).
property sriovNetSupport
sriovNetSupport: string;
Specifies whether enhanced networking is enabled.
property state
state: string;
The current state of the AMI. If the state is available
, the image
is successfully registered and can be used to launch an instance.
property stateReason
stateReason: {[key: string]: string};
Describes a state change. Fields are UNSET
if not available.
* state_reason.code
- The reason code for the state change.
* state_reason.message
- The message for the state change.
property tags
tags: {[key: string]: string};
Any tags assigned to the image.
* tags.#.key
- The key name of the tag.
* tags.#.value
- The value of the tag.
property virtualizationType
virtualizationType: string;
The type of virtualization of the AMI (ie: hvm
or
paravirtual
).
interface GetArnArgs
interface GetArnArgs
A collection of arguments for invoking getArn.
property arn
arn: string;
The ARN to parse.
interface GetArnResult
interface GetArnResult
A collection of values returned by getArn.
property account
account: string;
The ID of the AWS account that owns the resource, without the hyphens.
property arn
arn: string;
property id
id: string;
The provider-assigned unique ID for this managed resource.
property partition
partition: string;
The partition that the resource is in.
property region
region: string;
The region the resource resides in. Note that the ARNs for some resources do not require a region, so this component might be omitted.
property resource
resource: string;
The content of this part of the ARN varies by service. It often includes an indicator of the type of resource—for example, an IAM user or Amazon RDS database —followed by a slash (/) or a colon (:), followed by the resource name itself.
property service
service: string;
The service namespace that identifies the AWS product.
interface GetAutoscalingGroupsArgs
interface GetAutoscalingGroupsArgs
A collection of arguments for invoking getAutoscalingGroups.
property filters
filters?: GetAutoscalingGroupsFilter[];
A filter used to scope the list e.g. by tags. See related docs.
interface GetAutoscalingGroupsResult
interface GetAutoscalingGroupsResult
A collection of values returned by getAutoscalingGroups.
property arns
arns: string[];
A list of the Autoscaling Groups Arns in the current region.
property filters
filters?: GetAutoscalingGroupsFilter[];
property id
id: string;
The provider-assigned unique ID for this managed resource.
property names
names: string[];
A list of the Autoscaling Groups in the current region.
interface GetAvailabilityZoneArgs
interface GetAvailabilityZoneArgs
A collection of arguments for invoking getAvailabilityZone.
property allAvailabilityZones
allAvailabilityZones?: undefined | false | true;
Set to true
to include all Availability Zones and Local Zones regardless of your opt in status.
property filters
filters?: GetAvailabilityZoneFilter[];
Configuration block(s) for filtering. Detailed below.
property name
name?: undefined | string;
The name of the filter field. Valid values can be found in the EC2 DescribeAvailabilityZones API Reference.
property state
state?: undefined | string;
A specific availability zone state to require. May be any of "available"
, "information"
or "impaired"
.
property zoneId
zoneId?: undefined | string;
The zone ID of the availability zone to select.
interface GetAvailabilityZoneResult
interface GetAvailabilityZoneResult
A collection of values returned by getAvailabilityZone.
property allAvailabilityZones
allAvailabilityZones?: undefined | false | true;
property filters
filters?: GetAvailabilityZoneFilter[];
property groupName
groupName: string;
For Availability Zones, this is the same value as the Region name. For Local Zones, the name of the associated group, for example us-west-2-lax-1
.
property id
id: string;
The provider-assigned unique ID for this managed resource.
property name
name: string;
property nameSuffix
nameSuffix: string;
The part of the AZ name that appears after the region name, uniquely identifying the AZ within its region.
For Availability Zones this is usually a single letter, for example a
for the us-west-2a
zone.
For Local and Wavelength Zones this is a longer string, for example wl1-sfo-wlz-1
for the us-west-2-wl1-sfo-wlz-1
zone.
property networkBorderGroup
networkBorderGroup: string;
The name of the location from which the address is advertised.
property optInStatus
optInStatus: string;
For Availability Zones, this always has the value of opt-in-not-required
. For Local Zones, this is the opt in status. The possible values are opted-in
and not-opted-in
.
property parentZoneId
parentZoneId: string;
The ID of the zone that handles some of the Local Zone or Wavelength Zone control plane operations, such as API calls.
property parentZoneName
parentZoneName: string;
The name of the zone that handles some of the Local Zone or Wavelength Zone control plane operations, such as API calls.
