1. Docs
  2. Reference
  3. API
  4. @pulumi/aws
  5. ec2

Module ec2

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

namespace InstancePlatforms

namespace InstanceTypes

namespace Tenancies

Resources

Data Sources

Others

namespace InstancePlatforms

const LinuxUnixPlatform 

const LinuxUnixPlatform: InstancePlatform = "Linux/UNIX";

const RedHatEnterpriseLinuxPlatform 

const RedHatEnterpriseLinuxPlatform: InstancePlatform = "Red Hat Enterprise Linux";

const SuseLinuxPlatform 

const SuseLinuxPlatform: InstancePlatform = "SUSE Linux";

const WindowsPlatform 

const WindowsPlatform: InstancePlatform = "Windows";

const WindowsWithSqlServerEnterprisePlatform 

const WindowsWithSqlServerEnterprisePlatform: InstancePlatform = "Windows with SQL Server Enterprise";

const WindowsWithSqlServerPlatform 

const WindowsWithSqlServerPlatform: InstancePlatform = "Windows with SQL Server";

const WindowsWithSqlServerStandardPlatform 

const WindowsWithSqlServerStandardPlatform: InstancePlatform = "Windows with SQL Server Standard";

const WindowsWithSqlServerWebPlatform 

const WindowsWithSqlServerWebPlatform: InstancePlatform = "Windows with SQL Server Web";

namespace InstanceTypes

const A1_2XLarge 

const A1_2XLarge: InstanceType = "a1.2xlarge";

const A1_4XLarge 

const A1_4XLarge: InstanceType = "a1.4xlarge";

const A1_Large 

const A1_Large: InstanceType = "a1.large";

const A1_Medium 

const A1_Medium: InstanceType = "a1.medium";

const A1_XLarge 

const A1_XLarge: InstanceType = "a1.xlarge";

const C3_2XLarge 

const C3_2XLarge: InstanceType = "c3.2xlarge";

const C3_4XLarge 

const C3_4XLarge: InstanceType = "c3.4xlarge";

const C3_8XLarge 

const C3_8XLarge: InstanceType = "c3.8xlarge";

const C3_Large 

const C3_Large: InstanceType = "c3.large";

const C3_XLarge 

const C3_XLarge: InstanceType = "c3.xlarge";

const C4_2XLarge 

const C4_2XLarge: InstanceType = "c4.2xlarge";

const C4_4XLarge 

const C4_4XLarge: InstanceType = "c4.4xlarge";

const C4_8XLarge 

const C4_8XLarge: InstanceType = "c4.8xlarge";

const C4_Large 

const C4_Large: InstanceType = "c4.large";

const C4_XLarge 

const C4_XLarge: InstanceType = "c4.xlarge";

const C5_18XLarge 

const C5_18XLarge: InstanceType = "c5.18xlarge";

const C5_2XLarge 

const C5_2XLarge: InstanceType = "c5.2xlarge";

const C5_4XLarge 

const C5_4XLarge: InstanceType = "c5.4xlarge";

const C5_9XLarge 

const C5_9XLarge: InstanceType = "c5.9xlarge";

const C5_Large 

const C5_Large: InstanceType = "c5.large";

const C5_XLarge 

const C5_XLarge: InstanceType = "c5.xlarge";

const C5d_18XLarge 

const C5d_18XLarge: InstanceType = "c5d.18xlarge";

const C5d_2XLarge 

const C5d_2XLarge: InstanceType = "c5d.2xlarge";

const C5d_4XLarge 

const C5d_4XLarge: InstanceType = "c5d.4xlarge";

const C5d_9XLarge 

const C5d_9XLarge: InstanceType = "c5d.9xlarge";

const C5d_Large 

const C5d_Large: InstanceType = "c5d.large";

const C5d_XLarge 

const C5d_XLarge: InstanceType = "c5d.xlarge";

const C5n_18XLarge 

const C5n_18XLarge: InstanceType = "c5n.18xlarge";

const C5n_2XLarge 

const C5n_2XLarge: InstanceType = "c5n.2xlarge";

const C5n_4XLarge 

const C5n_4XLarge: InstanceType = "c5n.4xlarge";

const C5n_9XLarge 

const C5n_9XLarge: InstanceType = "c5n.9xlarge";

const C5n_Large 

const C5n_Large: InstanceType = "c5n.large";

const C5n_XLarge 

const C5n_XLarge: InstanceType = "c5n.xlarge";

const D2_2XLarge 

const D2_2XLarge: InstanceType = "d2.2xlarge";

const D2_4XLarge 

const D2_4XLarge: InstanceType = "d2.4xlarge";

const D2_8XLarge 

const D2_8XLarge: InstanceType = "d2.8xlarge";

const D2_XLarge 

const D2_XLarge: InstanceType = "d2.xlarge";

const F1_16XLarge 

const F1_16XLarge: InstanceType = "f1.16xlarge";

const F1_2XLarge 

const F1_2XLarge: InstanceType = "f1.2xlarge";

const G2_2XLarge 

const G2_2XLarge: InstanceType = "g2.2xlarge";

const G2_8XLarge 

const G2_8XLarge: InstanceType = "g2.8xlarge";

const G3_16XLarge 

const G3_16XLarge: InstanceType = "g3.16xlarge";

const G3_4XLarge 

const G3_4XLarge: InstanceType = "g3.4xlarge";

const G3_8XLarge 

const G3_8XLarge: InstanceType = "g3.8xlarge";

const G3s_XLarge 

const G3s_XLarge: InstanceType = "g3s.xlarge";

const H1_16XLarge 

const H1_16XLarge: InstanceType = "h1.16xlarge";

const H1_2XLarge 

const H1_2XLarge: InstanceType = "h1.2xlarge";

const H1_4XLarge 

const H1_4XLarge: InstanceType = "h1.4xlarge";

const H1_8XLarge 

const H1_8XLarge: InstanceType = "h1.8xlarge";

const Hs1_8XLarge 

const Hs1_8XLarge: InstanceType = "hs1.8xlarge";

const I3_16XLarge 

const I3_16XLarge: InstanceType = "i3.16xlarge";

const I3_2XLarge 

const I3_2XLarge: InstanceType = "i3.2xlarge";

const I3_4XLarge 

const I3_4XLarge: InstanceType = "i3.4xlarge";

const I3_8XLarge 

const I3_8XLarge: InstanceType = "i3.8xlarge";

const I3_Large 

const I3_Large: InstanceType = "i3.large";

const I3_Metal 

const I3_Metal: InstanceType = "i3.metal";

const I3_XLarge 

const I3_XLarge: InstanceType = "i3.xlarge";

const M3_2XLarge 

const M3_2XLarge: InstanceType = "m3.2xlarge";

const M3_Large 

const M3_Large: InstanceType = "m3.large";

const M3_Medium 

const M3_Medium: InstanceType = "m3.medium";

const M3_XLarge 

const M3_XLarge: InstanceType = "m3.xlarge";

const M4_10XLarge 

const M4_10XLarge: InstanceType = "m4.10xlarge";

const M4_16XLarge 

const M4_16XLarge: InstanceType = "m4.16xlarge";

const M4_2XLarge 

const M4_2XLarge: InstanceType = "m4.2xlarge";

const M4_4XLarge 

const M4_4XLarge: InstanceType = "m4.4xlarge";

const M4_Large 

const M4_Large: InstanceType = "m4.large";

const M4_XLarge 

const M4_XLarge: InstanceType = "m4.xlarge";

const M5_12XLarge 

const M5_12XLarge: InstanceType = "m5.12xlarge";

const M5_24XLarge 

const M5_24XLarge: InstanceType = "m5.24xlarge";

const M5_2XLarge 

const M5_2XLarge: InstanceType = "m5.2xlarge";

const M5_4XLarge 

const M5_4XLarge: InstanceType = "m5.4xlarge";

const M5_Large 

const M5_Large: InstanceType = "m5.large";

const M5_XLarge 

const M5_XLarge: InstanceType = "m5.xlarge";

const M5a_12XLarge 

const M5a_12XLarge: InstanceType = "m5a.12xlarge";

const M5a_24XLarge 

const M5a_24XLarge: InstanceType = "m5a.24xlarge";

const M5a_2XLarge 

const M5a_2XLarge: InstanceType = "m5a.2xlarge";

const M5a_4XLarge 

const M5a_4XLarge: InstanceType = "m5a.4xlarge";

const M5a_Large 

const M5a_Large: InstanceType = "m5a.large";

const M5a_XLarge 

const M5a_XLarge: InstanceType = "m5a.xlarge";

const M5d_12XLarge 

const M5d_12XLarge: InstanceType = "m5d.12xlarge";

const M5d_24XLarge 

const M5d_24XLarge: InstanceType = "m5d.24xlarge";

const M5d_2XLarge 

const M5d_2XLarge: InstanceType = "m5d.2xlarge";

const M5d_4XLarge 

const M5d_4XLarge: InstanceType = "m5d.4xlarge";

const M5d_Large 

const M5d_Large: InstanceType = "m5d.large";

const M5d_XLarge 

const M5d_XLarge: InstanceType = "m5d.xlarge";

const P2_16XLarge 

const P2_16XLarge: InstanceType = "p2.16xlarge";

const P2_8XLarge 

const P2_8XLarge: InstanceType = "p2.8xlarge";

const P2_XLarge 

const P2_XLarge: InstanceType = "p2.xlarge";

const P3_16XLarge 

const P3_16XLarge: InstanceType = "p3.16xlarge";

const P3_2XLarge 

const P3_2XLarge: InstanceType = "p3.2xlarge";

const P3_8XLarge 

const P3_8XLarge: InstanceType = "p3.8xlarge";

const P3dn_24XLarge 

const P3dn_24XLarge: InstanceType = "p3dn.24xlarge";

const R3_2XLarge 

const R3_2XLarge: InstanceType = "r3.2xlarge";

const R3_4XLarge 

const R3_4XLarge: InstanceType = "r3.4xlarge";

const R3_8XLarge 

const R3_8XLarge: InstanceType = "r3.8xlarge";

const R3_Large 

const R3_Large: InstanceType = "r3.large";

const R3_XLarge 

const R3_XLarge: InstanceType = "r3.xlarge";

const R4_16XLarge 

const R4_16XLarge: InstanceType = "r4.16xlarge";

const R4_2XLarge 

const R4_2XLarge: InstanceType = "r4.2xlarge";

const R4_4XLarge 

const R4_4XLarge: InstanceType = "r4.4xlarge";

const R4_8XLarge 

const R4_8XLarge: InstanceType = "r4.8xlarge";

const R4_Large 

const R4_Large: InstanceType = "r4.large";

const R4_XLarge 

const R4_XLarge: InstanceType = "r4.xlarge";

const R5_12XLarge 

const R5_12XLarge: InstanceType = "r5.12xlarge";

const R5_24XLarge 

const R5_24XLarge: InstanceType = "r5.24xlarge";

const R5_2XLarge 

const R5_2XLarge: InstanceType = "r5.2xlarge";

const R5_4XLarge 

const R5_4XLarge: InstanceType = "r5.4xlarge";

const R5_Large 

const R5_Large: InstanceType = "r5.large";

const R5_XLarge 

const R5_XLarge: InstanceType = "r5.xlarge";

const R5a_12XLarge 

const R5a_12XLarge: InstanceType = "r5a.12xlarge";

const R5a_24XLarge 

const R5a_24XLarge: InstanceType = "r5a.24xlarge";

const R5a_2XLarge 

const R5a_2XLarge: InstanceType = "r5a.2xlarge";

const R5a_4XLarge 

const R5a_4XLarge: InstanceType = "r5a.4xlarge";

const R5a_Large 

const R5a_Large: InstanceType = "r5a.large";

const R5a_XLarge 

const R5a_XLarge: InstanceType = "r5a.xlarge";

const R5d_12XLarge 

const R5d_12XLarge: InstanceType = "r5d.12xlarge";

const R5d_24XLarge 

const R5d_24XLarge: InstanceType = "r5d.24xlarge";

const R5d_2XLarge 

const R5d_2XLarge: InstanceType = "r5d.2xlarge";

const R5d_4XLarge 

const R5d_4XLarge: InstanceType = "r5d.4xlarge";

const R5d_Large 

const R5d_Large: InstanceType = "r5d.large";

const R5d_XLarge 

const R5d_XLarge: InstanceType = "r5d.xlarge";

const T2_2XLarge 

const T2_2XLarge: InstanceType = "t2.2xlarge";

const T2_Large 

const T2_Large: InstanceType = "t2.large";

const T2_Medium 

const T2_Medium: InstanceType = "t2.medium";

const T2_Micro 

const T2_Micro: InstanceType = "t2.micro";

const T2_Nano 

const T2_Nano: InstanceType = "t2.nano";

const T2_Small 

const T2_Small: InstanceType = "t2.small";

const T2_XLarge 

const T2_XLarge: InstanceType = "t2.xlarge";

const T3_2XLarge 

const T3_2XLarge: InstanceType = "t3.2xlarge";

const T3_Large 

const T3_Large: InstanceType = "t3.large";

const T3_Medium 

const T3_Medium: InstanceType = "t3.medium";

const T3_Micro 

const T3_Micro: InstanceType = "t3.micro";

const T3_Nano 

const T3_Nano: InstanceType = "t3.nano";

const T3_Small 

const T3_Small: InstanceType = "t3.small";

const T3_XLarge 

const T3_XLarge: InstanceType = "t3.xlarge";

const T3a_2XLarge 

const T3a_2XLarge: InstanceType = "t3a.2xlarge";

const T3a_Large 

const T3a_Large: InstanceType = "t3a.large";

const T3a_Medium 

const T3a_Medium: InstanceType = "t3a.medium";

const T3a_Micro 

const T3a_Micro: InstanceType = "t3a.micro";

const T3a_Nano 

const T3a_Nano: InstanceType = "t3a.nano";

const T3a_Small 

const T3a_Small: InstanceType = "t3a.small";

const T3a_XLarge 

const T3a_XLarge: InstanceType = "t3a.xlarge";

const U_12tb1Metal 

const U_12tb1Metal: InstanceType = "u-12tb1.metal";

const U_6tb1Metal 

const U_6tb1Metal: InstanceType = "u-6tb1.metal";

const U_9tb1Metal 

const U_9tb1Metal: InstanceType = "u-9tb1.metal";

const X1_16XLarge 

const X1_16XLarge: InstanceType = "x1.16xlarge";

const X1_32XLarge 

const X1_32XLarge: InstanceType = "x1.32xlarge";

const X1e_16XLarge 

const X1e_16XLarge: InstanceType = "x1e.16xlarge";

const X1e_2XLarge 

const X1e_2XLarge: InstanceType = "x1e.2xlarge";

const X1e_32XLarge 

const X1e_32XLarge: InstanceType = "x1e.32xlarge";

const X1e_4XLarge 

const X1e_4XLarge: InstanceType = "x1e.4xlarge";

const X1e_8XLarge 

const X1e_8XLarge: InstanceType = "x1e.8xlarge";

const X1e_XLarge 

const X1e_XLarge: InstanceType = "x1e.xlarge";

const Z1d_12XLarge 

const Z1d_12XLarge: InstanceType = "z1d.12xlarge";

const Z1d_2XLarge 

const Z1d_2XLarge: InstanceType = "z1d.2xlarge";

const Z1d_3XLarge 

const Z1d_3XLarge: InstanceType = "z1d.3xlarge";

const Z1d_6XLarge 

const Z1d_6XLarge: InstanceType = "z1d.6xlarge";

const Z1d_Large 

const Z1d_Large: InstanceType = "z1d.large";

const Z1d_XLarge 

const Z1d_XLarge: InstanceType = "z1d.xlarge";

namespace Tenancies

const DedicatedTenancy 

const DedicatedTenancy: Tenancy = "dedicated";

const DefaultTenancy 

const DefaultTenancy: Tenancy = "default";

Resources

Resource Ami 

class Ami extends CustomResource

The AMI resource allows the creation and management of a completely-custom Amazon Machine Image (AMI).

If you just want to duplicate an existing AMI, possibly copying it to another region, it’s better to use aws.ec2.AmiCopy instead.

If you just want to share an existing AMI with another AWS account, it’s better to use aws.ec2.AmiLaunchPermission instead.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Create an AMI that will start a machine whose root device is backed by
// an EBS volume populated from a snapshot. It is assumed that such a snapshot
// already exists with the id "snap-xxxxxxxx".
const example = new aws.ec2.Ami("example", {
    ebsBlockDevices: [{
        deviceName: "/dev/xvda",
        snapshotId: "snap-xxxxxxxx",
        volumeSize: 8,
    }],
    rootDeviceName: "/dev/xvda",
    virtualizationType: "hvm",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ami.html.markdown.

constructor 

new Ami(name: string, args?: AmiArgs, opts?: pulumi.CustomResourceOptions)

Create a Ami resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AmiState, opts?: pulumi.CustomResourceOptions): Ami

Get an existing Ami resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Ami. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property architecture 

public architecture: pulumi.Output<string | undefined>;

Machine architecture for created instances. Defaults to “x8664”.

property description 

public description: pulumi.Output<string | undefined>;

A longer, human-readable description for the AMI.

property ebsBlockDevices 

public ebsBlockDevices: pulumi.Output<outputs.ec2.AmiEbsBlockDevice[]>;

Nested block describing an EBS block device that should be attached to created instances. The structure of this block is described below.

property enaSupport 

public enaSupport: pulumi.Output<boolean | undefined>;

Specifies whether enhanced networking with ENA is enabled. Defaults to false.

property ephemeralBlockDevices 

public ephemeralBlockDevices: pulumi.Output<outputs.ec2.AmiEphemeralBlockDevice[]>;

Nested block describing an ephemeral block device that should be attached to created instances. The structure of this block is described below.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property imageLocation 

public imageLocation: pulumi.Output<string>;

Path to an S3 object containing an image manifest, e.g. created by the ec2-upload-bundle command in the EC2 command line tools.

property kernelId 

public kernelId: pulumi.Output<string | undefined>;

The id of the kernel image (AKI) that will be used as the paravirtual kernel in created instances.

property manageEbsSnapshots 

public manageEbsSnapshots: pulumi.Output<boolean>;

property name 

public name: pulumi.Output<string>;

A region-unique name for the AMI.

property ramdiskId 

public ramdiskId: pulumi.Output<string | undefined>;

The id of an initrd image (ARI) that will be used when booting the created instances.

property rootDeviceName 

public rootDeviceName: pulumi.Output<string | undefined>;

The name of the root device (for example, /dev/sda1, or /dev/xvda).

property rootSnapshotId 

public rootSnapshotId: pulumi.Output<string>;

The Snapshot ID for the root volume (for EBS-backed AMIs)

property sriovNetSupport 

public sriovNetSupport: pulumi.Output<string | undefined>;

When set to “simple” (the default), enables enhanced networking for created instances. No other value is supported at this time.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property virtualizationType 

public virtualizationType: pulumi.Output<string | undefined>;

Keyword to choose what virtualization mode created instances will use. Can be either “paravirtual” (the default) or “hvm”. The choice of virtualization type changes the set of further arguments that are required, as described below.