property region
region: string;
The region where the selected availability zone resides. This is always the region selected on the provider, since this data source searches only within that region.
property state
state: string;
property zoneId
zoneId: string;
property zoneType
zoneType: string;
The type of zone. Values are availability-zone
, local-zone
, and wavelength-zone
.
interface GetAvailabilityZonesArgs
interface GetAvailabilityZonesArgs
A collection of arguments for invoking getAvailabilityZones.
property allAvailabilityZones
allAvailabilityZones?: undefined | false | true;
Set to true
to include all Availability Zones and Local Zones regardless of your opt in status.
property excludeNames
excludeNames?: string[];
List of Availability Zone names to exclude.
property excludeZoneIds
excludeZoneIds?: string[];
List of Availability Zone IDs to exclude.
property filters
filters?: GetAvailabilityZonesFilter[];
Configuration block(s) for filtering. Detailed below.
property state
state?: undefined | string;
Allows to filter list of Availability Zones based on their
current state. Can be either "available"
, "information"
, "impaired"
or
"unavailable"
. By default the list includes a complete set of Availability Zones
to which the underlying AWS account has access, regardless of their state.
interface GetAvailabilityZonesResult
interface GetAvailabilityZonesResult
A collection of values returned by getAvailabilityZones.
property allAvailabilityZones
allAvailabilityZones?: undefined | false | true;
property excludeNames
excludeNames?: string[];
property excludeZoneIds
excludeZoneIds?: string[];
property filters
filters?: GetAvailabilityZonesFilter[];
property groupNames
groupNames: string[];
property id
id: string;
The provider-assigned unique ID for this managed resource.
property names
names: string[];
A list of the Availability Zone names available to the account.
property state
state?: undefined | string;
property zoneIds
zoneIds: string[];
A list of the Availability Zone IDs available to the account.
interface GetBillingServiceAccountResult
interface GetBillingServiceAccountResult
A collection of values returned by getBillingServiceAccount.
property arn
arn: string;
The ARN of the AWS billing service account.
property id
id: string;
The provider-assigned unique ID for this managed resource.
interface GetCallerIdentityResult
interface GetCallerIdentityResult
A collection of values returned by getCallerIdentity.
property accountId
accountId: string;
The AWS Account ID number of the account that owns or contains the calling entity.
property arn
arn: string;
The AWS ARN associated with the calling entity.
property id
id: string;
The provider-assigned unique ID for this managed resource.
property userId
userId: string;
The unique identifier of the calling entity.
interface GetCanonicalUserIdResult
interface GetCanonicalUserIdResult
A collection of values returned by getCanonicalUserId.
property displayName
displayName: string;
The human-friendly name linked to the canonical user ID. The bucket owner’s display name. NOTE: This value is only included in the response in the US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Ireland), and South America (São Paulo) regions.
property id
id: string;
The provider-assigned unique ID for this managed resource.
interface GetElasticIpArgs
interface GetElasticIpArgs
A collection of arguments for invoking getElasticIp.
property filters
filters?: GetElasticIpFilter[];
One or more name/value pairs to use as filters. There are several valid keys, for a full reference, check out the EC2 API Reference.
property id
id?: undefined | string;
The allocation id of the specific VPC EIP to retrieve. If a classic EIP is required, do NOT set id
, only set publicIp
property publicIp
publicIp?: undefined | string;
The public IP of the specific EIP to retrieve.
property tags
tags?: undefined | {[key: string]: string};
A map of tags, each pair of which must exactly match a pair on the desired Elastic IP
interface GetElasticIpResult
interface GetElasticIpResult
A collection of values returned by getElasticIp.
property associationId
associationId: string;
The ID representing the association of the address with an instance in a VPC.
property carrierIp
carrierIp: string;
The carrier IP address.
property customerOwnedIp
customerOwnedIp: string;
Customer Owned IP.
property customerOwnedIpv4Pool
customerOwnedIpv4Pool: string;
The ID of a Customer Owned IP Pool. For more on customer owned IP addressed check out Customer-owned IP addresses guide
property domain
domain: string;
Indicates whether the address is for use in EC2-Classic (standard) or in a VPC (vpc).
property filters
filters?: GetElasticIpFilter[];
property id
id: string;
If VPC Elastic IP, the allocation identifier. If EC2-Classic Elastic IP, the public IP address.
property instanceId
instanceId: string;
The ID of the instance that the address is associated with (if any).