Resource AmiCopy 

class AmiCopy extends CustomResource

The “AMI copy” resource allows duplication of an Amazon Machine Image (AMI), including cross-region copies.

If the source AMI has associated EBS snapshots, those will also be duplicated along with the AMI.

This is useful for taking a single AMI provisioned in one region and making it available in another for a multi-region deployment.

Copying an AMI can take several minutes. The creation of this resource will block until the new AMI is available for use on new instances.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.AmiCopy("example", {
    description: "A copy of ami-xxxxxxxx",
    sourceAmiId: "ami-xxxxxxxx",
    sourceAmiRegion: "us-west-1",
    tags: {
        Name: "HelloWorld",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ami_copy.html.markdown.

constructor 

new AmiCopy(name: string, args: AmiCopyArgs, opts?: pulumi.CustomResourceOptions)

Create a AmiCopy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AmiCopyState, opts?: pulumi.CustomResourceOptions): AmiCopy

Get an existing AmiCopy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of AmiCopy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property architecture 

public architecture: pulumi.Output<string>;

Machine architecture for created instances. Defaults to “x8664”.

property description 

public description: pulumi.Output<string | undefined>;

A longer, human-readable description for the AMI.

property ebsBlockDevices 

public ebsBlockDevices: pulumi.Output<outputs.ec2.AmiCopyEbsBlockDevice[]>;

Nested block describing an EBS block device that should be attached to created instances. The structure of this block is described below.

property enaSupport 

public enaSupport: pulumi.Output<boolean>;

Specifies whether enhanced networking with ENA is enabled. Defaults to false.

property encrypted 

public encrypted: pulumi.Output<boolean | undefined>;

Specifies whether the destination snapshots of the copied image should be encrypted. Defaults to false

property ephemeralBlockDevices 

public ephemeralBlockDevices: pulumi.Output<outputs.ec2.AmiCopyEphemeralBlockDevice[]>;

Nested block describing an ephemeral block device that should be attached to created instances. The structure of this block is described below.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property imageLocation 

public imageLocation: pulumi.Output<string>;

Path to an S3 object containing an image manifest, e.g. created by the ec2-upload-bundle command in the EC2 command line tools.

property kernelId 

public kernelId: pulumi.Output<string>;

The id of the kernel image (AKI) that will be used as the paravirtual kernel in created instances.

property kmsKeyId 

public kmsKeyId: pulumi.Output<string>;

The full ARN of the KMS Key to use when encrypting the snapshots of an image during a copy operation. If not specified, then the default AWS KMS Key will be used

property manageEbsSnapshots 

public manageEbsSnapshots: pulumi.Output<boolean>;

property name 

public name: pulumi.Output<string>;

A region-unique name for the AMI.

property ramdiskId 

public ramdiskId: pulumi.Output<string>;

The id of an initrd image (ARI) that will be used when booting the created instances.

property rootDeviceName 

public rootDeviceName: pulumi.Output<string>;

The name of the root device (for example, /dev/sda1, or /dev/xvda).

property rootSnapshotId 

public rootSnapshotId: pulumi.Output<string>;

property sourceAmiId 

public sourceAmiId: pulumi.Output<string>;

The id of the AMI to copy. This id must be valid in the region given by sourceAmiRegion.

property sourceAmiRegion 

public sourceAmiRegion: pulumi.Output<string>;

The region from which the AMI will be copied. This may be the same as the AWS provider region in order to create a copy within the same region.

property sriovNetSupport 

public sriovNetSupport: pulumi.Output<string>;

When set to “simple” (the default), enables enhanced networking for created instances. No other value is supported at this time.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property virtualizationType 

public virtualizationType: pulumi.Output<string>;

Keyword to choose what virtualization mode created instances will use. Can be either “paravirtual” (the default) or “hvm”. The choice of virtualization type changes the set of further arguments that are required, as described below.

Resource AmiFromInstance 

class AmiFromInstance extends CustomResource

The “AMI from instance” resource allows the creation of an Amazon Machine Image (AMI) modelled after an existing EBS-backed EC2 instance.

The created AMI will refer to implicitly-created snapshots of the instance’s EBS volumes and mimick its assigned block device configuration at the time the resource is created.

This resource is best applied to an instance that is stopped when this instance is created, so that the contents of the created image are predictable. When applied to an instance that is running, the instance will be stopped before taking the snapshots and then started back up again, resulting in a period of downtime.

Note that the source instance is inspected only at the initial creation of this resource. Ongoing updates to the referenced instance will not be propagated into the generated AMI. Users may taint or otherwise recreate the resource in order to produce a fresh snapshot.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.AmiFromInstance("example", {
    sourceInstanceId: "i-xxxxxxxx",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ami_from_instance.html.markdown.

constructor 

new AmiFromInstance(name: string, args: AmiFromInstanceArgs, opts?: pulumi.CustomResourceOptions)

Create a AmiFromInstance resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AmiFromInstanceState, opts?: pulumi.CustomResourceOptions): AmiFromInstance

Get an existing AmiFromInstance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of AmiFromInstance. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property architecture 

public architecture: pulumi.Output<string>;

Machine architecture for created instances. Defaults to “x8664”.

property description 

public description: pulumi.Output<string | undefined>;

A longer, human-readable description for the AMI.

property ebsBlockDevices 

public ebsBlockDevices: pulumi.Output<outputs.ec2.AmiFromInstanceEbsBlockDevice[]>;

Nested block describing an EBS block device that should be attached to created instances. The structure of this block is described below.

property enaSupport 

public enaSupport: pulumi.Output<boolean>;

Specifies whether enhanced networking with ENA is enabled. Defaults to false.

property ephemeralBlockDevices 

public ephemeralBlockDevices: pulumi.Output<outputs.ec2.AmiFromInstanceEphemeralBlockDevice[]>;

Nested block describing an ephemeral block device that should be attached to created instances. The structure of this block is described below.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property imageLocation 

public imageLocation: pulumi.Output<string>;

Path to an S3 object containing an image manifest, e.g. created by the ec2-upload-bundle command in the EC2 command line tools.

property kernelId 

public kernelId: pulumi.Output<string>;

The id of the kernel image (AKI) that will be used as the paravirtual kernel in created instances.

property manageEbsSnapshots 

public manageEbsSnapshots: pulumi.Output<boolean>;

property name 

public name: pulumi.Output<string>;

A region-unique name for the AMI.

property ramdiskId 

public ramdiskId: pulumi.Output<string>;

The id of an initrd image (ARI) that will be used when booting the created instances.

property rootDeviceName 

public rootDeviceName: pulumi.Output<string>;

The name of the root device (for example, /dev/sda1, or /dev/xvda).

property rootSnapshotId 

public rootSnapshotId: pulumi.Output<string>;

property snapshotWithoutReboot 

public snapshotWithoutReboot: pulumi.Output<boolean | undefined>;

Boolean that overrides the behavior of stopping the instance before snapshotting. This is risky since it may cause a snapshot of an inconsistent filesystem state, but can be used to avoid downtime if the user otherwise guarantees that no filesystem writes will be underway at the time of snapshot.

property sourceInstanceId 

public sourceInstanceId: pulumi.Output<string>;

The id of the instance to use as the basis of the AMI.

property sriovNetSupport 

public sriovNetSupport: pulumi.Output<string>;

When set to “simple” (the default), enables enhanced networking for created instances. No other value is supported at this time.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property virtualizationType 

public virtualizationType: pulumi.Output<string>;

Keyword to choose what virtualization mode created instances will use. Can be either “paravirtual” (the default) or “hvm”. The choice of virtualization type changes the set of further arguments that are required, as described below.

Resource AmiLaunchPermission 

class AmiLaunchPermission extends CustomResource

Adds launch permission to Amazon Machine Image (AMI) from another AWS account.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.AmiLaunchPermission("example", {
    accountId: "123456789012",
    imageId: "ami-12345678",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ami_launch_permission.html.markdown.

constructor 

new AmiLaunchPermission(name: string, args: AmiLaunchPermissionArgs, opts?: pulumi.CustomResourceOptions)

Create a AmiLaunchPermission resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: AmiLaunchPermissionState, opts?: pulumi.CustomResourceOptions): AmiLaunchPermission

Get an existing AmiLaunchPermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of AmiLaunchPermission. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accountId 

public accountId: pulumi.Output<string>;

An AWS Account ID to add launch permissions.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property imageId 

public imageId: pulumi.Output<string>;

A region-unique name for the AMI.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource CapacityReservation 

class CapacityReservation extends CustomResource

Provides an EC2 Capacity Reservation. This allows you to reserve capacity for your Amazon EC2 instances in a specific Availability Zone for any duration.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const defaultCapacityReservation = new aws.ec2.CapacityReservation("default", {
    availabilityZone: "eu-west-1a",
    instanceCount: 1,
    instancePlatform: "Linux/UNIX",
    instanceType: "t2.micro",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ec2_capacity_reservation.html.markdown.

constructor 

new CapacityReservation(name: string, args: CapacityReservationArgs, opts?: pulumi.CustomResourceOptions)

Create a CapacityReservation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CapacityReservationState, opts?: pulumi.CustomResourceOptions): CapacityReservation

Get an existing CapacityReservation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of CapacityReservation. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property availabilityZone 

public availabilityZone: pulumi.Output<string>;

The Availability Zone in which to create the Capacity Reservation.

property ebsOptimized 

public ebsOptimized: pulumi.Output<boolean | undefined>;

Indicates whether the Capacity Reservation supports EBS-optimized instances.

property endDate 

public endDate: pulumi.Output<string | undefined>;

The date and time at which the Capacity Reservation expires. When a Capacity Reservation expires, the reserved capacity is released and you can no longer launch instances into it. Valid values: RFC3339 time string (YYYY-MM-DDTHH:MM:SSZ)

property endDateType 

public endDateType: pulumi.Output<string | undefined>;

Indicates the way in which the Capacity Reservation ends. Specify either unlimited or limited.

property ephemeralStorage 

public ephemeralStorage: pulumi.Output<boolean | undefined>;

Indicates whether the Capacity Reservation supports instances with temporary, block-level storage.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceCount 

public instanceCount: pulumi.Output<number>;

The number of instances for which to reserve capacity.

property instanceMatchCriteria 

public instanceMatchCriteria: pulumi.Output<string | undefined>;

Indicates the type of instance launches that the Capacity Reservation accepts. Specify either open or targeted.

property instancePlatform 

public instancePlatform: pulumi.Output<InstancePlatform>;

The type of operating system for which to reserve capacity. Valid options are Linux/UNIX, Red Hat Enterprise Linux, SUSE Linux, Windows, Windows with SQL Server, Windows with SQL Server Enterprise, Windows with SQL Server Standard or Windows with SQL Server Web.

property instanceType 

public instanceType: pulumi.Output<InstanceType>;

The instance type for which to reserve capacity.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property tenancy 

public tenancy: pulumi.Output<Tenancy | undefined>;

Indicates the tenancy of the Capacity Reservation. Specify either default or dedicated.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource CustomerGateway 

class CustomerGateway extends CustomResource

Provides a customer gateway inside a VPC. These objects can be connected to VPN gateways via VPN connections, and allow you to establish tunnels between your network and the VPC.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = new aws.ec2.CustomerGateway("main", {
    bgpAsn: 65000,
    ipAddress: "172.83.124.10",
    tags: {
        Name: "main-customer-gateway",
    },
    type: "ipsec.1",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/customer_gateway.html.markdown.

constructor 

new CustomerGateway(name: string, args: CustomerGatewayArgs, opts?: pulumi.CustomResourceOptions)

Create a CustomerGateway resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: CustomerGatewayState, opts?: pulumi.CustomResourceOptions): CustomerGateway

Get an existing CustomerGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomerGateway. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bgpAsn 

public bgpAsn: pulumi.Output<number>;

The gateway’s Border Gateway Protocol (BGP) Autonomous System Number (ASN).

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipAddress 

public ipAddress: pulumi.Output<string>;

The IP address of the gateway’s Internet-routable external interface.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

Tags to apply to the gateway.

property type 

public type: pulumi.Output<string>;

The type of customer gateway. The only type AWS supports at this time is “ipsec.1”.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource DefaultNetworkAcl 

class DefaultNetworkAcl extends CustomResource

Provides a resource to manage the default AWS Network ACL. VPC Only.

Each VPC created in AWS comes with a Default Network ACL that can be managed, but not destroyed. This is an advanced resource, and has special caveats to be aware of when using it. Please read this document in its entirety before using this resource.

The aws.ec2.DefaultNetworkAcl behaves differently from normal resources, in that this provider does not create this resource, but instead attempts to “adopt” it into management. We can do this because each VPC created has a Default Network ACL that cannot be destroyed, and is created with a known set of default rules.

When this provider first adopts the Default Network ACL, it immediately removes all rules in the ACL. It then proceeds to create any rules specified in the configuration. This step is required so that only the rules specified in the configuration are created.

This resource treats its inline rules as absolute; only the rules defined inline are created, and any additions/removals external to this resource will result in diffs being shown. For these reasons, this resource is incompatible with the aws.ec2.NetworkAclRule resource.

For more information about Network ACLs, see the AWS Documentation on [Network ACLs][aws-network-acls].

Basic Example Usage, with default rules

The following config gives the Default Network ACL the same rules that AWS includes, but pulls the resource under management by this provider. This means that any ACL rules added or changed will be detected as drift.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const mainvpc = new aws.ec2.Vpc("mainvpc", {
    cidrBlock: "10.1.0.0/16",
});
const defaultDefaultNetworkAcl = new aws.ec2.DefaultNetworkAcl("default", {
    defaultNetworkAclId: mainvpc.defaultNetworkAclId,
    egress: [{
        action: "allow",
        cidrBlock: "0.0.0.0/0",
        fromPort: 0,
        protocol: "-1",
        ruleNo: 100,
        toPort: 0,
    }],
    ingress: [{
        action: "allow",
        cidrBlock: "", // set a CIDR block here
        fromPort: 0,
        protocol: "-1",
        ruleNo: 100,
        toPort: 0,
    }],
});

Example config to deny all Egress traffic, allowing Ingress

The following denies all Egress traffic by omitting any egress rules, while including the default ingress rule to allow all traffic.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const mainvpc = new aws.ec2.Vpc("mainvpc", {
    cidrBlock: "10.1.0.0/16",
});
const defaultDefaultNetworkAcl = new aws.ec2.DefaultNetworkAcl("default", {
    defaultNetworkAclId: mainvpc.defaultNetworkAclId,
    ingress: [{
        action: "allow",
        cidrBlock: "", // set a CIDR block here
        fromPort: 0,
        protocol: "-1",
        ruleNo: 100,
        toPort: 0,
    }],
});

Example config to deny all traffic to any Subnet in the Default Network ACL:

This config denies all traffic in the Default ACL. This can be useful if you want a locked down default to force all resources in the VPC to assign a non-default ACL.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const mainvpc = new aws.ec2.Vpc("mainvpc", {
    cidrBlock: "10.1.0.0/16",
});
const defaultDefaultNetworkAcl = new aws.ec2.DefaultNetworkAcl("default", {
    defaultNetworkAclId: mainvpc.defaultNetworkAclId,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/default_network_acl.html.markdown.

constructor 

new DefaultNetworkAcl(name: string, args: DefaultNetworkAclArgs, opts?: pulumi.CustomResourceOptions)

Create a DefaultNetworkAcl resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultNetworkAclState, opts?: pulumi.CustomResourceOptions): DefaultNetworkAcl

Get an existing DefaultNetworkAcl resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of DefaultNetworkAcl. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property defaultNetworkAclId 

public defaultNetworkAclId: pulumi.Output<string>;

The Network ACL ID to manage. This attribute is exported from aws.ec2.Vpc, or manually found via the AWS Console.

property egress 

public egress: pulumi.Output<outputs.ec2.DefaultNetworkAclEgress[] | undefined>;

Specifies an egress rule. Parameters defined below.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ingress 

public ingress: pulumi.Output<outputs.ec2.DefaultNetworkAclIngress[] | undefined>;

Specifies an ingress rule. Parameters defined below.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the Default Network ACL

property subnetIds 

public subnetIds: pulumi.Output<string[] | undefined>;

A list of Subnet IDs to apply the ACL to. See the notes below on managing Subnets in the Default Network ACL

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The ID of the associated VPC

Resource DefaultRouteTable 

class DefaultRouteTable extends CustomResource

Provides a resource to manage a Default VPC Routing Table.

Each VPC created in AWS comes with a Default Route Table that can be managed, but not destroyed. This is an advanced resource, and has special caveats to be aware of when using it. Please read this document in its entirety before using this resource. It is recommended you do not use both aws.ec2.DefaultRouteTable to manage the default route table and use the aws.ec2.MainRouteTableAssociation, due to possible conflict in routes.

The aws.ec2.DefaultRouteTable behaves differently from normal resources, in that this provider does not create this resource, but instead attempts to “adopt” it into management. We can do this because each VPC created has a Default Route Table that cannot be destroyed, and is created with a single route.

When this provider first adopts the Default Route Table, it immediately removes all defined routes. It then proceeds to create any routes specified in the configuration. This step is required so that only the routes specified in the configuration present in the Default Route Table.

For more information about Route Tables, see the AWS Documentation on [Route Tables][aws-route-tables].

For more information about managing normal Route Tables in this provider, see our documentation on [aws.ec2.RouteTable][tf-route-tables].

NOTE on Route Tables and Routes: This provider currently provides both a standalone Route resource and a Route Table resource with routes defined in-line. At this time you cannot use a Route Table with in-line routes in conjunction with any Route resources. Doing so will cause a conflict of rule settings and will overwrite routes.

Example usage with tags:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const defaultRouteTable = new aws.ec2.DefaultRouteTable("r", {
    defaultRouteTableId: aws_vpc_foo.defaultRouteTableId,
    routes: [{}],
    tags: {
        Name: "default table",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/default_route_table.html.markdown.

constructor 

new DefaultRouteTable(name: string, args: DefaultRouteTableArgs, opts?: pulumi.CustomResourceOptions)

Create a DefaultRouteTable resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultRouteTableState, opts?: pulumi.CustomResourceOptions): DefaultRouteTable

Get an existing DefaultRouteTable resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of DefaultRouteTable. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property defaultRouteTableId 

public defaultRouteTableId: pulumi.Output<string>;

The ID of the Default Routing Table.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the route table

property propagatingVgws 

public propagatingVgws: pulumi.Output<string[] | undefined>;

A list of virtual gateways for propagation.

property routes 

public routes: pulumi.Output<outputs.ec2.DefaultRouteTableRoute[]>;

A list of route objects. Their keys are documented below. This argument is processed in attribute-as-blocks mode.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

Resource DefaultSecurityGroup 

class DefaultSecurityGroup extends CustomResource

Provides a resource to manage the default AWS Security Group.

For EC2 Classic accounts, each region comes with a Default Security Group. Additionally, each VPC created in AWS comes with a Default Security Group that can be managed, but not destroyed. This is an advanced resource, and has special caveats to be aware of when using it. Please read this document in its entirety before using this resource.