property networkInterfaceId
networkInterfaceId: string;
The ID of the network interface.
property networkInterfaceOwnerId
networkInterfaceOwnerId: string;
The ID of the AWS account that owns the network interface.
property privateDns
privateDns: string;
The Private DNS associated with the Elastic IP address.
property privateIp
privateIp: string;
The private IP address associated with the Elastic IP address.
property publicDns
publicDns: string;
Public DNS associated with the Elastic IP address.
property publicIp
publicIp: string;
Public IP address of Elastic IP.
property publicIpv4Pool
publicIpv4Pool: string;
The ID of an address pool.
property tags
tags: {[key: string]: string};
Key-value map of tags associated with Elastic IP.
function getEnv
getEnv(vars: string[]): string | undefined
function getEnvBoolean
getEnvBoolean(vars: string[]): boolean | undefined
function getEnvNumber
getEnvNumber(vars: string[]): number | undefined
interface GetIpRangesArgs
interface GetIpRangesArgs
A collection of arguments for invoking getIpRanges.
property regions
regions?: string[];
Filter IP ranges by regions (or include all regions, if
omitted). Valid items are global
(for cloudfront
) as well as all AWS regions
(e.g. eu-central-1
)
property services
services: string[];
Filter IP ranges by services. Valid items are amazon
(for amazon.com), amazonConnect
, apiGateway
, cloud9
, cloudfront
,
codebuild
, dynamodb
, ec2
, ec2InstanceConnect
, globalaccelerator
,
route53
, route53Healthchecks
, s3
and workspacesGateways
. See the
[service
attribute][2] documentation for other possible values.
property url
url?: undefined | string;
Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json
.
interface GetIpRangesResult
interface GetIpRangesResult
A collection of values returned by getIpRanges.
property cidrBlocks
cidrBlocks: string[];
The lexically ordered list of CIDR blocks.
property createDate
createDate: string;
The publication time of the IP ranges (e.g. 2016-08-03-23-46-05
).
property id
id: string;
The provider-assigned unique ID for this managed resource.
property ipv6CidrBlocks
ipv6CidrBlocks: string[];
The lexically ordered list of IPv6 CIDR blocks.
property regions
regions?: string[];
property services
services: string[];
property syncToken
syncToken: number;
The publication time of the IP ranges, in Unix epoch time format
(e.g. 1470267965
).
property url
url?: undefined | string;
interface GetPartitionResult
interface GetPartitionResult
A collection of values returned by getPartition.
property dnsSuffix
dnsSuffix: string;
Base DNS domain name for the current partition (e.g. amazonaws.com
in AWS Commercial, amazonaws.com.cn
in AWS China).
property id
id: string;
The provider-assigned unique ID for this managed resource.
property partition
partition: string;
Identifier of the current partition (e.g. aws
in AWS Commercial, aws-cn
in AWS China).
property reverseDnsPrefix
reverseDnsPrefix: string;
Prefix of service names (e.g. com.amazonaws
in AWS Commercial, cn.com.amazonaws
in AWS China).
interface GetPrefixListArgs
interface GetPrefixListArgs
A collection of arguments for invoking getPrefixList.
property filters
filters?: GetPrefixListFilter[];
Configuration block(s) for filtering. Detailed below.
property name
name?: undefined | string;
The name of the filter field. Valid values can be found in the EC2 DescribePrefixLists API Reference.
property prefixListId
prefixListId?: undefined | string;
The ID of the prefix list to select.
interface GetPrefixListResult
interface GetPrefixListResult
A collection of values returned by getPrefixList.
property cidrBlocks
cidrBlocks: string[];
The list of CIDR blocks for the AWS service associated with the prefix list.
property filters
filters?: GetPrefixListFilter[];
property id
id: string;
The provider-assigned unique ID for this managed resource.
property name
name: string;
The name of the selected prefix list.
property prefixListId
prefixListId?: undefined | string;
interface GetRegionArgs
interface GetRegionArgs
A collection of arguments for invoking getRegion.
property endpoint
endpoint?: undefined | string;
The EC2 endpoint of the region to select.
property name
name?: undefined | string;
The full name of the region to select.
interface GetRegionResult
interface GetRegionResult
A collection of values returned by getRegion.
property description
description: string;
The region’s description in this format: “Location (Region name)”.
property endpoint
endpoint: string;
The EC2 endpoint for the selected region.