The aws.ec2.DefaultSecurityGroup behaves differently from normal resources, in that this provider does not create this resource, but instead “adopts” it into management. We can do this because these default security groups cannot be destroyed, and are created with a known set of default ingress/egress rules.

When this provider first adopts the Default Security Group, it immediately removes all ingress and egress rules in the Security Group. It then proceeds to create any rules specified in the configuration. This step is required so that only the rules specified in the configuration are created.

This resource treats its inline rules as absolute; only the rules defined inline are created, and any additions/removals external to this resource will result in diff shown. For these reasons, this resource is incompatible with the aws.ec2.SecurityGroupRule resource.

For more information about Default Security Groups, see the AWS Documentation on [Default Security Groups][aws-default-security-groups].

Basic Example Usage, with default rules

The following config gives the Default Security Group the same rules that AWS provides by default, but pulls the resource under management by this provider. This means that any ingress or egress rules added or changed will be detected as drift.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const mainvpc = new aws.ec2.Vpc("mainvpc", {
    cidrBlock: "10.1.0.0/16",
});
const defaultDefaultSecurityGroup = new aws.ec2.DefaultSecurityGroup("default", {
    egress: [{
        cidrBlocks: ["0.0.0.0/0"],
        fromPort: 0,
        protocol: "-1",
        toPort: 0,
    }],
    ingress: [{
        fromPort: 0,
        protocol: "-1",
        self: true,
        toPort: 0,
    }],
    vpcId: mainvpc.id,
});

Example config to deny all Egress traffic, allowing Ingress

The following denies all Egress traffic by omitting any egress rules, while including the default ingress rule to allow all traffic.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const mainvpc = new aws.ec2.Vpc("mainvpc", {
    cidrBlock: "10.1.0.0/16",
});
const defaultDefaultSecurityGroup = new aws.ec2.DefaultSecurityGroup("default", {
    ingress: [{
        fromPort: 0,
        protocol: "-1",
        self: true,
        toPort: 0,
    }],
    vpcId: mainvpc.id,
});

Usage

With the exceptions mentioned above, aws.ec2.DefaultSecurityGroup should identical behavior to aws.ec2.SecurityGroup. Please consult AWS_SECURITY_GROUP for further usage documentation.

Removing aws.ec2.DefaultSecurityGroup from your configuration

Each AWS VPC (or region, if using EC2 Classic) comes with a Default Security Group that cannot be deleted. The aws.ec2.DefaultSecurityGroup allows you to manage this Security Group, but this provider cannot destroy it. Removing this resource from your configuration will remove it from your statefile and management, but will not destroy the Security Group. All ingress or egress rules will be left as they are at the time of removal. You can resume managing them via the AWS Console.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/default_security_group.html.markdown.

constructor 

new DefaultSecurityGroup(name: string, args?: DefaultSecurityGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a DefaultSecurityGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultSecurityGroupState, opts?: pulumi.CustomResourceOptions): DefaultSecurityGroup

Get an existing DefaultSecurityGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of DefaultSecurityGroup. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn 

public arn: pulumi.Output<string>;

property egress 

public egress: pulumi.Output<outputs.ec2.DefaultSecurityGroupEgress[] | undefined>;

Can be specified multiple times for each egress rule. Each egress block supports fields documented below.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ingress 

public ingress: pulumi.Output<outputs.ec2.DefaultSecurityGroupIngress[] | undefined>;

Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below.

property name 

public name: pulumi.Output<string>;

The name of the security group

property ownerId 

public ownerId: pulumi.Output<string>;

The owner ID.

property revokeRulesOnDelete 

public revokeRulesOnDelete: pulumi.Output<boolean | undefined>;

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The VPC ID. Note that changing the vpcId will not restore any default security group rules that were modified, added, or removed. It will be left in its current state

Resource DefaultSubnet 

class DefaultSubnet extends CustomResource

Provides a resource to manage a default AWS VPC subnet in the current region.

The aws.ec2.DefaultSubnet behaves differently from normal resources, in that this provider does not create this resource, but instead “adopts” it into management.

Example Usage

Basic usage with tags:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const defaultAz1 = new aws.ec2.DefaultSubnet("defaultAz1", {
    availabilityZone: "us-west-2a",
    tags: {
        Name: "Default subnet for us-west-2a",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/default_subnet.html.markdown.

constructor 

new DefaultSubnet(name: string, args: DefaultSubnetArgs, opts?: pulumi.CustomResourceOptions)

Create a DefaultSubnet resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultSubnetState, opts?: pulumi.CustomResourceOptions): DefaultSubnet

Get an existing DefaultSubnet resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of DefaultSubnet. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn 

public arn: pulumi.Output<string>;

property assignIpv6AddressOnCreation 

public assignIpv6AddressOnCreation: pulumi.Output<boolean>;

property availabilityZone 

public availabilityZone: pulumi.Output<string>;

property availabilityZoneId 

public availabilityZoneId: pulumi.Output<string>;

property cidrBlock 

public cidrBlock: pulumi.Output<string>;

The CIDR block for the subnet.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipv6CidrBlock 

public ipv6CidrBlock: pulumi.Output<string>;

The IPv6 CIDR block.

property ipv6CidrBlockAssociationId 

public ipv6CidrBlockAssociationId: pulumi.Output<string>;

property mapPublicIpOnLaunch 

public mapPublicIpOnLaunch: pulumi.Output<boolean>;

Specify true to indicate that instances launched into the subnet should be assigned a public IP address.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the subnet.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The VPC ID.

Resource DefaultVpc 

class DefaultVpc extends CustomResource

Provides a resource to manage the default AWS VPC in the current region.

For AWS accounts created after 2013-12-04, each region comes with a Default VPC. This is an advanced resource, and has special caveats to be aware of when using it. Please read this document in its entirety before using this resource.

The aws.ec2.DefaultVpc behaves differently from normal resources, in that this provider does not create this resource, but instead “adopts” it into management.

Example Usage

Basic usage with tags:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const defaultDefaultVpc = new aws.ec2.DefaultVpc("default", {
    tags: {
        Name: "Default VPC",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/default_vpc.html.markdown.

constructor 

new DefaultVpc(name: string, args?: DefaultVpcArgs, opts?: pulumi.CustomResourceOptions)

Create a DefaultVpc resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultVpcState, opts?: pulumi.CustomResourceOptions): DefaultVpc

Get an existing DefaultVpc resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of DefaultVpc. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn 

public arn: pulumi.Output<string>;

Amazon Resource Name (ARN) of VPC

property assignGeneratedIpv6CidrBlock 

public assignGeneratedIpv6CidrBlock: pulumi.Output<boolean>;

Whether or not an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC was assigned

property cidrBlock 

public cidrBlock: pulumi.Output<string>;

The CIDR block of the VPC

property defaultNetworkAclId 

public defaultNetworkAclId: pulumi.Output<string>;

The ID of the network ACL created by default on VPC creation

property defaultRouteTableId 

public defaultRouteTableId: pulumi.Output<string>;

The ID of the route table created by default on VPC creation

property defaultSecurityGroupId 

public defaultSecurityGroupId: pulumi.Output<string>;

The ID of the security group created by default on VPC creation

property dhcpOptionsId 

public dhcpOptionsId: pulumi.Output<string>;
public enableClassiclink: pulumi.Output<boolean>;

A boolean flag to enable/disable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic. See the ClassicLink documentation for more information. Defaults false.

property enableClassiclinkDnsSupport 

public enableClassiclinkDnsSupport: pulumi.Output<boolean>;

property enableDnsHostnames 

public enableDnsHostnames: pulumi.Output<boolean>;

A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.

property enableDnsSupport 

public enableDnsSupport: pulumi.Output<boolean | undefined>;

A boolean flag to enable/disable DNS support in the VPC. Defaults true.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceTenancy 

public instanceTenancy: pulumi.Output<string>;

Tenancy of instances spin up within VPC.

property ipv6AssociationId 

public ipv6AssociationId: pulumi.Output<string>;

The association ID for the IPv6 CIDR block of the VPC

property ipv6CidrBlock 

public ipv6CidrBlock: pulumi.Output<string>;

The IPv6 CIDR block of the VPC

property mainRouteTableId 

public mainRouteTableId: pulumi.Output<string>;

The ID of the main route table associated with this VPC. Note that you can change a VPC’s main route table by using an aws.ec2.MainRouteTableAssociation

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the VPC.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource DefaultVpcDhcpOptions 

class DefaultVpcDhcpOptions extends CustomResource

Provides a resource to manage the default AWS DHCP Options Set in the current region.

Each AWS region comes with a default set of DHCP options. This is an advanced resource, and has special caveats to be aware of when using it. Please read this document in its entirety before using this resource.

The aws.ec2.DefaultVpcDhcpOptions behaves differently from normal resources, in that this provider does not create this resource, but instead “adopts” it into management.

Example Usage

Basic usage with tags:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const defaultDefaultVpcDhcpOptions = new aws.ec2.DefaultVpcDhcpOptions("default", {
    tags: {
        Name: "Default DHCP Option Set",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/default_vpc_dhcp_options.html.markdown.

constructor 

new DefaultVpcDhcpOptions(name: string, args?: DefaultVpcDhcpOptionsArgs, opts?: pulumi.CustomResourceOptions)

Create a DefaultVpcDhcpOptions resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DefaultVpcDhcpOptionsState, opts?: pulumi.CustomResourceOptions): DefaultVpcDhcpOptions

Get an existing DefaultVpcDhcpOptions resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of DefaultVpcDhcpOptions. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property domainName 

public domainName: pulumi.Output<string>;

property domainNameServers 

public domainNameServers: pulumi.Output<string>;

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property netbiosNameServers 

public netbiosNameServers: pulumi.Output<string[] | undefined>;

List of NETBIOS name servers.

property netbiosNodeType 

public netbiosNodeType: pulumi.Output<string | undefined>;

The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see RFC 2132.

property ntpServers 

public ntpServers: pulumi.Output<string>;

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the DHCP options set.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource EgressOnlyInternetGateway 

class EgressOnlyInternetGateway extends CustomResource

[IPv6 only] Creates an egress-only Internet gateway for your VPC. An egress-only Internet gateway is used to enable outbound communication over IPv6 from instances in your VPC to the Internet, and prevents hosts outside of your VPC from initiating an IPv6 connection with your instance.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const fooVpc = new aws.ec2.Vpc("foo", {
    assignGeneratedIpv6CidrBlock: true,
    cidrBlock: "10.1.0.0/16",
});
const fooEgressOnlyInternetGateway = new aws.ec2.EgressOnlyInternetGateway("foo", {
    vpcId: fooVpc.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/egress_only_internet_gateway.html.markdown.

constructor 

new EgressOnlyInternetGateway(name: string, args: EgressOnlyInternetGatewayArgs, opts?: pulumi.CustomResourceOptions)

Create a EgressOnlyInternetGateway resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: EgressOnlyInternetGatewayState, opts?: pulumi.CustomResourceOptions): EgressOnlyInternetGateway

Get an existing EgressOnlyInternetGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of EgressOnlyInternetGateway. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The VPC ID to create in.

Resource Eip 

class Eip extends CustomResource

Provides an Elastic IP resource.

Note: EIP may require IGW to exist prior to association. Use dependsOn to set an explicit dependency on the IGW.

Note: Do not use networkInterface to associate the EIP to aws.lb.LoadBalancer or aws.ec2.NatGateway resources. Instead use the allocationId available in those resources to allow AWS to manage the association, otherwise you will see AuthFailure errors.

Example Usage

Single EIP associated with an instance:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const lb = new aws.ec2.Eip("lb", {
    instance: aws_instance_web.id,
    vpc: true,
});

Multiple EIPs associated with a single network interface:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const multiIp = new aws.ec2.NetworkInterface("multi-ip", {
    privateIps: [
        "10.0.0.10",
        "10.0.0.11",
    ],
    subnetId: aws_subnet_main.id,
});
const one = new aws.ec2.Eip("one", {
    associateWithPrivateIp: "10.0.0.10",
    networkInterface: multi_ip.id,
    vpc: true,
});
const two = new aws.ec2.Eip("two", {
    associateWithPrivateIp: "10.0.0.11",
    networkInterface: multi_ip.id,
    vpc: true,
});

Attaching an EIP to an Instance with a pre-assigned private ip (VPC Only):

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const defaultVpc = new aws.ec2.Vpc("default", {
    cidrBlock: "10.0.0.0/16",
    enableDnsHostnames: true,
});
const gw = new aws.ec2.InternetGateway("gw", {
    vpcId: defaultVpc.id,
});
const tfTestSubnet = new aws.ec2.Subnet("tfTestSubnet", {
    cidrBlock: "10.0.0.0/24",
    mapPublicIpOnLaunch: true,
    vpcId: defaultVpc.id,
}, {dependsOn: [gw]});
const foo = new aws.ec2.Instance("foo", {
    // us-west-2
    ami: "ami-5189a661",
    instanceType: "t2.micro",
    privateIp: "10.0.0.12",
    subnetId: tfTestSubnet.id,
});
const bar = new aws.ec2.Eip("bar", {
    associateWithPrivateIp: "10.0.0.12",
    instance: foo.id,
    vpc: true,
}, {dependsOn: [gw]});

Allocating EIP from the BYOIP pool:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const byoipIp = new aws.ec2.Eip("byoip-ip", {
    publicIpv4Pool: "ipv4pool-ec2-012345",
    vpc: true,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/eip.html.markdown.

constructor 

new Eip(name: string, args?: EipArgs, opts?: pulumi.CustomResourceOptions)

Create a Eip resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: EipState, opts?: pulumi.CustomResourceOptions): Eip

Get an existing Eip resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Eip. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allocationId 

public allocationId: pulumi.Output<string>;

property associateWithPrivateIp 

public associateWithPrivateIp: pulumi.Output<string | undefined>;

A user specified primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.

property associationId 

public associationId: pulumi.Output<string>;

property domain 

public domain: pulumi.Output<string>;

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instance 

public instance: pulumi.Output<string>;

EC2 instance ID.

property networkInterface 

public networkInterface: pulumi.Output<string>;

Network interface ID to associate with.

property privateDns 

public privateDns: pulumi.Output<string>;

The Private DNS associated with the Elastic IP address (if in VPC).

property privateIp 

public privateIp: pulumi.Output<string>;

Contains the private IP address (if in VPC).

property publicDns 

public publicDns: pulumi.Output<string>;

Public DNS associated with the Elastic IP address.

property publicIp 

public publicIp: pulumi.Output<string>;

Contains the public IP address.

property publicIpv4Pool 

public publicIpv4Pool: pulumi.Output<string>;

EC2 IPv4 address pool identifier or amazon. This option is only available for VPC EIPs.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpc 

public vpc: pulumi.Output<boolean>;

Boolean if the EIP is in a VPC or not.

Resource EipAssociation 

class EipAssociation extends CustomResource

Provides an AWS EIP Association as a top level resource, to associate and disassociate Elastic IPs from AWS Instances and Network Interfaces.

NOTE: Do not use this resource to associate an EIP to aws.lb.LoadBalancer or aws.ec2.NatGateway resources. Instead use the allocationId available in those resources to allow AWS to manage the association, otherwise you will see AuthFailure errors.

NOTE: aws.ec2.EipAssociation is useful in scenarios where EIPs are either pre-existing or distributed to customers or users and therefore cannot be changed.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const web = new aws.ec2.Instance("web", {
    ami: "ami-21f78e11",
    availabilityZone: "us-west-2a",
    instanceType: "t1.micro",
    tags: {
        Name: "HelloWorld",
    },
});
const example = new aws.ec2.Eip("example", {
    vpc: true,
});
const eipAssoc = new aws.ec2.EipAssociation("eipAssoc", {
    allocationId: example.id,
    instanceId: web.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/eip_association.html.markdown.

constructor 

new EipAssociation(name: string, args?: EipAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a EipAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: EipAssociationState, opts?: pulumi.CustomResourceOptions): EipAssociation

Get an existing EipAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of EipAssociation. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allocationId 

public allocationId: pulumi.Output<string>;

The allocation ID. This is required for EC2-VPC.

property allowReassociation 

public allowReassociation: pulumi.Output<boolean | undefined>;

Whether to allow an Elastic IP to be re-associated. Defaults to true in VPC.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceId 

public instanceId: pulumi.Output<string>;

The ID of the instance. This is required for EC2-Classic. For EC2-VPC, you can specify either the instance ID or the network interface ID, but not both. The operation fails if you specify an instance ID unless exactly one network interface is attached.

property networkInterfaceId 

public networkInterfaceId: pulumi.Output<string>;

The ID of the network interface. If the instance has more than one network interface, you must specify a network interface ID.

property privateIpAddress 

public privateIpAddress: pulumi.Output<string>;

The primary or secondary private IP address to associate with the Elastic IP address. If no private IP address is specified, the Elastic IP address is associated with the primary private IP address.

property publicIp 

public publicIp: pulumi.Output<string>;

The Elastic IP address. This is required for EC2-Classic.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Fleet 

class Fleet extends CustomResource

Provides a resource to manage EC2 Fleets.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.Fleet("example", {
    launchTemplateConfig: {
        launchTemplateSpecification: {
            launchTemplateId: aws_launch_template_example.id,
            version: aws_launch_template_example.latestVersion,
        },
    },
    targetCapacitySpecification: {
        defaultTargetCapacityType: "spot",
        totalTargetCapacity: 5,
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/ec2_fleet.html.markdown.

constructor 

new Fleet(name: string, args: FleetArgs, opts?: pulumi.CustomResourceOptions)

Create a Fleet resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FleetState, opts?: pulumi.CustomResourceOptions): Fleet

Get an existing Fleet resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Fleet. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property excessCapacityTerminationPolicy 

public excessCapacityTerminationPolicy: pulumi.Output<string | undefined>;

Whether running instances should be terminated if the total target capacity of the EC2 Fleet is decreased below the current size of the EC2. Valid values: no-termination, termination. Defaults to termination.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property launchTemplateConfig 

public launchTemplateConfig: pulumi.Output<outputs.ec2.FleetLaunchTemplateConfig>;

Nested argument containing EC2 Launch Template configurations. Defined below.

property onDemandOptions 

public onDemandOptions: pulumi.Output<outputs.ec2.FleetOnDemandOptions | undefined>;

Nested argument containing On-Demand configurations. Defined below.

property replaceUnhealthyInstances 

public replaceUnhealthyInstances: pulumi.Output<boolean | undefined>;

Whether EC2 Fleet should replace unhealthy instances. Defaults to false.

property spotOptions 

public spotOptions: pulumi.Output<outputs.ec2.FleetSpotOptions | undefined>;

Nested argument containing Spot configurations. Defined below.

property tags 

public tags: pulumi.Output<{[key: string]: string} | undefined>;

Map of Fleet tags. To tag instances at launch, specify the tags in the Launch Template.

property targetCapacitySpecification 

public targetCapacitySpecification: pulumi.Output<outputs.ec2.FleetTargetCapacitySpecification>;

Nested argument containing target capacity configurations. Defined below.

property terminateInstances 

public terminateInstances: pulumi.Output<boolean | undefined>;

Whether to terminate instances for an EC2 Fleet if it is deleted successfully. Defaults to false.

property terminateInstancesWithExpiration 

public terminateInstancesWithExpiration: pulumi.Output<boolean | undefined>;

Whether running instances should be terminated when the EC2 Fleet expires. Defaults to false.

property type 

public type: pulumi.Output<string | undefined>;

The type of request. Indicates whether the EC2 Fleet only requests the target capacity, or also attempts to maintain it. Valid values: maintain, request. Defaults to maintain.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource FlowLog 

class FlowLog extends CustomResource

Provides a VPC/Subnet/ENI Flow Log to capture IP traffic for a specific network interface, subnet, or VPC. Logs are sent to a CloudWatch Log Group or a S3 Bucket.

Example Usage

CloudWatch Logging
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleLogGroup = new aws.cloudwatch.LogGroup("example", {});
const exampleRole = new aws.iam.Role("example", {
    assumeRolePolicy: `{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "",
      "Effect": "Allow",
      "Principal": {
        "Service": "vpc-flow-logs.amazonaws.com"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}
`,
});
const exampleFlowLog = new aws.ec2.FlowLog("example", {
    iamRoleArn: exampleRole.arn,
    logDestination: exampleLogGroup.arn,
    trafficType: "ALL",
    vpcId: aws_vpc_example.id,
});
const exampleRolePolicy = new aws.iam.RolePolicy("example", {
    policy: `{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "logs:CreateLogGroup",
        "logs:CreateLogStream",
        "logs:PutLogEvents",
        "logs:DescribeLogGroups",
        "logs:DescribeLogStreams"
      ],
      "Effect": "Allow",
      "Resource": "*"
    }
  ]
}
`,
    role: exampleRole.id,
});
S3 Logging
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const exampleBucket = new aws.s3.Bucket("example", {});
const exampleFlowLog = new aws.ec2.FlowLog("example", {
    logDestination: exampleBucket.arn,
    logDestinationType: "s3",
    trafficType: "ALL",
    vpcId: aws_vpc_example.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/flow_log.html.markdown.

constructor 

new FlowLog(name: string, args: FlowLogArgs, opts?: pulumi.CustomResourceOptions)

Create a FlowLog resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FlowLogState, opts?: pulumi.CustomResourceOptions): FlowLog

Get an existing FlowLog resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of FlowLog. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property eniId 

public eniId: pulumi.Output<string | undefined>;

Elastic Network Interface ID to attach to

property iamRoleArn 

public iamRoleArn: pulumi.Output<string | undefined>;

The ARN for the IAM role that’s used to post flow logs to a CloudWatch Logs log group

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property logDestination 

public logDestination: pulumi.Output<string>;

The ARN of the logging destination.

property logDestinationType 

public logDestinationType: pulumi.Output<string | undefined>;

The type of the logging destination. Valid values: cloud-watch-logs, s3. Default: cloud-watch-logs.

property logGroupName 

public logGroupName: pulumi.Output<string>;

Deprecated: Use logDestination instead. The name of the CloudWatch log group.

property subnetId 

public subnetId: pulumi.Output<string | undefined>;

Subnet ID to attach to

property trafficType 

public trafficType: pulumi.Output<string>;

The type of traffic to capture. Valid values: ACCEPT,REJECT, ALL.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string | undefined>;

VPC ID to attach to

Resource Instance 

class Instance extends CustomResource

Provides an EC2 instance resource. This allows instances to be created, updated, and deleted. Instances also support provisioning.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ubuntu = aws.getAmi({
    filters: [
        {
            name: "name",
            values: ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"],
        },
        {
            name: "virtualization-type",
            values: ["hvm"],
        },
    ],
    mostRecent: true,
    owners: ["099720109477"], // Canonical
});
const web = new aws.ec2.Instance("web", {
    ami: ubuntu.id,
    instanceType: "t2.micro",
    tags: {
        Name: "HelloWorld",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/instance.html.markdown.

constructor 

new Instance(name: string, args: InstanceArgs, opts?: pulumi.CustomResourceOptions)

Create a Instance resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InstanceState, opts?: pulumi.CustomResourceOptions): Instance

Get an existing Instance resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Instance. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property ami 

public ami: pulumi.Output<string>;

The AMI to use for the instance.

property arn 

public arn: pulumi.Output<string>;

The ARN of the instance.

property associatePublicIpAddress 

public associatePublicIpAddress: pulumi.Output<boolean>;

Associate a public ip address with an instance in a VPC. Boolean value.

property availabilityZone 

public availabilityZone: pulumi.Output<string>;

The AZ to start the instance in.

property cpuCoreCount 

public cpuCoreCount: pulumi.Output<number>;

Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options CPU Cores and Threads Per CPU Core Per Instance Type - specifying this option for unsupported instance types will return an error from the EC2 API.

property cpuThreadsPerCore 

public cpuThreadsPerCore: pulumi.Output<number>;

If set to to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See Optimizing CPU Options for more information.

property creditSpecification 

public creditSpecification: pulumi.Output<outputs.ec2.InstanceCreditSpecification | undefined>;

Customize the credit specification of the instance. See Credit Specification below for more details.

property disableApiTermination 

public disableApiTermination: pulumi.Output<boolean | undefined>;

If true, enables EC2 Instance Termination Protection

property ebsBlockDevices 

public ebsBlockDevices: pulumi.Output<outputs.ec2.InstanceEbsBlockDevice[]>;

Additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection.

property ebsOptimized 

public ebsOptimized: pulumi.Output<boolean | undefined>;

If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the EBS Optimized section of the AWS User Guide for more information.

property ephemeralBlockDevices 

public ephemeralBlockDevices: pulumi.Output<outputs.ec2.InstanceEphemeralBlockDevice[]>;

Customize Ephemeral (also known as “Instance Store”) volumes on the instance. See Block Devices below for details.

property getPasswordData 

public getPasswordData: pulumi.Output<boolean | undefined>;

If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the passwordData attribute. See GetPasswordData for more information.

property hostId 

public hostId: pulumi.Output<string>;

The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.

property iamInstanceProfile 

public iamInstanceProfile: pulumi.Output<string | undefined>;

The IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the EC2 documentation, notably iam:PassRole. * ipv6AddressCount- (Optional) A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceInitiatedShutdownBehavior 

public instanceInitiatedShutdownBehavior: pulumi.Output<string | undefined>;

Shutdown behavior for the instance. Amazon defaults this to stop for EBS-backed instances and terminate for instance-store instances. Cannot be set on instance-store instances. See Shutdown Behavior for more information.

property instanceState 

public instanceState: pulumi.Output<string>;

The state of the instance. One of: pending, running, shutting-down, terminated, stopping, stopped. See Instance Lifecycle for more information.

property instanceType 

public instanceType: pulumi.Output<InstanceType>;

The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.

property ipv6AddressCount 

public ipv6AddressCount: pulumi.Output<number>;

property ipv6Addresses 

public ipv6Addresses: pulumi.Output<string[]>;

Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface

property keyName 

public keyName: pulumi.Output<string>;

The key name of the Key Pair to use for the instance; which can be managed using the aws.ec2.KeyPair resource.

property monitoring 

public monitoring: pulumi.Output<boolean | undefined>;

If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)

property networkInterfaces 

public networkInterfaces: pulumi.Output<outputs.ec2.InstanceNetworkInterface[]>;

Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.

property passwordData 

public passwordData: pulumi.Output<string>;

Base-64 encoded encrypted password data for the instance. Useful for getting the administrator password for instances running Microsoft Windows. This attribute is only exported if getPasswordData is true. Note that this encrypted value will be stored in the state file, as with all exported attributes. See GetPasswordData for more information.

property placementGroup 

public placementGroup: pulumi.Output<string>;

The Placement Group to start the instance in.

property primaryNetworkInterfaceId 

public primaryNetworkInterfaceId: pulumi.Output<string>;

The ID of the instance’s primary network interface.

property privateDns 

public privateDns: pulumi.Output<string>;

The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you’ve enabled DNS hostnames for your VPC

property privateIp 

public privateIp: pulumi.Output<string>;

Private IP address to associate with the instance in a VPC.

property publicDns 

public publicDns: pulumi.Output<string>;

The public DNS name assigned to the instance. For EC2-VPC, this is only available if you’ve enabled DNS hostnames for your VPC

property publicIp 

public publicIp: pulumi.Output<string>;

The public IP address assigned to the instance, if applicable. NOTE: If you are using an aws.ec2.Eip with your instance, you should refer to the EIP’s address directly and not use publicIp, as this field will change after the EIP is attached.

property rootBlockDevice 

public rootBlockDevice: pulumi.Output<outputs.ec2.InstanceRootBlockDevice>;

Customize details about the root block device of the instance. See Block Devices below for details.

property securityGroups 

public securityGroups: pulumi.Output<string[]>;

A list of security group names (EC2-Classic) or IDs (default VPC) to associate with.

property sourceDestCheck 

public sourceDestCheck: pulumi.Output<boolean | undefined>;

Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.

property subnetId 

public subnetId: pulumi.Output<string>;

The VPC Subnet ID to launch in.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property tenancy 

public tenancy: pulumi.Output<string>;

The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userData 

public userData: pulumi.Output<string | undefined>;

The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see userDataBase64 instead.

property userDataBase64 

public userDataBase64: pulumi.Output<string | undefined>;

Can be used instead of userData to pass base64-encoded binary data directly. Use this instead of userData whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.

property volumeTags 

public volumeTags: pulumi.Output<{[key: string]: any}>;

A mapping of tags to assign to the devices created by the instance at launch time.

property vpcSecurityGroupIds 

public vpcSecurityGroupIds: pulumi.Output<string[]>;

A list of security group IDs to associate with.

Resource InternetGateway 

class InternetGateway extends CustomResource

Provides a resource to create a VPC Internet Gateway.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const gw = new aws.ec2.InternetGateway("gw", {
    tags: {
        Name: "main",
    },
    vpcId: aws_vpc_main.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/internet_gateway.html.markdown.

constructor 

new InternetGateway(name: string, args?: InternetGatewayArgs, opts?: pulumi.CustomResourceOptions)

Create a InternetGateway resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: InternetGatewayState, opts?: pulumi.CustomResourceOptions): InternetGateway

Get an existing InternetGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of InternetGateway. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the internet gateway.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string | undefined>;

The VPC ID to create in.

Resource KeyPair 

class KeyPair extends CustomResource

Provides an EC2 key pair resource. A key pair is used to control login access to EC2 instances.

Currently this resource requires an existing user-supplied key pair. This key pair’s public key will be registered with AWS to allow logging-in to EC2 instances.

When importing an existing key pair the public key material may be in any format supported by AWS. Supported formats (per the AWS documentation) are:

  • OpenSSH public key format (the format in ~/.ssh/authorized_keys)
  • Base64 encoded DER format
  • SSH public key file format as specified in RFC4716

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const deployer = new aws.ec2.KeyPair("deployer", {
    publicKey: "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQD3F6tyPEFEzV0LX3X8BsXdMsQz1x2cEikKDEY0aIj41qgxMCP/iteneqXSIFZBp5vizPvaoIR3Um9xK7PGoW8giupGn+EPuxIA4cDM4vzOqOkiMPhz5XK0whEjkVzTo4+S0puvDZuwIsdiW9mxhJc7tgBNL0cYlWSYVkz4G/fslNfRPW5mYAM49f4fhtxPb5ok4Q2Lg9dPKVHO/Bgeu5woMc7RY0p1ej6D4CKFE6lymSDJpW0YHX/wqE9+cfEauh7xZcG0q9t2ta6F6fmX0agvpFyZo8aFbXeUBr7osSCJNgvavWbM/06niWrOvYX2xwWdhXmXSrbX8ZbabVohBK41 email@example.com",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/key_pair.html.markdown.

constructor 

new KeyPair(name: string, args: KeyPairArgs, opts?: pulumi.CustomResourceOptions)

Create a KeyPair resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: KeyPairState, opts?: pulumi.CustomResourceOptions): KeyPair

Get an existing KeyPair resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of KeyPair. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property fingerprint 

public fingerprint: pulumi.Output<string>;

The MD5 public key fingerprint as specified in section 4 of RFC 4716.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property keyName 

public keyName: pulumi.Output<string>;

The name for the key pair.

property keyNamePrefix 

public keyNamePrefix: pulumi.Output<string | undefined>;

Creates a unique name beginning with the specified prefix. Conflicts with keyName.

property publicKey 

public publicKey: pulumi.Output<string>;

The public key material.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource LaunchConfiguration 

class LaunchConfiguration extends CustomResource

Provides a resource to create a new launch configuration, used for autoscaling groups.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ubuntu = aws.getAmi({
    filters: [
        {
            name: "name",
            values: ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"],
        },
        {
            name: "virtualization-type",
            values: ["hvm"],
        },
    ],
    mostRecent: true,
    owners: ["099720109477"], // Canonical
});
const asConf = new aws.ec2.LaunchConfiguration("asConf", {
    imageId: ubuntu.id,
    instanceType: "t2.micro",
});

Using with AutoScaling Groups

Launch Configurations cannot be updated after creation with the Amazon Web Service API. In order to update a Launch Configuration, this provider will destroy the existing resource and create a replacement. In order to effectively use a Launch Configuration resource with an AutoScaling Group resource, it’s recommended to specify createBeforeDestroy in a lifecycle block. Either omit the Launch Configuration name attribute, or specify a partial name with namePrefix. Example:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ubuntu = aws.getAmi({
    filters: [
        {
            name: "name",
            values: ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"],
        },
        {
            name: "virtualization-type",
            values: ["hvm"],
        },
    ],
    mostRecent: true,
    owners: ["099720109477"], // Canonical
});
const asConf = new aws.ec2.LaunchConfiguration("asConf", {
    imageId: ubuntu.id,
    instanceType: "t2.micro",
    namePrefix: "lc-example-",
});
const bar = new aws.autoscaling.Group("bar", {
    launchConfiguration: asConf.name,
    maxSize: 2,
    minSize: 1,
});

With this setup this provider generates a unique name for your Launch Configuration and can then update the AutoScaling Group without conflict before destroying the previous Launch Configuration.

Using with Spot Instances

Launch configurations can set the spot instance pricing to be used for the Auto Scaling Group to reserve instances. Simply specifying the spotPrice parameter will set the price on the Launch Configuration which will attempt to reserve your instances at this price. See the AWS Spot Instance documentation for more information or how to launch [Spot Instances][3] with this provider.

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ubuntu = aws.getAmi({
    filters: [
        {
            name: "name",
            values: ["ubuntu/images/hvm-ssd/ubuntu-trusty-14.04-amd64-server-*"],
        },
        {
            name: "virtualization-type",
            values: ["hvm"],
        },
    ],
    mostRecent: true,
    owners: ["099720109477"], // Canonical
});
const asConf = new aws.ec2.LaunchConfiguration("asConf", {
    imageId: ubuntu.id,
    instanceType: "m4.large",
    spotPrice: "0.001",
});
const bar = new aws.autoscaling.Group("bar", {
    launchConfiguration: asConf.name,
});

Block devices

Each of the *_block_device attributes controls a portion of the AWS Launch Configuration’s “Block Device Mapping”. It’s a good idea to familiarize yourself with AWS’s Block Device Mapping docs to understand the implications of using these attributes.

The rootBlockDevice mapping supports the following:

  • volumeType - (Optional) The type of volume. Can be "standard", "gp2", or "io1". (Default: "standard").
  • volumeSize - (Optional) The size of the volume in gigabytes.
  • iops - (Optional) The amount of provisioned IOPS. This must be set with a volumeType of "io1".
  • deleteOnTermination - (Optional) Whether the volume should be destroyed on instance termination (Default: true).
  • encrypted - (Optional) Whether the volume should be encrypted or not. (Default: false).

Modifying any of the rootBlockDevice settings requires resource replacement.

Each ebsBlockDevice supports the following:

  • deviceName - (Required) The name of the device to mount.
  • snapshotId - (Optional) The Snapshot ID to mount.
  • volumeType - (Optional) The type of volume. Can be "standard", "gp2", or "io1". (Default: "standard").
  • volumeSize - (Optional) The size of the volume in gigabytes.
  • iops - (Optional) The amount of provisioned IOPS. This must be set with a volumeType of "io1".
  • deleteOnTermination - (Optional) Whether the volume should be destroyed on instance termination (Default: true).
  • encrypted - (Optional) Whether the volume should be encrypted or not. Do not use this option if you are using snapshotId as the encrypted flag will be determined by the snapshot. (Default: false).

Modifying any ebsBlockDevice currently requires resource replacement.

Each ephemeralBlockDevice supports the following:

  • deviceName - The name of the block device to mount on the instance.
  • virtualName - The Instance Store Device Name (e.g. "ephemeral0")

Each AWS Instance type has a different set of Instance Store block devices available for attachment. AWS publishes a list of which ephemeral devices are available on each type. The devices are always identified by the virtualName in the format "ephemeral{0..N}".

NOTE: Changes to *_block_device configuration of existing resources cannot currently be detected by this provider. After updating to block device configuration, resource recreation can be manually triggered by using the taint command.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/launch_configuration.html.markdown.

constructor 

new LaunchConfiguration(name: string, args: LaunchConfigurationArgs, opts?: pulumi.CustomResourceOptions)

Create a LaunchConfiguration resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: LaunchConfigurationState, opts?: pulumi.CustomResourceOptions): LaunchConfiguration

Get an existing LaunchConfiguration resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of LaunchConfiguration. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property associatePublicIpAddress 

public associatePublicIpAddress: pulumi.Output<boolean | undefined>;

Associate a public ip address with an instance in a VPC.

property ebsBlockDevices 

public ebsBlockDevices: pulumi.Output<outputs.ec2.LaunchConfigurationEbsBlockDevice[]>;

Additional EBS block devices to attach to the instance. See Block Devices below for details.

property ebsOptimized 

public ebsOptimized: pulumi.Output<boolean>;

If true, the launched EC2 instance will be EBS-optimized.

property enableMonitoring 

public enableMonitoring: pulumi.Output<boolean | undefined>;

Enables/disables detailed monitoring. This is enabled by default.

property ephemeralBlockDevices 

public ephemeralBlockDevices: pulumi.Output<outputs.ec2.LaunchConfigurationEphemeralBlockDevice[] | undefined>;

Customize Ephemeral (also known as “Instance Store”) volumes on the instance. See Block Devices below for details.

property iamInstanceProfile 

public iamInstanceProfile: pulumi.Output<string | undefined>;

The name attribute of the IAM instance profile to associate with launched instances.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property imageId 

public imageId: pulumi.Output<string>;

The EC2 image ID to launch.

property instanceType 

public instanceType: pulumi.Output<string>;

The size of instance to launch.

property keyName 

public keyName: pulumi.Output<string>;

The key name that should be used for the instance.

property name 

public name: pulumi.Output<string>;

The name of the launch configuration. If you leave this blank, this provider will auto-generate a unique name.

property namePrefix 

public namePrefix: pulumi.Output<string | undefined>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property placementTenancy 

public placementTenancy: pulumi.Output<string | undefined>;

The tenancy of the instance. Valid values are "default" or "dedicated", see AWS’s Create Launch Configuration for more details

property rootBlockDevice 

public rootBlockDevice: pulumi.Output<outputs.ec2.LaunchConfigurationRootBlockDevice>;

Customize details about the root block device of the instance. See Block Devices below for details.

property securityGroups 

public securityGroups: pulumi.Output<string[] | undefined>;

A list of associated security group IDS.

property spotPrice 

public spotPrice: pulumi.Output<string | undefined>;

The maximum price to use for reserving spot instances.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userData 

public userData: pulumi.Output<string | undefined>;

The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see userDataBase64 instead.

property userDataBase64 

public userDataBase64: pulumi.Output<string | undefined>;

Can be used instead of userData to pass base64-encoded binary data directly. Use this instead of userData whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.

property vpcClassicLinkId 

public vpcClassicLinkId: pulumi.Output<string | undefined>;

The ID of a ClassicLink-enabled VPC. Only applies to EC2-Classic instances. (eg. vpc-2730681a)

property vpcClassicLinkSecurityGroups 

public vpcClassicLinkSecurityGroups: pulumi.Output<string[] | undefined>;

The IDs of one or more security groups for the specified ClassicLink-enabled VPC (eg. sg-46ae3d11).