property id
id: string;
The provider-assigned unique ID for this managed resource.
property name
name: string;
The name of the selected region.
interface GetRegionsArgs
interface GetRegionsArgs
A collection of arguments for invoking getRegions.
property allRegions
allRegions?: undefined | false | true;
If true the source will query all regions regardless of availability.
property filters
filters?: GetRegionsFilter[];
Configuration block(s) to use as filters. Detailed below.
interface GetRegionsResult
interface GetRegionsResult
A collection of values returned by getRegions.
property allRegions
allRegions?: undefined | false | true;
property filters
filters?: GetRegionsFilter[];
property id
id: string;
The provider-assigned unique ID for this managed resource.
property names
names: string[];
Names of regions that meets the criteria.
function getVersion
getVersion(): string
let MESouth1Region
let MESouth1Region: Region = "me-south-1";
The MESouth1Region constant is deprecated, use Region.MESouth1 instead.
type Overwrite
type Overwrite = Pick<T, Diff<keyof T, keyof U>> & U;
interface ProviderArgs
interface ProviderArgs
The set of arguments for constructing a Provider resource.
property accessKey
accessKey?: pulumi.Input<string>;
The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
property allowedAccountIds
allowedAccountIds?: pulumi.Input<pulumi.Input<string>[]>;
property assumeRole
assumeRole?: pulumi.Input<ProviderAssumeRole>;
property endpoints
endpoints?: pulumi.Input<pulumi.Input<ProviderEndpoint>[]>;
property forbiddenAccountIds
forbiddenAccountIds?: pulumi.Input<pulumi.Input<string>[]>;
property ignoreTags
ignoreTags?: pulumi.Input<ProviderIgnoreTags>;
Configuration block with settings to ignore resource tags across all resources.
property insecure
insecure?: pulumi.Input<boolean>;
Explicitly allow the provider to perform “insecure” SSL requests. If omitted,default value is false
property maxRetries
maxRetries?: pulumi.Input<number>;
The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.
property profile
profile?: pulumi.Input<string>;
The profile for API operations. If not set, the default profile created with aws configure
will be used.
property region
region?: pulumi.Input<Region>;
The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc.
property s3ForcePathStyle
s3ForcePathStyle?: pulumi.Input<boolean>;
Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.
property secretKey
secretKey?: pulumi.Input<string>;
The secret key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.
property sharedCredentialsFile
sharedCredentialsFile?: pulumi.Input<string>;
The path to the shared credentials file. If not set this defaults to ~/.aws/credentials.
property skipCredentialsValidation
skipCredentialsValidation?: pulumi.Input<boolean>;
Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.
property skipGetEc2Platforms
skipGetEc2Platforms?: pulumi.Input<boolean>;
Skip getting the supported EC2 platforms. Used by users that don’t have ec2:DescribeAccountAttributes permissions.
property skipMetadataApiCheck
skipMetadataApiCheck?: pulumi.Input<boolean>;
property skipRegionValidation
skipRegionValidation?: pulumi.Input<boolean>;
Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are not public (yet).
property skipRequestingAccountId
skipRequestingAccountId?: pulumi.Input<boolean>;
Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.
property token
token?: pulumi.Input<string>;
session token. A session token is only required if you are using temporary security credentials.
let SAEast1Region
let SAEast1Region: Region = "sa-east-1";
The SAEast1Region constant is deprecated, use Region.SAEast1 instead.
interface Tags
interface Tags
Tags represents a set of key-value string pairs to which can be applied to an AWS resource.
let USEast1Region
let USEast1Region: Region = "us-east-1";
The USEast1Region constant is deprecated, use Region.USEast1 instead.
let USEast2Region
let USEast2Region: Region = "us-east-2";
The USEast2Region constant is deprecated, use Region.USEast2 instead.
let USGovEast1Region
let USGovEast1Region: Region = "us-gov-east-1";
The USGovEast1Region constant is deprecated, use Region.USGovEast1 instead.
let USGovWest1Region
let USGovWest1Region: Region = "us-gov-west-1";
The USGovWest1Region constant is deprecated, use Region.USGovWest1 instead.
let USWest1Region
let USWest1Region: Region = "us-west-1";
The USWest1Region constant is deprecated, use Region.USWest1 instead.
let USWest2Region
let USWest2Region: Region = "us-west-2";
The USWest2Region constant is deprecated, use Region.USWest2 instead.