Resource LaunchTemplate 

class LaunchTemplate extends CustomResource

Provides an EC2 launch template resource. Can be used to create instances or auto scaling groups.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/launch_template.html.markdown.

constructor 

new LaunchTemplate(name: string, args?: LaunchTemplateArgs, opts?: pulumi.CustomResourceOptions)

Create a LaunchTemplate resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: LaunchTemplateState, opts?: pulumi.CustomResourceOptions): LaunchTemplate

Get an existing LaunchTemplate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of LaunchTemplate. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn 

public arn: pulumi.Output<string>;

Amazon Resource Name (ARN) of the launch template.

property blockDeviceMappings 

public blockDeviceMappings: pulumi.Output<outputs.ec2.LaunchTemplateBlockDeviceMapping[] | undefined>;

Specify volumes to attach to the instance besides the volumes specified by the AMI. See Block Devices below for details.

property capacityReservationSpecification 

public capacityReservationSpecification: pulumi.Output<outputs.ec2.LaunchTemplateCapacityReservationSpecification | undefined>;

Targeting for EC2 capacity reservations. See Capacity Reservation Specification below for more details.

property creditSpecification 

public creditSpecification: pulumi.Output<outputs.ec2.LaunchTemplateCreditSpecification | undefined>;

Customize the credit specification of the instance. See Credit Specification below for more details.

property defaultVersion 

public defaultVersion: pulumi.Output<number>;

The default version of the launch template.

property description 

public description: pulumi.Output<string | undefined>;

Description of the launch template.

property disableApiTermination 

public disableApiTermination: pulumi.Output<boolean | undefined>;

If true, enables EC2 Instance Termination Protection

property ebsOptimized 

public ebsOptimized: pulumi.Output<string | undefined>;

If true, the launched EC2 instance will be EBS-optimized.

property elasticGpuSpecifications 

public elasticGpuSpecifications: pulumi.Output<outputs.ec2.LaunchTemplateElasticGpuSpecification[] | undefined>;

The elastic GPU to attach to the instance. See Elastic GPU below for more details.

property elasticInferenceAccelerator 

public elasticInferenceAccelerator: pulumi.Output<outputs.ec2.LaunchTemplateElasticInferenceAccelerator | undefined>;

Configuration block containing an Elastic Inference Accelerator to attach to the instance. See Elastic Inference Accelerator below for more details.

property iamInstanceProfile 

public iamInstanceProfile: pulumi.Output<outputs.ec2.LaunchTemplateIamInstanceProfile | undefined>;

The IAM Instance Profile to launch the instance with. See Instance Profile below for more details.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property imageId 

public imageId: pulumi.Output<string | undefined>;

The AMI from which to launch the instance.

property instanceInitiatedShutdownBehavior 

public instanceInitiatedShutdownBehavior: pulumi.Output<string | undefined>;

Shutdown behavior for the instance. Can be stop or terminate. (Default: stop).

property instanceMarketOptions 

public instanceMarketOptions: pulumi.Output<outputs.ec2.LaunchTemplateInstanceMarketOptions | undefined>;

The market (purchasing) option for the instance. See Market Options below for details.

property instanceType 

public instanceType: pulumi.Output<string | undefined>;

The type of the instance.

property kernelId 

public kernelId: pulumi.Output<string | undefined>;

The kernel ID.

property keyName 

public keyName: pulumi.Output<string | undefined>;

The key name to use for the instance.

property latestVersion 

public latestVersion: pulumi.Output<number>;

The latest version of the launch template.

property licenseSpecifications 

public licenseSpecifications: pulumi.Output<outputs.ec2.LaunchTemplateLicenseSpecification[] | undefined>;

A list of license specifications to associate with. See License Specification below for more details.

property monitoring 

public monitoring: pulumi.Output<outputs.ec2.LaunchTemplateMonitoring | undefined>;

The monitoring option for the instance. See Monitoring below for more details.

property name 

public name: pulumi.Output<string>;

The name of the launch template. If you leave this blank, this provider will auto-generate a unique name.

property namePrefix 

public namePrefix: pulumi.Output<string | undefined>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property networkInterfaces 

public networkInterfaces: pulumi.Output<outputs.ec2.LaunchTemplateNetworkInterface[] | undefined>;

Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.

property placement 

public placement: pulumi.Output<outputs.ec2.LaunchTemplatePlacement | undefined>;

The placement of the instance. See Placement below for more details.

property ramDiskId 

public ramDiskId: pulumi.Output<string | undefined>;

The ID of the RAM disk.

property securityGroupNames 

public securityGroupNames: pulumi.Output<string[] | undefined>;

A list of security group names to associate with. If you are creating Instances in a VPC, use vpcSecurityGroupIds instead.

property tagSpecifications 

public tagSpecifications: pulumi.Output<outputs.ec2.LaunchTemplateTagSpecification[] | undefined>;

The tags to apply to the resources during launch. See Tag Specifications below for more details.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the launch template.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userData 

public userData: pulumi.Output<string | undefined>;

The Base64-encoded user data to provide when launching the instance.

property vpcSecurityGroupIds 

public vpcSecurityGroupIds: pulumi.Output<string[] | undefined>;

A list of security group IDs to associate with.

Resource MainRouteTableAssociation 

class MainRouteTableAssociation extends CustomResource

Provides a resource for managing the main routing table of a VPC.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const mainRouteTableAssociation = new aws.ec2.MainRouteTableAssociation("a", {
    routeTableId: aws_route_table_bar.id,
    vpcId: aws_vpc_foo.id,
});

Notes

On VPC creation, the AWS API always creates an initial Main Route Table. This resource records the ID of that Route Table under originalRouteTableId. The “Delete” action for a mainRouteTableAssociation consists of resetting this original table as the Main Route Table for the VPC. You’ll see this additional Route Table in the AWS console; it must remain intact in order for the mainRouteTableAssociation delete to work properly.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/main_route_table_association.html.markdown.

constructor 

new MainRouteTableAssociation(name: string, args: MainRouteTableAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a MainRouteTableAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: MainRouteTableAssociationState, opts?: pulumi.CustomResourceOptions): MainRouteTableAssociation

Get an existing MainRouteTableAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of MainRouteTableAssociation. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property originalRouteTableId 

public originalRouteTableId: pulumi.Output<string>;

Used internally, see Notes below

property routeTableId 

public routeTableId: pulumi.Output<string>;

The ID of the Route Table to set as the new main route table for the target VPC

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The ID of the VPC whose main route table should be set

Resource NatGateway 

class NatGateway extends CustomResource

Provides a resource to create a VPC NAT Gateway.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const gw = new aws.ec2.NatGateway("gw", {
    allocationId: aws_eip_nat.id,
    subnetId: aws_subnet_public.id,
});

Usage with tags:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const gw = new aws.ec2.NatGateway("gw", {
    allocationId: aws_eip_nat.id,
    subnetId: aws_subnet_public.id,
    tags: {
        Name: "gw NAT",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/nat_gateway.html.markdown.

constructor 

new NatGateway(name: string, args: NatGatewayArgs, opts?: pulumi.CustomResourceOptions)

Create a NatGateway resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NatGatewayState, opts?: pulumi.CustomResourceOptions): NatGateway

Get an existing NatGateway resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of NatGateway. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allocationId 

public allocationId: pulumi.Output<string>;

The Allocation ID of the Elastic IP address for the gateway.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property networkInterfaceId 

public networkInterfaceId: pulumi.Output<string>;

The ENI ID of the network interface created by the NAT gateway.

property privateIp 

public privateIp: pulumi.Output<string>;

The private IP address of the NAT Gateway.

property publicIp 

public publicIp: pulumi.Output<string>;

The public IP address of the NAT Gateway.

property subnetId 

public subnetId: pulumi.Output<string>;

The Subnet ID of the subnet in which to place the gateway.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NetworkAcl 

class NetworkAcl extends CustomResource

Provides an network ACL resource. You might set up network ACLs with rules similar to your security groups in order to add an additional layer of security to your VPC.

NOTE on Network ACLs and Network ACL Rules: This provider currently provides both a standalone Network ACL Rule resource and a Network ACL resource with rules defined in-line. At this time you cannot use a Network ACL with in-line rules in conjunction with any Network ACL Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = new aws.ec2.NetworkAcl("main", {
    egress: [{
        action: "allow",
        cidrBlock: "10.3.0.0/18",
        fromPort: 443,
        protocol: "tcp",
        ruleNo: 200,
        toPort: 443,
    }],
    ingress: [{
        action: "allow",
        cidrBlock: "10.3.0.0/18",
        fromPort: 80,
        protocol: "tcp",
        ruleNo: 100,
        toPort: 80,
    }],
    tags: {
        Name: "main",
    },
    vpcId: aws_vpc_main.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/network_acl.html.markdown.

constructor 

new NetworkAcl(name: string, args: NetworkAclArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkAcl resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkAclState, opts?: pulumi.CustomResourceOptions): NetworkAcl

Get an existing NetworkAcl resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of NetworkAcl. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property egress 

public egress: pulumi.Output<outputs.ec2.NetworkAclEgress[]>;

Specifies an egress rule. Parameters defined below. This argument is processed in attribute-as-blocks mode.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ingress 

public ingress: pulumi.Output<outputs.ec2.NetworkAclIngress[]>;

Specifies an ingress rule. Parameters defined below. This argument is processed in attribute-as-blocks mode.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the network ACL.

property subnetIds 

public subnetIds: pulumi.Output<string[]>;

A list of Subnet IDs to apply the ACL to

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The ID of the associated VPC.

Resource NetworkAclRule 

class NetworkAclRule extends CustomResource

Creates an entry (a rule) in a network ACL with the specified rule number.

NOTE on Network ACLs and Network ACL Rules: This provider currently provides both a standalone Network ACL Rule resource and a Network ACL resource with rules defined in-line. At this time you cannot use a Network ACL with in-line rules in conjunction with any Network ACL Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const barNetworkAcl = new aws.ec2.NetworkAcl("bar", {
    vpcId: aws_vpc_foo.id,
});
const barNetworkAclRule = new aws.ec2.NetworkAclRule("bar", {
    // Opening to 0.0.0.0/0 can lead to security vulnerabilities.
    cidrBlock: "", // add a CIDR block here
    egress: false,
    fromPort: 22,
    networkAclId: barNetworkAcl.id,
    protocol: "tcp",
    ruleAction: "allow",
    ruleNumber: 200,
    toPort: 22,
});

Note: One of either cidrBlock or ipv6CidrBlock is required.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/network_acl_rule.html.markdown.

constructor 

new NetworkAclRule(name: string, args: NetworkAclRuleArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkAclRule resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkAclRuleState, opts?: pulumi.CustomResourceOptions): NetworkAclRule

Get an existing NetworkAclRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of NetworkAclRule. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property cidrBlock 

public cidrBlock: pulumi.Output<string | undefined>;

The network range to allow or deny, in CIDR notation (for example 172.16.0.0/24 ).

property egress 

public egress: pulumi.Output<boolean | undefined>;

Indicates whether this is an egress rule (rule is applied to traffic leaving the subnet). Default false.

property fromPort 

public fromPort: pulumi.Output<number | undefined>;

The from port to match.

property icmpCode 

public icmpCode: pulumi.Output<string | undefined>;

ICMP protocol: The ICMP code. Required if specifying ICMP for the protocol. e.g. -1

property icmpType 

public icmpType: pulumi.Output<string | undefined>;

ICMP protocol: The ICMP type. Required if specifying ICMP for the protocol. e.g. -1

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipv6CidrBlock 

public ipv6CidrBlock: pulumi.Output<string | undefined>;

The IPv6 CIDR block to allow or deny.

property networkAclId 

public networkAclId: pulumi.Output<string>;

The ID of the network ACL.

property protocol 

public protocol: pulumi.Output<string>;

The protocol. A value of -1 means all protocols.

property ruleAction 

public ruleAction: pulumi.Output<string>;

Indicates whether to allow or deny the traffic that matches the rule. Accepted values: allow | deny

property ruleNumber 

public ruleNumber: pulumi.Output<number>;

The rule number for the entry (for example, 100). ACL entries are processed in ascending order by rule number.

property toPort 

public toPort: pulumi.Output<number | undefined>;

The to port to match.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NetworkInterface 

class NetworkInterface extends CustomResource

Provides an Elastic network interface (ENI) resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const test = new aws.ec2.NetworkInterface("test", {
    attachments: [{
        deviceIndex: 1,
        instance: aws_instance_test.id,
    }],
    privateIps: ["10.0.0.50"],
    securityGroups: [aws_security_group_web.id],
    subnetId: aws_subnet_public_a.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/network_interface.html.markdown.

constructor 

new NetworkInterface(name: string, args: NetworkInterfaceArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkInterface resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkInterfaceState, opts?: pulumi.CustomResourceOptions): NetworkInterface

Get an existing NetworkInterface resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of NetworkInterface. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property attachments 

public attachments: pulumi.Output<outputs.ec2.NetworkInterfaceAttachment[]>;

Block to define the attachment of the ENI. Documented below.

property description 

public description: pulumi.Output<string | undefined>;

A description for the network interface.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property privateDnsName 

public privateDnsName: pulumi.Output<string>;

property privateIp 

public privateIp: pulumi.Output<string>;

property privateIps 

public privateIps: pulumi.Output<string[]>;

List of private IPs to assign to the ENI.

property privateIpsCount 

public privateIpsCount: pulumi.Output<number>;

Number of secondary private IPs to assign to the ENI. The total number of private IPs will be 1 + private_ips_count, as a primary private IP will be assiged to an ENI by default.

property securityGroups 

public securityGroups: pulumi.Output<string[]>;

List of security group IDs to assign to the ENI.

property sourceDestCheck 

public sourceDestCheck: pulumi.Output<boolean | undefined>;

Whether to enable source destination checking for the ENI. Default true.

property subnetId 

public subnetId: pulumi.Output<string>;

Subnet ID to create the ENI in.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NetworkInterfaceAttachment 

class NetworkInterfaceAttachment extends CustomResource

Attach an Elastic network interface (ENI) resource with EC2 instance.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const test = new aws.ec2.NetworkInterfaceAttachment("test", {
    deviceIndex: 0,
    instanceId: aws_instance_test.id,
    networkInterfaceId: aws_network_interface_test.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/network_interface_attachment.html.markdown.

constructor 

new NetworkInterfaceAttachment(name: string, args: NetworkInterfaceAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkInterfaceAttachment resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkInterfaceAttachmentState, opts?: pulumi.CustomResourceOptions): NetworkInterfaceAttachment

Get an existing NetworkInterfaceAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of NetworkInterfaceAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property attachmentId 

public attachmentId: pulumi.Output<string>;

The ENI Attachment ID.

property deviceIndex 

public deviceIndex: pulumi.Output<number>;

Network interface index (int).

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceId 

public instanceId: pulumi.Output<string>;

Instance ID to attach.

property networkInterfaceId 

public networkInterfaceId: pulumi.Output<string>;

ENI ID to attach.

property status 

public status: pulumi.Output<string>;

The status of the Network Interface Attachment.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource NetworkInterfaceSecurityGroupAttachment 

class NetworkInterfaceSecurityGroupAttachment extends CustomResource

This resource attaches a security group to an Elastic Network Interface (ENI). It can be used to attach a security group to any existing ENI, be it a secondary ENI or one attached as the primary interface on an instance.

NOTE on instances, interfaces, and security groups: This provider currently provides the capability to assign security groups via the aws.ec2.Instance and the aws.ec2.NetworkInterface resources. Using this resource in conjunction with security groups provided in-line in those resources will cause conflicts, and will lead to spurious diffs and undefined behavior - please use one or the other.

Example Usage

The following provides a very basic example of setting up an instance (provided by instance) in the default security group, creating a security group (provided by sg) and then attaching the security group to the instance’s primary network interface via the aws.ec2.NetworkInterfaceSecurityGroupAttachment resource, named sgAttachment:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ami = aws.getAmi({
    filters: [{
        name: "name",
        values: ["amzn-ami-hvm-*"],
    }],
    mostRecent: true,
    owners: ["amazon"],
});
const instance = new aws.ec2.Instance("instance", {
    ami: ami.id,
    instanceType: "t2.micro",
    tags: {
        type: "test-instance",
    },
});
const sg = new aws.ec2.SecurityGroup("sg", {
    tags: {
        type: "test-security-group",
    },
});
const sgAttachment = new aws.ec2.NetworkInterfaceSecurityGroupAttachment("sgAttachment", {
    networkInterfaceId: instance.primaryNetworkInterfaceId,
    securityGroupId: sg.id,
});

In this example, instance is provided by the aws.ec2.Instance data source, fetching an external instance, possibly not managed by this provider. sgAttachment then attaches to the output instance’s networkInterfaceId:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const instance = aws.ec2.getInstance({
    instanceId: "i-1234567890abcdef0",
});
const sg = new aws.ec2.SecurityGroup("sg", {
    tags: {
        type: "test-security-group",
    },
});
const sgAttachment = new aws.ec2.NetworkInterfaceSecurityGroupAttachment("sgAttachment", {
    networkInterfaceId: instance.networkInterfaceId,
    securityGroupId: sg.id,
});

Output Reference

There are no outputs for this resource.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/network_interface_sg_attachment.html.markdown.

constructor 

new NetworkInterfaceSecurityGroupAttachment(name: string, args: NetworkInterfaceSecurityGroupAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a NetworkInterfaceSecurityGroupAttachment resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: NetworkInterfaceSecurityGroupAttachmentState, opts?: pulumi.CustomResourceOptions): NetworkInterfaceSecurityGroupAttachment

Get an existing NetworkInterfaceSecurityGroupAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of NetworkInterfaceSecurityGroupAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property networkInterfaceId 

public networkInterfaceId: pulumi.Output<string>;

The ID of the network interface to attach to.

property securityGroupId 

public securityGroupId: pulumi.Output<string>;

The ID of the security group.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource PeeringConnectionOptions 

class PeeringConnectionOptions extends CustomResource

Provides a resource to manage VPC peering connection options.

NOTE on VPC Peering Connections and VPC Peering Connection Options: This provider provides both a standalone VPC Peering Connection Options and a VPC Peering Connection resource with accepter and requester attributes. Do not manage options for the same VPC peering connection in both a VPC Peering Connection resource and a VPC Peering Connection Options resource. Doing so will cause a conflict of options and will overwrite the options. Using a VPC Peering Connection Options resource decouples management of the connection options from management of the VPC Peering Connection and allows options to be set correctly in cross-region and cross-account scenarios.

Basic usage:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const fooVpc = new aws.ec2.Vpc("foo", {
    cidrBlock: "10.0.0.0/16",
});
const bar = new aws.ec2.Vpc("bar", {
    cidrBlock: "10.1.0.0/16",
});
const fooVpcPeeringConnection = new aws.ec2.VpcPeeringConnection("foo", {
    autoAccept: true,
    peerVpcId: bar.id,
    vpcId: fooVpc.id,
});
const fooPeeringConnectionOptions = new aws.ec2.PeeringConnectionOptions("foo", {
    accepter: {
        allowRemoteVpcDnsResolution: true,
    },
    requester: {
        allowClassicLinkToRemoteVpc: true,
        allowVpcToRemoteClassicLink: true,
    },
    vpcPeeringConnectionId: fooVpcPeeringConnection.id,
});

Basic cross-account usage:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const requester = new aws.Provider("requester", {});
const accepter = new aws.Provider("accepter", {});
const main = new aws.ec2.Vpc("main", {
    cidrBlock: "10.0.0.0/16",
    enableDnsHostnames: true,
    enableDnsSupport: true,
}, {provider: requester});
const peerVpc = new aws.ec2.Vpc("peer", {
    cidrBlock: "10.1.0.0/16",
    enableDnsHostnames: true,
    enableDnsSupport: true,
}, {provider: accepter});
const peerCallerIdentity = aws.getCallerIdentity({provider: accepter});
// Requester's side of the connection.
const peerVpcPeeringConnection = new aws.ec2.VpcPeeringConnection("peer", {
    autoAccept: false,
    peerOwnerId: peerCallerIdentity.accountId,
    peerVpcId: peerVpc.id,
    tags: {
        Side: "Requester",
    },
    vpcId: main.id,
}, {provider: requester});
// Accepter's side of the connection.
const peerVpcPeeringConnectionAccepter = new aws.ec2.VpcPeeringConnectionAccepter("peer", {
    autoAccept: true,
    tags: {
        Side: "Accepter",
    },
    vpcPeeringConnectionId: peerVpcPeeringConnection.id,
}, {provider: accepter});
const requesterPeeringConnectionOptions = new aws.ec2.PeeringConnectionOptions("requester", {
    requester: {
        allowRemoteVpcDnsResolution: true,
    },
    // As options can't be set until the connection has been accepted
    // create an explicit dependency on the accepter.
    vpcPeeringConnectionId: peerVpcPeeringConnectionAccepter.id,
}, {provider: requester});
const accepterPeeringConnectionOptions = new aws.ec2.PeeringConnectionOptions("accepter", {
    accepter: {
        allowRemoteVpcDnsResolution: true,
    },
    vpcPeeringConnectionId: peerVpcPeeringConnectionAccepter.id,
}, {provider: accepter});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc_peering_connection_options.html.markdown.

constructor 

new PeeringConnectionOptions(name: string, args: PeeringConnectionOptionsArgs, opts?: pulumi.CustomResourceOptions)

Create a PeeringConnectionOptions resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PeeringConnectionOptionsState, opts?: pulumi.CustomResourceOptions): PeeringConnectionOptions

Get an existing PeeringConnectionOptions resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of PeeringConnectionOptions. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accepter 

public accepter: pulumi.Output<outputs.ec2.PeeringConnectionOptionsAccepter>;

An optional configuration block that allows for VPC Peering Connection options to be set for the VPC that accepts the peering connection (a maximum of one).

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property requester 

public requester: pulumi.Output<outputs.ec2.PeeringConnectionOptionsRequester>;

A optional configuration block that allows for VPC Peering Connection options to be set for the VPC that requests the peering connection (a maximum of one).

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcPeeringConnectionId 

public vpcPeeringConnectionId: pulumi.Output<string>;

The ID of the requester VPC peering connection.

Resource PlacementGroup 

class PlacementGroup extends CustomResource

Provides an EC2 placement group. Read more about placement groups in AWS Docs.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const web = new aws.ec2.PlacementGroup("web", {
    strategy: "cluster",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/placement_group.html.markdown.

constructor 

new PlacementGroup(name: string, args: PlacementGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a PlacementGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PlacementGroupState, opts?: pulumi.CustomResourceOptions): PlacementGroup

Get an existing PlacementGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of PlacementGroup. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name 

public name: pulumi.Output<string>;

The name of the placement group.

property strategy 

public strategy: pulumi.Output<PlacementStrategy>;

The placement strategy.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource ProxyProtocolPolicy 

class ProxyProtocolPolicy extends CustomResource

Provides a proxy protocol policy, which allows an ELB to carry a client connection information to a backend.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const lb = new aws.elb.LoadBalancer("lb", {
    availabilityZones: ["us-east-1a"],
    listeners: [
        {
            instancePort: 25,
            instanceProtocol: "tcp",
            lbPort: 25,
            lbProtocol: "tcp",
        },
        {
            instancePort: 587,
            instanceProtocol: "tcp",
            lbPort: 587,
            lbProtocol: "tcp",
        },
    ],
});
const smtp = new aws.ec2.ProxyProtocolPolicy("smtp", {
    instancePorts: [
        "25",
        "587",
    ],
    loadBalancer: lb.name,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/proxy_protocol_policy.html.markdown.

constructor 

new ProxyProtocolPolicy(name: string, args: ProxyProtocolPolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a ProxyProtocolPolicy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: ProxyProtocolPolicyState, opts?: pulumi.CustomResourceOptions): ProxyProtocolPolicy

Get an existing ProxyProtocolPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of ProxyProtocolPolicy. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instancePorts 

public instancePorts: pulumi.Output<string[]>;

List of instance ports to which the policy should be applied. This can be specified if the protocol is SSL or TCP.

property loadBalancer 

public loadBalancer: pulumi.Output<string>;

The load balancer to which the policy should be attached.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource Route 

class Route extends CustomResource

Provides a resource to create a routing table entry (a route) in a VPC routing table.

NOTE on Route Tables and Routes: This provider currently provides both a standalone Route resource and a Route Table resource with routes defined in-line. At this time you cannot use a Route Table with in-line routes in conjunction with any Route resources. Doing so will cause a conflict of rule settings and will overwrite rules.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/route.html.markdown.

constructor 

new Route(name: string, args: RouteArgs, opts?: pulumi.CustomResourceOptions)

Create a Route resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouteState, opts?: pulumi.CustomResourceOptions): Route

Get an existing Route resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Route. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property destinationCidrBlock 

public destinationCidrBlock: pulumi.Output<string | undefined>;

The destination CIDR block.

property destinationIpv6CidrBlock 

public destinationIpv6CidrBlock: pulumi.Output<string | undefined>;

The destination IPv6 CIDR block.

property destinationPrefixListId 

public destinationPrefixListId: pulumi.Output<string>;

property egressOnlyGatewayId 

public egressOnlyGatewayId: pulumi.Output<string>;

Identifier of a VPC Egress Only Internet Gateway.

property gatewayId 

public gatewayId: pulumi.Output<string>;

Identifier of a VPC internet gateway or a virtual private gateway.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceId 

public instanceId: pulumi.Output<string>;

Identifier of an EC2 instance.

property instanceOwnerId 

public instanceOwnerId: pulumi.Output<string>;

property natGatewayId 

public natGatewayId: pulumi.Output<string>;

Identifier of a VPC NAT gateway.

property networkInterfaceId 

public networkInterfaceId: pulumi.Output<string>;

Identifier of an EC2 network interface.

property origin 

public origin: pulumi.Output<string>;

property routeTableId 

public routeTableId: pulumi.Output<string>;

The ID of the routing table.

property state 

public state: pulumi.Output<string>;

property transitGatewayId 

public transitGatewayId: pulumi.Output<string | undefined>;

Identifier of an EC2 Transit Gateway.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcPeeringConnectionId 

public vpcPeeringConnectionId: pulumi.Output<string | undefined>;

Identifier of a VPC peering connection.

Resource RouteTable 

class RouteTable extends CustomResource

Provides a resource to create a VPC routing table.

NOTE on Route Tables and Routes: This provider currently provides both a standalone Route resource and a Route Table resource with routes defined in-line. At this time you cannot use a Route Table with in-line routes in conjunction with any Route resources. Doing so will cause a conflict of rule settings and will overwrite rules.

NOTE on gatewayId and natGatewayId: The AWS API is very forgiving with these two attributes and the aws.ec2.RouteTable resource can be created with a NAT ID specified as a Gateway ID attribute. This will lead to a permanent diff between your configuration and statefile, as the API returns the correct parameters in the returned route table. If you’re experiencing constant diffs in your aws.ec2.RouteTable resources, the first thing to check is whether or not you’re specifying a NAT ID instead of a Gateway ID, or vice-versa.

NOTE on propagatingVgws and the aws.ec2.VpnGatewayRoutePropagation resource: If the propagatingVgws argument is present, it’s not supported to also define route propagations using aws.ec2.VpnGatewayRoutePropagation, since this resource will delete any propagating gateways not explicitly listed in propagatingVgws. Omit this argument when defining route propagation using the separate resource.

Example usage with tags:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const routeTable = new aws.ec2.RouteTable("r", {
    routes: [
        {
            cidrBlock: "10.0.1.0/24",
            gatewayId: aws_internet_gateway_main.id,
        },
        {
            egressOnlyGatewayId: aws_egress_only_internet_gateway_foo.id,
            ipv6CidrBlock: "::/0",
        },
    ],
    tags: {
        Name: "main",
    },
    vpcId: aws_vpc_default.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/route_table.html.markdown.

constructor 

new RouteTable(name: string, args: RouteTableArgs, opts?: pulumi.CustomResourceOptions)

Create a RouteTable resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouteTableState, opts?: pulumi.CustomResourceOptions): RouteTable

Get an existing RouteTable resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of RouteTable. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the route table.

property propagatingVgws 

public propagatingVgws: pulumi.Output<string[]>;

A list of virtual gateways for propagation.

property routes 

public routes: pulumi.Output<outputs.ec2.RouteTableRoute[]>;

A list of route objects. Their keys are documented below. This argument is processed in attribute-as-blocks mode.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The VPC ID.

Resource RouteTableAssociation 

class RouteTableAssociation extends CustomResource

Provides a resource to create an association between a subnet and routing table.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const routeTableAssociation = new aws.ec2.RouteTableAssociation("a", {
    routeTableId: aws_route_table_bar.id,
    subnetId: aws_subnet_foo.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/route_table_association.html.markdown.

constructor 

new RouteTableAssociation(name: string, args: RouteTableAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a RouteTableAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RouteTableAssociationState, opts?: pulumi.CustomResourceOptions): RouteTableAssociation

Get an existing RouteTableAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of RouteTableAssociation. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property routeTableId 

public routeTableId: pulumi.Output<string>;

The ID of the routing table to associate with.

property subnetId 

public subnetId: pulumi.Output<string>;

The subnet ID to create an association.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SecurityGroup 

class SecurityGroup extends CustomResource

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/security_group.html.markdown.

constructor 

new SecurityGroup(name: string, args?: SecurityGroupArgs, opts?: pulumi.CustomResourceOptions)

Create a SecurityGroup resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecurityGroupState, opts?: pulumi.CustomResourceOptions): SecurityGroup

Get an existing SecurityGroup resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of SecurityGroup. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn 

public arn: pulumi.Output<string>;

The ARN of the security group

property description 

public description: pulumi.Output<string>;

The security group description. Defaults to “Managed by Pulumi”. Cannot be “”. NOTE: This field maps to the AWS GroupDescription attribute, for which there is no Update API. If you’d like to classify your security groups in a way that can be updated, use tags.

property egress 

public egress: pulumi.Output<outputs.ec2.SecurityGroupEgress[]>;

Can be specified multiple times for each egress rule. Each egress block supports fields documented below. This argument is processed in attribute-as-blocks mode.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ingress 

public ingress: pulumi.Output<outputs.ec2.SecurityGroupIngress[]>;

Can be specified multiple times for each ingress rule. Each ingress block supports fields documented below. This argument is processed in attribute-as-blocks mode.

property name 

public name: pulumi.Output<string>;

The name of the security group. If omitted, this provider will assign a random, unique name

property namePrefix 

public namePrefix: pulumi.Output<string | undefined>;

Creates a unique name beginning with the specified prefix. Conflicts with name.

property ownerId 

public ownerId: pulumi.Output<string>;

The owner ID.

property revokeRulesOnDelete 

public revokeRulesOnDelete: pulumi.Output<boolean | undefined>;

Instruct this provider to revoke all of the Security Groups attached ingress and egress rules before deleting the rule itself. This is normally not needed, however certain AWS services such as Elastic Map Reduce may automatically add required rules to security groups used with the service, and those rules may contain a cyclic dependency that prevent the security groups from being destroyed without removing the dependency first. Default false

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The VPC ID.

Resource SecurityGroupRule 

class SecurityGroupRule extends CustomResource

Provides a security group rule resource. Represents a single ingress or egress group rule, which can be added to external Security Groups.

NOTE on Security Groups and Security Group Rules: This provider currently provides both a standalone Security Group Rule resource (a single ingress or egress rule), and a Security Group resource with ingress and egress rules defined in-line. At this time you cannot use a Security Group with in-line rules in conjunction with any Security Group Rule resources. Doing so will cause a conflict of rule settings and will overwrite rules.

NOTE: Setting protocol = "all" or protocol = -1 with fromPort and toPort will result in the EC2 API creating a security group rule with all ports open. This API behavior cannot be controlled by this provider and may generate warnings in the future.

NOTE: Referencing Security Groups across VPC peering has certain restrictions. More information is available in the VPC Peering User Guide.

Example Usage

Basic usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const allowAll = new aws.ec2.SecurityGroupRule("allowAll", {
    // Opening to 0.0.0.0/0 can lead to security vulnerabilities.
    cidrBlocks: "", // add a CIDR block here
    fromPort: 0,
    prefixListIds: ["pl-12c4e678"],
    protocol: "tcp",
    securityGroupId: "sg-123456",
    toPort: 65535,
    type: "ingress",
});

Usage with prefix list IDs

Prefix list IDs are manged by AWS internally. Prefix list IDs are associated with a prefix list name, or service name, that is linked to a specific region. Prefix list IDs are exported on VPC Endpoints, so you can use this format:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// ...
const myEndpoint = new aws.ec2.VpcEndpoint("myEndpoint", {});
const allowAll = new aws.ec2.SecurityGroupRule("allowAll", {
    fromPort: 0,
    prefixListIds: [myEndpoint.prefixListId],
    protocol: "-1",
    securityGroupId: "sg-123456",
    toPort: 0,
    type: "egress",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/security_group_rule.html.markdown.

constructor 

new SecurityGroupRule(name: string, args: SecurityGroupRuleArgs, opts?: pulumi.CustomResourceOptions)

Create a SecurityGroupRule resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SecurityGroupRuleState, opts?: pulumi.CustomResourceOptions): SecurityGroupRule

Get an existing SecurityGroupRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of SecurityGroupRule. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property cidrBlocks 

public cidrBlocks: pulumi.Output<string[] | undefined>;

List of CIDR blocks. Cannot be specified with sourceSecurityGroupId.

property description 

public description: pulumi.Output<string | undefined>;

Description of the rule.

property fromPort 

public fromPort: pulumi.Output<number>;

The start port (or ICMP type number if protocol is “icmp”).

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipv6CidrBlocks 

public ipv6CidrBlocks: pulumi.Output<string[] | undefined>;

List of IPv6 CIDR blocks.

property prefixListIds 

public prefixListIds: pulumi.Output<string[] | undefined>;

List of prefix list IDs (for allowing access to VPC endpoints).

property protocol 

public protocol: pulumi.Output<string>;

The protocol. If not icmp, tcp, udp, or all use the protocol number

property securityGroupId 

public securityGroupId: pulumi.Output<string>;

The security group to apply this rule to.

property self 

public self: pulumi.Output<boolean | undefined>;

If true, the security group itself will be added as a source to this ingress rule. Cannot be specified with sourceSecurityGroupId.

property sourceSecurityGroupId 

public sourceSecurityGroupId: pulumi.Output<string>;

The security group id to allow access to/from, depending on the type. Cannot be specified with cidrBlocks and self.

property toPort 

public toPort: pulumi.Output<number>;

The end port (or ICMP code if protocol is “icmp”).

property type 

public type: pulumi.Output<string>;

The type of rule being created. Valid options are ingress (inbound) or egress (outbound).

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SnapshotCreateVolumePermission 

class SnapshotCreateVolumePermission extends CustomResource

Adds permission to create volumes off of a given EBS Snapshot.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ebs.Volume("example", {
    availabilityZone: "us-west-2a",
    size: 40,
});
const exampleSnapshot = new aws.ebs.Snapshot("exampleSnapshot", {
    volumeId: example.id,
});
const examplePerm = new aws.ec2.SnapshotCreateVolumePermission("examplePerm", {
    accountId: "12345678",
    snapshotId: exampleSnapshot.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/snapshot_create_volume_permission.html.markdown.

constructor 

new SnapshotCreateVolumePermission(name: string, args: SnapshotCreateVolumePermissionArgs, opts?: pulumi.CustomResourceOptions)

Create a SnapshotCreateVolumePermission resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SnapshotCreateVolumePermissionState, opts?: pulumi.CustomResourceOptions): SnapshotCreateVolumePermission

Get an existing SnapshotCreateVolumePermission resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of SnapshotCreateVolumePermission. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property accountId 

public accountId: pulumi.Output<string>;

An AWS Account ID to add create volume permissions

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property snapshotId 

public snapshotId: pulumi.Output<string>;

A snapshot ID

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SpotDatafeedSubscription 

class SpotDatafeedSubscription extends CustomResource

Note: There is only a single subscription allowed per account.

To help you understand the charges for your Spot instances, Amazon EC2 provides a data feed that describes your Spot instance usage and pricing. This data feed is sent to an Amazon S3 bucket that you specify when you subscribe to the data feed.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const defaultBucket = new aws.s3.Bucket("default", {});
const defaultSpotDatafeedSubscription = new aws.ec2.SpotDatafeedSubscription("default", {
    bucket: defaultBucket.bucket,
    prefix: "mySubdirectory",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/spot_datafeed_subscription.html.markdown.

constructor 

new SpotDatafeedSubscription(name: string, args: SpotDatafeedSubscriptionArgs, opts?: pulumi.CustomResourceOptions)

Create a SpotDatafeedSubscription resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SpotDatafeedSubscriptionState, opts?: pulumi.CustomResourceOptions): SpotDatafeedSubscription

Get an existing SpotDatafeedSubscription resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of SpotDatafeedSubscription. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property bucket 

public bucket: pulumi.Output<string>;

The Amazon S3 bucket in which to store the Spot instance data feed.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property prefix 

public prefix: pulumi.Output<string | undefined>;

Path of folder inside bucket to place spot pricing data.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource SpotFleetRequest 

class SpotFleetRequest extends CustomResource

Provides an EC2 Spot Fleet Request resource. This allows a fleet of Spot instances to be requested on the Spot market.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Request a Spot fleet
const cheapCompute = new aws.ec2.SpotFleetRequest("cheapCompute", {
    allocationStrategy: "diversified",
    iamFleetRole: "arn:aws:iam::12345678:role/spot-fleet",
    launchSpecifications: [
        {
            ami: "ami-1234",
            iamInstanceProfileArn: aws_iam_instance_profile_example.arn,
            instanceType: "m4.10xlarge",
            placementTenancy: "dedicated",
            spotPrice: "2.793",
        },
        {
            ami: "ami-5678",
            availabilityZone: "us-west-1a",
            iamInstanceProfileArn: aws_iam_instance_profile_example.arn,
            instanceType: "m4.4xlarge",
            keyName: "my-key",
            rootBlockDevices: [{
                volumeSize: 300,
                volumeType: "gp2",
            }],
            spotPrice: "1.117",
            subnetId: "subnet-1234",
            tags: {
                Name: "spot-fleet-example",
            },
            weightedCapacity: "35",
        },
    ],
    spotPrice: "0.03",
    targetCapacity: 6,
    validUntil: "2019-11-04T20:44:20Z",
});

NOTE: This provider does not support the functionality where multiple subnetId or availabilityZone parameters can be specified in the same launch configuration block. If you want to specify multiple values, then separate launch configuration blocks should be used:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = new aws.ec2.SpotFleetRequest("foo", {
    iamFleetRole: "arn:aws:iam::12345678:role/spot-fleet",
    launchSpecifications: [
        {
            ami: "ami-d06a90b0",
            availabilityZone: "us-west-2a",
            instanceType: "m1.small",
            keyName: "my-key",
        },
        {
            ami: "ami-d06a90b0",
            availabilityZone: "us-west-2a",
            instanceType: "m5.large",
            keyName: "my-key",
        },
    ],
    spotPrice: "0.005",
    targetCapacity: 2,
    validUntil: "2019-11-04T20:44:20Z",
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/spot_fleet_request.html.markdown.

constructor 

new SpotFleetRequest(name: string, args: SpotFleetRequestArgs, opts?: pulumi.CustomResourceOptions)

Create a SpotFleetRequest resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SpotFleetRequestState, opts?: pulumi.CustomResourceOptions): SpotFleetRequest

Get an existing SpotFleetRequest resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of SpotFleetRequest. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property allocationStrategy 

public allocationStrategy: pulumi.Output<string | undefined>;

Indicates how to allocate the target capacity across the Spot pools specified by the Spot fleet request. The default is lowestPrice.

property clientToken 

public clientToken: pulumi.Output<string>;

property excessCapacityTerminationPolicy 

public excessCapacityTerminationPolicy: pulumi.Output<string | undefined>;

Indicates whether running Spot instances should be terminated if the target capacity of the Spot fleet request is decreased below the current size of the Spot fleet.

property fleetType 

public fleetType: pulumi.Output<string | undefined>;

The type of fleet request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. Default is maintain.

property iamFleetRole 

public iamFleetRole: pulumi.Output<string>;

Grants the Spot fleet permission to terminate Spot instances on your behalf when you cancel its Spot fleet request using CancelSpotFleetRequests or when the Spot fleet request expires, if you set terminateInstancesWithExpiration.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceInterruptionBehaviour 

public instanceInterruptionBehaviour: pulumi.Output<string | undefined>;

Indicates whether a Spot instance stops or terminates when it is interrupted. Default is terminate.

property instancePoolsToUseCount 

public instancePoolsToUseCount: pulumi.Output<number | undefined>;

The number of Spot pools across which to allocate your target Spot capacity. Valid only when allocationStrategy is set to lowestPrice. Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify.

property launchSpecifications 

public launchSpecifications: pulumi.Output<outputs.ec2.SpotFleetRequestLaunchSpecification[]>;

Used to define the launch configuration of the spot-fleet request. Can be specified multiple times to define different bids across different markets and instance types.

property loadBalancers 

public loadBalancers: pulumi.Output<string[]>;

A list of elastic load balancer names to add to the Spot fleet.

property replaceUnhealthyInstances 

public replaceUnhealthyInstances: pulumi.Output<boolean | undefined>;

Indicates whether Spot fleet should replace unhealthy instances. Default false.

property spotPrice 

public spotPrice: pulumi.Output<string | undefined>;

The maximum bid price per unit hour.

property spotRequestState 

public spotRequestState: pulumi.Output<string>;

The state of the Spot fleet request.

property targetCapacity 

public targetCapacity: pulumi.Output<number>;

The number of units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O.

property targetGroupArns 

public targetGroupArns: pulumi.Output<string[]>;

A list of aws.alb.TargetGroup ARNs, for use with Application Load Balancing.

property terminateInstancesWithExpiration 

public terminateInstancesWithExpiration: pulumi.Output<boolean | undefined>;

Indicates whether running Spot instances should be terminated when the Spot fleet request expires.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property validFrom 

public validFrom: pulumi.Output<string | undefined>;

The start date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.

property validUntil 

public validUntil: pulumi.Output<string | undefined>;

The end date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. Defaults to 24 hours.

property waitForFulfillment 

public waitForFulfillment: pulumi.Output<boolean | undefined>;

If set, this provider will wait for the Spot Request to be fulfilled, and will throw an error if the timeout of 10m is reached.

Resource SpotInstanceRequest 

class SpotInstanceRequest extends CustomResource

Provides an EC2 Spot Instance Request resource. This allows instances to be requested on the spot market.

By default this provider creates Spot Instance Requests with a persistent type, which means that for the duration of their lifetime, AWS will launch an instance with the configured details if and when the spot market will accept the requested price.

On destruction, this provider will make an attempt to terminate the associated Spot Instance if there is one present.

Spot Instances requests with a one-time type will close the spot request when the instance is terminated either by the request being below the current spot price availability or by a user.

NOTE: Because their behavior depends on the live status of the spot market, Spot Instance Requests have a unique lifecycle that makes them behave differently than other resources. Most importantly: there is no guarantee that a Spot Instance exists to fulfill the request at any given point in time. See the AWS Spot Instance documentation for more information.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

// Request a spot instance at $0.03
const cheapWorker = new aws.ec2.SpotInstanceRequest("cheapWorker", {
    ami: "ami-1234",
    instanceType: "c4.xlarge",
    spotPrice: "0.03",
    tags: {
        Name: "CheapWorker",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/spot_instance_request.html.markdown.

constructor 

new SpotInstanceRequest(name: string, args: SpotInstanceRequestArgs, opts?: pulumi.CustomResourceOptions)

Create a SpotInstanceRequest resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SpotInstanceRequestState, opts?: pulumi.CustomResourceOptions): SpotInstanceRequest

Get an existing SpotInstanceRequest resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of SpotInstanceRequest. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property ami 

public ami: pulumi.Output<string>;

The AMI to use for the instance.

property arn 

public arn: pulumi.Output<string>;

property associatePublicIpAddress 

public associatePublicIpAddress: pulumi.Output<boolean>;

Associate a public ip address with an instance in a VPC. Boolean value.

property availabilityZone 

public availabilityZone: pulumi.Output<string>;

The AZ to start the instance in.

property blockDurationMinutes 

public blockDurationMinutes: pulumi.Output<number | undefined>;

The required duration for the Spot instances, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360). The duration period starts as soon as your Spot instance receives its instance ID. At the end of the duration period, Amazon EC2 marks the Spot instance for termination and provides a Spot instance termination notice, which gives the instance a two-minute warning before it terminates. Note that you can’t specify an Availability Zone group or a launch group if you specify a duration.

property cpuCoreCount 

public cpuCoreCount: pulumi.Output<number>;

Sets the number of CPU cores for an instance. This option is only supported on creation of instance type that support CPU Options CPU Cores and Threads Per CPU Core Per Instance Type - specifying this option for unsupported instance types will return an error from the EC2 API.

property cpuThreadsPerCore 

public cpuThreadsPerCore: pulumi.Output<number>;

If set to to 1, hyperthreading is disabled on the launched instance. Defaults to 2 if not set. See Optimizing CPU Options for more information.

property creditSpecification 

public creditSpecification: pulumi.Output<outputs.ec2.SpotInstanceRequestCreditSpecification | undefined>;

Customize the credit specification of the instance. See Credit Specification below for more details.

property disableApiTermination 

public disableApiTermination: pulumi.Output<boolean | undefined>;

If true, enables EC2 Instance Termination Protection

property ebsBlockDevices 

public ebsBlockDevices: pulumi.Output<outputs.ec2.SpotInstanceRequestEbsBlockDevice[]>;

Additional EBS block devices to attach to the instance. Block device configurations only apply on resource creation. See Block Devices below for details on attributes and drift detection.

property ebsOptimized 

public ebsOptimized: pulumi.Output<boolean | undefined>;

If true, the launched EC2 instance will be EBS-optimized. Note that if this is not set on an instance type that is optimized by default then this will show as disabled but if the instance type is optimized by default then there is no need to set this and there is no effect to disabling it. See the EBS Optimized section of the AWS User Guide for more information.

property ephemeralBlockDevices 

public ephemeralBlockDevices: pulumi.Output<outputs.ec2.SpotInstanceRequestEphemeralBlockDevice[]>;

Customize Ephemeral (also known as “Instance Store”) volumes on the instance. See Block Devices below for details.

property getPasswordData 

public getPasswordData: pulumi.Output<boolean | undefined>;

If true, wait for password data to become available and retrieve it. Useful for getting the administrator password for instances running Microsoft Windows. The password data is exported to the passwordData attribute. See GetPasswordData for more information.

property hostId 

public hostId: pulumi.Output<string>;

The Id of a dedicated host that the instance will be assigned to. Use when an instance is to be launched on a specific dedicated host.

property iamInstanceProfile 

public iamInstanceProfile: pulumi.Output<string | undefined>;

The IAM Instance Profile to launch the instance with. Specified as the name of the Instance Profile. Ensure your credentials have the correct permission to assign the instance profile according to the EC2 documentation, notably iam:PassRole. * ipv6AddressCount- (Optional) A number of IPv6 addresses to associate with the primary network interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceInitiatedShutdownBehavior 

public instanceInitiatedShutdownBehavior: pulumi.Output<string | undefined>;

Shutdown behavior for the instance. Amazon defaults this to stop for EBS-backed instances and terminate for instance-store instances. Cannot be set on instance-store instances. See Shutdown Behavior for more information.

property instanceInterruptionBehaviour 

public instanceInterruptionBehaviour: pulumi.Output<string | undefined>;

Indicates whether a Spot instance stops or terminates when it is interrupted. Default is terminate as this is the current AWS behaviour.

property instanceState 

public instanceState: pulumi.Output<string>;

property instanceType 

public instanceType: pulumi.Output<string>;

The type of instance to start. Updates to this field will trigger a stop/start of the EC2 instance.

property ipv6AddressCount 

public ipv6AddressCount: pulumi.Output<number>;

property ipv6Addresses 

public ipv6Addresses: pulumi.Output<string[]>;

Specify one or more IPv6 addresses from the range of the subnet to associate with the primary network interface

property keyName 

public keyName: pulumi.Output<string>;

The key name of the Key Pair to use for the instance; which can be managed using the aws.ec2.KeyPair resource.

property launchGroup 

public launchGroup: pulumi.Output<string | undefined>;

A launch group is a group of spot instances that launch together and terminate together. If left empty instances are launched and terminated individually.

property monitoring 

public monitoring: pulumi.Output<boolean | undefined>;

If true, the launched EC2 instance will have detailed monitoring enabled. (Available since v0.6.0)

property networkInterfaces 

public networkInterfaces: pulumi.Output<outputs.ec2.SpotInstanceRequestNetworkInterface[]>;

Customize network interfaces to be attached at instance boot time. See Network Interfaces below for more details.

property passwordData 

public passwordData: pulumi.Output<string>;

property placementGroup 

public placementGroup: pulumi.Output<string>;

The Placement Group to start the instance in.

property primaryNetworkInterfaceId 

public primaryNetworkInterfaceId: pulumi.Output<string>;

property privateDns 

public privateDns: pulumi.Output<string>;

The private DNS name assigned to the instance. Can only be used inside the Amazon EC2, and only available if you’ve enabled DNS hostnames for your VPC

property privateIp 

public privateIp: pulumi.Output<string>;

Private IP address to associate with the instance in a VPC.

property publicDns 

public publicDns: pulumi.Output<string>;

The public DNS name assigned to the instance. For EC2-VPC, this is only available if you’ve enabled DNS hostnames for your VPC

property publicIp 

public publicIp: pulumi.Output<string>;

The public IP address assigned to the instance, if applicable.

property rootBlockDevice 

public rootBlockDevice: pulumi.Output<outputs.ec2.SpotInstanceRequestRootBlockDevice>;

Customize details about the root block device of the instance. See Block Devices below for details.

property securityGroups 

public securityGroups: pulumi.Output<string[]>;

A list of security group names (EC2-Classic) or IDs (default VPC) to associate with.

property sourceDestCheck 

public sourceDestCheck: pulumi.Output<boolean | undefined>;

Controls if traffic is routed to the instance when the destination address does not match the instance. Used for NAT or VPNs. Defaults true.

property spotBidStatus 

public spotBidStatus: pulumi.Output<string>;

The current bid status of the Spot Instance Request. * spotRequestState The current request state of the Spot Instance Request.

property spotInstanceId 

public spotInstanceId: pulumi.Output<string>;

The Instance ID (if any) that is currently fulfilling the Spot Instance request.

property spotPrice 

public spotPrice: pulumi.Output<string | undefined>;

The maximum price to request on the spot market.

property spotRequestState 

public spotRequestState: pulumi.Output<string>;

property spotType 

public spotType: pulumi.Output<string | undefined>;

If set to one-time, after the instance is terminated, the spot request will be closed.

property subnetId 

public subnetId: pulumi.Output<string>;

The VPC Subnet ID to launch in.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property tenancy 

public tenancy: pulumi.Output<string>;

The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of dedicated runs on single-tenant hardware. The host tenancy is not supported for the import-instance command.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property userData 

public userData: pulumi.Output<string | undefined>;

The user data to provide when launching the instance. Do not pass gzip-compressed data via this argument; see userDataBase64 instead.

property userDataBase64 

public userDataBase64: pulumi.Output<string | undefined>;

Can be used instead of userData to pass base64-encoded binary data directly. Use this instead of userData whenever the value is not a valid UTF-8 string. For example, gzip-encoded user data must be base64-encoded and passed via this argument to avoid corruption.

property validFrom 

public validFrom: pulumi.Output<string>;

The start date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ). The default is to start fulfilling the request immediately.

property validUntil 

public validUntil: pulumi.Output<string>;

The end date and time of the request, in UTC RFC3339 format(for example, YYYY-MM-DDTHH:MM:SSZ). At this point, no new Spot instance requests are placed or enabled to fulfill the request. The default end date is 7 days from the current date.

property volumeTags 

public volumeTags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the devices created by the instance at launch time.

property vpcSecurityGroupIds 

public vpcSecurityGroupIds: pulumi.Output<string[]>;

A list of security group IDs to associate with.

property waitForFulfillment 

public waitForFulfillment: pulumi.Output<boolean | undefined>;

If set, this provider will wait for the Spot Request to be fulfilled, and will throw an error if the timeout of 10m is reached.

Resource Subnet 

class Subnet extends CustomResource

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/subnet.html.markdown.

constructor 

new Subnet(name: string, args: SubnetArgs, opts?: pulumi.CustomResourceOptions)

Create a Subnet resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: SubnetState, opts?: pulumi.CustomResourceOptions): Subnet

Get an existing Subnet resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Subnet. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn 

public arn: pulumi.Output<string>;

The ARN of the subnet.

property assignIpv6AddressOnCreation 

public assignIpv6AddressOnCreation: pulumi.Output<boolean | undefined>;

Specify true to indicate that network interfaces created in the specified subnet should be assigned an IPv6 address. Default is false

property availabilityZone 

public availabilityZone: pulumi.Output<string>;

The AZ for the subnet.

property availabilityZoneId 

public availabilityZoneId: pulumi.Output<string>;

The AZ ID of the subnet.

property cidrBlock 

public cidrBlock: pulumi.Output<string>;

The CIDR block for the subnet.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipv6CidrBlock 

public ipv6CidrBlock: pulumi.Output<string>;

The IPv6 network range for the subnet, in CIDR notation. The subnet size must use a /64 prefix length.

property ipv6CidrBlockAssociationId 

public ipv6CidrBlockAssociationId: pulumi.Output<string>;

The association ID for the IPv6 CIDR block.

property mapPublicIpOnLaunch 

public mapPublicIpOnLaunch: pulumi.Output<boolean | undefined>;

Specify true to indicate that instances launched into the subnet should be assigned a public IP address. Default is false.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the subnet.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The VPC ID.

Resource VolumeAttachment 

class VolumeAttachment extends CustomResource

Provides an AWS EBS Volume Attachment as a top level resource, to attach and detach volumes from AWS Instances.

NOTE on EBS block devices: If you use ebsBlockDevice on an aws.ec2.Instance, this provider will assume management over the full set of non-root EBS block devices for the instance, and treats additional block devices as drift. For this reason, ebsBlockDevice cannot be mixed with external aws.ebs.Volume + awsEbsVolumeAttachment resources for a given instance.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const web = new aws.ec2.Instance("web", {
    ami: "ami-21f78e11",
    availabilityZone: "us-west-2a",
    instanceType: "t1.micro",
    tags: {
        Name: "HelloWorld",
    },
});
const example = new aws.ebs.Volume("example", {
    availabilityZone: "us-west-2a",
    size: 1,
});
const ebsAtt = new aws.ec2.VolumeAttachment("ebsAtt", {
    deviceName: "/dev/sdh",
    instanceId: web.id,
    volumeId: example.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/volume_attachment.html.markdown.

constructor 

new VolumeAttachment(name: string, args: VolumeAttachmentArgs, opts?: pulumi.CustomResourceOptions)

Create a VolumeAttachment resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VolumeAttachmentState, opts?: pulumi.CustomResourceOptions): VolumeAttachment

Get an existing VolumeAttachment resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of VolumeAttachment. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property deviceName 

public deviceName: pulumi.Output<string>;

The device name to expose to the instance (for example, /dev/sdh or xvdh). See Device Naming on Linux Instances and Device Naming on Windows Instances for more information.

property forceDetach 

public forceDetach: pulumi.Output<boolean | undefined>;

Set to true if you want to force the volume to detach. Useful if previous attempts failed, but use this option only as a last resort, as this can result in data loss. See [Detaching an Amazon EBS Volume from an Instance][3] for more information.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceId 

public instanceId: pulumi.Output<string>;

ID of the Instance to attach to

property skipDestroy 

public skipDestroy: pulumi.Output<boolean | undefined>;

Set this to true if you do not wish to detach the volume from the instance to which it is attached at destroy time, and instead just remove the attachment from this provider state. This is useful when destroying an instance which has volumes created by some other means attached.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property volumeId 

public volumeId: pulumi.Output<string>;

ID of the Volume to be attached

Resource Vpc 

class Vpc extends CustomResource

Provides a VPC resource.

Example Usage

Basic usage:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = new aws.ec2.Vpc("main", {
    cidrBlock: "10.0.0.0/16",
});

Basic usage with tags:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const main = new aws.ec2.Vpc("main", {
    cidrBlock: "10.0.0.0/16",
    instanceTenancy: "dedicated",
    tags: {
        Name: "main",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc.html.markdown.

constructor 

new Vpc(name: string, args: VpcArgs, opts?: pulumi.CustomResourceOptions)

Create a Vpc resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcState, opts?: pulumi.CustomResourceOptions): Vpc

Get an existing Vpc resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of Vpc. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property arn 

public arn: pulumi.Output<string>;

Amazon Resource Name (ARN) of VPC

property assignGeneratedIpv6CidrBlock 

public assignGeneratedIpv6CidrBlock: pulumi.Output<boolean | undefined>;

Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false.

property cidrBlock 

public cidrBlock: pulumi.Output<string>;

The CIDR block for the VPC.

property defaultNetworkAclId 

public defaultNetworkAclId: pulumi.Output<string>;

The ID of the network ACL created by default on VPC creation

property defaultRouteTableId 

public defaultRouteTableId: pulumi.Output<string>;

The ID of the route table created by default on VPC creation

property defaultSecurityGroupId 

public defaultSecurityGroupId: pulumi.Output<string>;

The ID of the security group created by default on VPC creation

property dhcpOptionsId 

public dhcpOptionsId: pulumi.Output<string>;
public enableClassiclink: pulumi.Output<boolean>;

A boolean flag to enable/disable ClassicLink for the VPC. Only valid in regions and accounts that support EC2 Classic. See the ClassicLink documentation for more information. Defaults false.

property enableClassiclinkDnsSupport 

public enableClassiclinkDnsSupport: pulumi.Output<boolean>;

A boolean flag to enable/disable ClassicLink DNS Support for the VPC. Only valid in regions and accounts that support EC2 Classic.

property enableDnsHostnames 

public enableDnsHostnames: pulumi.Output<boolean>;

A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.

property enableDnsSupport 

public enableDnsSupport: pulumi.Output<boolean | undefined>;

A boolean flag to enable/disable DNS support in the VPC. Defaults true.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property instanceTenancy 

public instanceTenancy: pulumi.Output<string | undefined>;

A tenancy option for instances launched into the VPC

property ipv6AssociationId 

public ipv6AssociationId: pulumi.Output<string>;

The association ID for the IPv6 CIDR block.

property ipv6CidrBlock 

public ipv6CidrBlock: pulumi.Output<string>;

The IPv6 CIDR block.

property mainRouteTableId 

public mainRouteTableId: pulumi.Output<string>;

The ID of the main route table associated with this VPC. Note that you can change a VPC’s main route table by using an aws.ec2.MainRouteTableAssociation.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the VPC.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource VpcDhcpOptions 

class VpcDhcpOptions extends CustomResource

Provides a VPC DHCP Options resource.

Example Usage

Basic usage:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const dnsResolver = new aws.ec2.VpcDhcpOptions("dnsResolver", {
    domainNameServers: [
        "8.8.8.8",
        "8.8.4.4",
    ],
});

Full usage:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const foo = new aws.ec2.VpcDhcpOptions("foo", {
    domainName: "service.consul",
    domainNameServers: [
        "127.0.0.1",
        "10.0.0.2",
    ],
    netbiosNameServers: ["127.0.0.1"],
    netbiosNodeType: "2",
    ntpServers: ["127.0.0.1"],
    tags: {
        Name: "foo-name",
    },
});

Remarks

  • Notice that all arguments are optional but you have to specify at least one argument.
  • domainNameServers, netbiosNameServers, ntpServers are limited by AWS to maximum four servers only.
  • To actually use the DHCP Options Set you need to associate it to a VPC using aws.ec2.VpcDhcpOptionsAssociation.
  • If you delete a DHCP Options Set, all VPCs using it will be associated to AWS’s default DHCP Option Set.
  • In most cases unless you’re configuring your own DNS you’ll want to set domainNameServers to AmazonProvidedDNS.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc_dhcp_options.html.markdown.

constructor 

new VpcDhcpOptions(name: string, args?: VpcDhcpOptionsArgs, opts?: pulumi.CustomResourceOptions)

Create a VpcDhcpOptions resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcDhcpOptionsState, opts?: pulumi.CustomResourceOptions): VpcDhcpOptions

Get an existing VpcDhcpOptions resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of VpcDhcpOptions. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property domainName 

public domainName: pulumi.Output<string | undefined>;

the suffix domain name to use by default when resolving non Fully Qualified Domain Names. In other words, this is what ends up being the search value in the /etc/resolv.conf file.

property domainNameServers 

public domainNameServers: pulumi.Output<string[] | undefined>;

List of name servers to configure in /etc/resolv.conf. If you want to use the default AWS nameservers you should set this to AmazonProvidedDNS.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property netbiosNameServers 

public netbiosNameServers: pulumi.Output<string[] | undefined>;

List of NETBIOS name servers.

property netbiosNodeType 

public netbiosNodeType: pulumi.Output<string | undefined>;

The NetBIOS node type (1, 2, 4, or 8). AWS recommends to specify 2 since broadcast and multicast are not supported in their network. For more information about these node types, see RFC 2132.

property ntpServers 

public ntpServers: pulumi.Output<string[] | undefined>;

List of NTP servers to configure.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the DHCP options set.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource VpcDhcpOptionsAssociation 

class VpcDhcpOptionsAssociation extends CustomResource

Provides a VPC DHCP Options Association resource.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const dnsResolver = new aws.ec2.VpcDhcpOptionsAssociation("dnsResolver", {
    dhcpOptionsId: aws_vpc_dhcp_options_foo.id,
    vpcId: aws_vpc_foo.id,
});

Remarks

  • You can only associate one DHCP Options Set to a given VPC ID.
  • Removing the DHCP Options Association automatically sets AWS’s default DHCP Options Set to the VPC.

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc_dhcp_options_association.html.markdown.

constructor 

new VpcDhcpOptionsAssociation(name: string, args: VpcDhcpOptionsAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a VpcDhcpOptionsAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcDhcpOptionsAssociationState, opts?: pulumi.CustomResourceOptions): VpcDhcpOptionsAssociation

Get an existing VpcDhcpOptionsAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of VpcDhcpOptionsAssociation. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property dhcpOptionsId 

public dhcpOptionsId: pulumi.Output<string>;

The ID of the DHCP Options Set to associate to the VPC.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcId 

public vpcId: pulumi.Output<string>;

The ID of the VPC to which we would like to associate a DHCP Options Set.

Resource VpcEndpoint 

class VpcEndpoint extends CustomResource

Provides a VPC Endpoint resource.

NOTE on VPC Endpoints and VPC Endpoint Associations: This provider provides both standalone VPC Endpoint Associations for Route Tables - (an association between a VPC endpoint and a single routeTableId) and Subnets - (an association between a VPC endpoint and a single subnetId) and a VPC Endpoint resource with routeTableIds and subnetIds attributes. Do not use the same resource ID in both a VPC Endpoint resource and a VPC Endpoint Association resource. Doing so will cause a conflict of associations and will overwrite the association.

Example Usage

Basic
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const s3 = new aws.ec2.VpcEndpoint("s3", {
    serviceName: "com.amazonaws.us-west-2.s3",
    vpcId: aws_vpc_main.id,
});
Basic w/ Tags
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const s3 = new aws.ec2.VpcEndpoint("s3", {
    serviceName: "com.amazonaws.us-west-2.s3",
    tags: {
        Environment: "test",
    },
    vpcId: aws_vpc_main.id,
});
Interface Endpoint Type
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ec2 = new aws.ec2.VpcEndpoint("ec2", {
    privateDnsEnabled: true,
    securityGroupIds: [aws_security_group_sg1.id],
    serviceName: "com.amazonaws.us-west-2.ec2",
    vpcEndpointType: "Interface",
    vpcId: aws_vpc_main.id,
});
Custom Service
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ptfeServiceVpcEndpoint = new aws.ec2.VpcEndpoint("ptfeService", {
    privateDnsEnabled: false,
    securityGroupIds: [aws_security_group_ptfe_service.id],
    serviceName: var_ptfe_service,
    subnetIds: [localSubnetIds],
    vpcEndpointType: "Interface",
    vpcId: var_vpc_id,
});
const internal = aws.route53.getZone({
    name: "vpc.internal.",
    privateZone: true,
    vpcId: var_vpc_id,
});
const ptfeServiceRecord = new aws.route53.Record("ptfeService", {
    records: [ptfeServiceVpcEndpoint.dnsEntries.apply(dnsEntries => (<any>dnsEntries[0])["dnsName"])],
    ttl: 300,
    type: "CNAME",
    zoneId: internal.zoneId!,
});

NOTE The dnsEntry output is a list of maps: This provider interpolation support for lists of maps requires the lookup and [] until full support of lists of maps is available

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc_endpoint.html.markdown.

constructor 

new VpcEndpoint(name: string, args: VpcEndpointArgs, opts?: pulumi.CustomResourceOptions)

Create a VpcEndpoint resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcEndpointState, opts?: pulumi.CustomResourceOptions): VpcEndpoint

Get an existing VpcEndpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of VpcEndpoint. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property autoAccept 

public autoAccept: pulumi.Output<boolean | undefined>;

Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).

property cidrBlocks 

public cidrBlocks: pulumi.Output<string[]>;

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

property dnsEntries 

public dnsEntries: pulumi.Output<outputs.ec2.VpcEndpointDnsEntry[]>;

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property networkInterfaceIds 

public networkInterfaceIds: pulumi.Output<string[]>;

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

property ownerId 

public ownerId: pulumi.Output<string>;

The ID of the AWS account that owns the VPC endpoint.

property policy 

public policy: pulumi.Output<string>;

A policy to attach to the endpoint that controls access to the service. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.

property prefixListId 

public prefixListId: pulumi.Output<string>;

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

property privateDnsEnabled 

public privateDnsEnabled: pulumi.Output<boolean | undefined>;

Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to false.

property requesterManaged 

public requesterManaged: pulumi.Output<boolean>;

Whether or not the VPC Endpoint is being managed by its service - true or false.

property routeTableIds 

public routeTableIds: pulumi.Output<string[]>;

One or more route table IDs. Applicable for endpoints of type Gateway.

property securityGroupIds 

public securityGroupIds: pulumi.Output<string[]>;

The ID of one or more security groups to associate with the network interface. Required for endpoints of type Interface.

property serviceName 

public serviceName: pulumi.Output<string>;

The service name, in the form com.amazonaws.region.service for AWS services.

property state 

public state: pulumi.Output<string>;

The state of the VPC endpoint.

property subnetIds 

public subnetIds: pulumi.Output<string[]>;

The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type Interface.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcEndpointType 

public vpcEndpointType: pulumi.Output<string | undefined>;

The VPC endpoint type, Gateway or Interface. Defaults to Gateway.

property vpcId 

public vpcId: pulumi.Output<string>;

The ID of the VPC in which the endpoint will be used.

Resource VpcEndpointConnectionNotification 

class VpcEndpointConnectionNotification extends CustomResource

Provides a VPC Endpoint connection notification resource. Connection notifications notify subscribers of VPC Endpoint events.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const topic = new aws.sns.Topic("topic", {
    policy: `{
    "Version":"2012-10-17",
    "Statement":[{
        "Effect": "Allow",
        "Principal": {
            "Service": "vpce.amazonaws.com"
        },
        "Action": "SNS:Publish",
        "Resource": "arn:aws:sns:*:*:vpce-notification-topic"
    }]
}
`,
});
const fooVpcEndpointService = new aws.ec2.VpcEndpointService("foo", {
    acceptanceRequired: false,
    networkLoadBalancerArns: [aws_lb_test.arn],
});
const fooVpcEndpointConnectionNotification = new aws.ec2.VpcEndpointConnectionNotification("foo", {
    connectionEvents: [
        "Accept",
        "Reject",
    ],
    connectionNotificationArn: topic.arn,
    vpcEndpointServiceId: fooVpcEndpointService.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc_endpoint_connection_notification.html.markdown.

constructor 

new VpcEndpointConnectionNotification(name: string, args: VpcEndpointConnectionNotificationArgs, opts?: pulumi.CustomResourceOptions)

Create a VpcEndpointConnectionNotification resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcEndpointConnectionNotificationState, opts?: pulumi.CustomResourceOptions): VpcEndpointConnectionNotification

Get an existing VpcEndpointConnectionNotification resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of VpcEndpointConnectionNotification. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property connectionEvents 

public connectionEvents: pulumi.Output<string[]>;

One or more endpoint events for which to receive notifications.

property connectionNotificationArn 

public connectionNotificationArn: pulumi.Output<string>;

The ARN of the SNS topic for the notifications.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property notificationType 

public notificationType: pulumi.Output<string>;

The type of notification.

property state 

public state: pulumi.Output<string>;

The state of the notification.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcEndpointId 

public vpcEndpointId: pulumi.Output<string | undefined>;

The ID of the VPC Endpoint to receive notifications for.

property vpcEndpointServiceId 

public vpcEndpointServiceId: pulumi.Output<string | undefined>;

The ID of the VPC Endpoint Service to receive notifications for.

Resource VpcEndpointRouteTableAssociation 

class VpcEndpointRouteTableAssociation extends CustomResource

Manages a VPC Endpoint Route Table Association

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.VpcEndpointRouteTableAssociation("example", {
    routeTableId: aws_route_table_example.id,
    vpcEndpointId: aws_vpc_endpoint_example.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc_endpoint_route_table_association.html.markdown.

constructor 

new VpcEndpointRouteTableAssociation(name: string, args: VpcEndpointRouteTableAssociationArgs, opts?: pulumi.CustomResourceOptions)

Create a VpcEndpointRouteTableAssociation resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcEndpointRouteTableAssociationState, opts?: pulumi.CustomResourceOptions): VpcEndpointRouteTableAssociation

Get an existing VpcEndpointRouteTableAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of VpcEndpointRouteTableAssociation. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property routeTableId 

public routeTableId: pulumi.Output<string>;

Identifier of the EC2 Route Table to be associated with the VPC Endpoint.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property vpcEndpointId 

public vpcEndpointId: pulumi.Output<string>;

Identifier of the VPC Endpoint with which the EC2 Route Table will be associated.

Resource VpcEndpointService 

class VpcEndpointService extends CustomResource

Provides a VPC Endpoint Service resource. Service consumers can create an Interface VPC Endpoint to connect to the service.

NOTE on VPC Endpoint Services and VPC Endpoint Service Allowed Principals: This provider provides both a standalone VPC Endpoint Service Allowed Principal resource and a VPC Endpoint Service resource with an allowedPrincipals attribute. Do not use the same principal ARN in both a VPC Endpoint Service resource and a VPC Endpoint Service Allowed Principal resource. Doing so will cause a conflict and will overwrite the association.

Example Usage

Basic
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.VpcEndpointService("example", {
    acceptanceRequired: false,
    networkLoadBalancerArns: [aws_lb_example.arn],
});
Basic w/ Tags
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.ec2.VpcEndpointService("example", {
    acceptanceRequired: false,
    networkLoadBalancerArns: [aws_lb_example.arn],
    tags: {
        Environment: "test",
    },
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc_endpoint_service.html.markdown.

constructor 

new VpcEndpointService(name: string, args: VpcEndpointServiceArgs, opts?: pulumi.CustomResourceOptions)

Create a VpcEndpointService resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcEndpointServiceState, opts?: pulumi.CustomResourceOptions): VpcEndpointService

Get an existing VpcEndpointService resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of VpcEndpointService. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property acceptanceRequired 

public acceptanceRequired: pulumi.Output<boolean>;

Whether or not VPC endpoint connection requests to the service must be accepted by the service owner - true or false.

property allowedPrincipals 

public allowedPrincipals: pulumi.Output<string[]>;

The ARNs of one or more principals allowed to discover the endpoint service.

property availabilityZones 

public availabilityZones: pulumi.Output<string[]>;

The Availability Zones in which the service is available.

property baseEndpointDnsNames 

public baseEndpointDnsNames: pulumi.Output<string[]>;

The DNS names for the service.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property managesVpcEndpoints 

public managesVpcEndpoints: pulumi.Output<boolean>;

Whether or not the service manages its VPC endpoints - true or false.

property networkLoadBalancerArns 

public networkLoadBalancerArns: pulumi.Output<string[]>;

The ARNs of one or more Network Load Balancers for the endpoint service.

property privateDnsName 

public privateDnsName: pulumi.Output<string>;

The private DNS name for the service.

property serviceName 

public serviceName: pulumi.Output<string>;

The service name.

property serviceType 

public serviceType: pulumi.Output<string>;

The service type, Gateway or Interface.

property state 

public state: pulumi.Output<string>;

The state of the VPC endpoint service.

property tags 

public tags: pulumi.Output<{[key: string]: any} | undefined>;

A mapping of tags to assign to the resource.

property urn 

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

Resource VpcEndpointServiceAllowedPrinciple 

class VpcEndpointServiceAllowedPrinciple extends CustomResource

Provides a resource to allow a principal to discover a VPC endpoint service.

NOTE on VPC Endpoint Services and VPC Endpoint Service Allowed Principals: This provider provides both a standalone VPC Endpoint Service Allowed Principal resource and a VPC Endpoint Service resource with an allowedPrincipals attribute. Do not use the same principal ARN in both a VPC Endpoint Service resource and a VPC Endpoint Service Allowed Principal resource. Doing so will cause a conflict and will overwrite the association.

Example Usage

Basic usage:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const current = aws.getCallerIdentity();
const allowMeToFoo = new aws.ec2.VpcEndpointServiceAllowedPrinciple("allowMeToFoo", {
    principalArn: current.arn,
    vpcEndpointServiceId: aws_vpc_endpoint_service_foo.id,
});

This content is derived from https://github.com/terraform-providers/terraform-provider-aws/blob/master/website/docs/r/vpc_endpoint_service_allowed_principal.html.markdown.

constructor 

new VpcEndpointServiceAllowedPrinciple(name: string, args: VpcEndpointServiceAllowedPrincipleArgs, opts?: pulumi.CustomResourceOptions)

Create a VpcEndpointServiceAllowedPrinciple resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get 

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: VpcEndpointServiceAllowedPrincipleState, opts?: pulumi.CustomResourceOptions): VpcEndpointServiceAllowedPrinciple

Get an existing VpcEndpointServiceAllowedPrinciple resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider 

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance 

public static isInstance(obj: any): boolean

Returns true if the given object is an instance of VpcEndpointServiceAllowedPrinciple. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property id 

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.