The Automation API is now available. No CLI. No human-in-the-loop. Just your code. Learn More

This page documents the language specification for the aws package. If you're looking for help working with the inputs, outputs, or functions of aws resources in a Pulumi program, please see the resource documentation for examples and API reference.

Pulumi AWS

This provider is a derived work of the Terraform Provider distributed under MPL 2.0. If you encounter a bug or missing feature, first check the pulumi/pulumi-aws repo; however, if that doesn’t turn up anything, please consult the source terraform-providers/terraform-provider-aws repo.

class pulumi_aws.AwaitableGetAmiIdsResult(executable_users=None, filters=None, id=None, ids=None, name_regex=None, owners=None, sort_ascending=None)
class pulumi_aws.AwaitableGetAmiResult(architecture=None, arn=None, block_device_mappings=None, creation_date=None, description=None, executable_users=None, filters=None, hypervisor=None, id=None, image_id=None, image_location=None, image_owner_alias=None, image_type=None, kernel_id=None, most_recent=None, name=None, name_regex=None, owner_id=None, owners=None, platform=None, product_codes=None, public=None, ramdisk_id=None, root_device_name=None, root_device_type=None, root_snapshot_id=None, sriov_net_support=None, state=None, state_reason=None, tags=None, virtualization_type=None)
class pulumi_aws.AwaitableGetArnResult(account=None, arn=None, id=None, partition=None, region=None, resource=None, service=None)
class pulumi_aws.AwaitableGetAutoscalingGroupsResult(arns=None, filters=None, id=None, names=None)
class pulumi_aws.AwaitableGetAvailabilityZoneResult(all_availability_zones=None, filters=None, group_name=None, id=None, name=None, name_suffix=None, network_border_group=None, opt_in_status=None, region=None, state=None, zone_id=None)
class pulumi_aws.AwaitableGetAvailabilityZonesResult(all_availability_zones=None, exclude_names=None, exclude_zone_ids=None, filters=None, group_names=None, id=None, names=None, state=None, zone_ids=None)
class pulumi_aws.AwaitableGetBillingServiceAccountResult(arn=None, id=None)
class pulumi_aws.AwaitableGetCallerIdentityResult(account_id=None, arn=None, id=None, user_id=None)
class pulumi_aws.AwaitableGetCanonicalUserIdResult(display_name=None, id=None)
class pulumi_aws.AwaitableGetElasticIpResult(association_id=None, customer_owned_ip=None, customer_owned_ipv4_pool=None, domain=None, filters=None, id=None, instance_id=None, network_interface_id=None, network_interface_owner_id=None, private_dns=None, private_ip=None, public_dns=None, public_ip=None, public_ipv4_pool=None, tags=None)
class pulumi_aws.AwaitableGetIpRangesResult(cidr_blocks=None, create_date=None, id=None, ipv6_cidr_blocks=None, regions=None, services=None, sync_token=None, url=None)
class pulumi_aws.AwaitableGetPartitionResult(dns_suffix=None, id=None, partition=None)
class pulumi_aws.AwaitableGetPrefixListResult(cidr_blocks=None, filters=None, id=None, name=None, prefix_list_id=None)
class pulumi_aws.AwaitableGetRegionResult(description=None, endpoint=None, id=None, name=None)
class pulumi_aws.AwaitableGetRegionsResult(all_regions=None, filters=None, id=None, names=None)
class pulumi_aws.GetAmiIdsResult(executable_users=None, filters=None, id=None, ids=None, name_regex=None, owners=None, sort_ascending=None)

A collection of values returned by getAmiIds.

property id

The provider-assigned unique ID for this managed resource.

class pulumi_aws.GetAmiResult(architecture=None, arn=None, block_device_mappings=None, creation_date=None, description=None, executable_users=None, filters=None, hypervisor=None, id=None, image_id=None, image_location=None, image_owner_alias=None, image_type=None, kernel_id=None, most_recent=None, name=None, name_regex=None, owner_id=None, owners=None, platform=None, product_codes=None, public=None, ramdisk_id=None, root_device_name=None, root_device_type=None, root_snapshot_id=None, sriov_net_support=None, state=None, state_reason=None, tags=None, virtualization_type=None)

A collection of values returned by getAmi.

property architecture

The OS architecture of the AMI (ie: i386 or x86_64).

property arn

The ARN of the AMI.

property block_device_mappings

The block device mappings of the AMI.

  • block_device_mappings.#.device_name - The physical name of the device.

  • block_device_mappings.#.ebs.delete_on_termination - true if the EBS volume will be deleted on termination.

  • block_device_mappings.#.ebs.encrypted - true if the EBS volume is encrypted.

  • block_device_mappings.#.ebs.iops - 0 if the EBS volume is not a provisioned IOPS image, otherwise the supported IOPS count.

  • block_device_mappings.#.ebs.snapshot_id - The ID of the snapshot.

  • block_device_mappings.#.ebs.volume_size - The size of the volume, in GiB.

  • block_device_mappings.#.ebs.volume_type - The volume type.

  • block_device_mappings.#.no_device - Suppresses the specified device included in the block device mapping of the AMI.

  • block_device_mappings.#.virtual_name - The virtual device name (for instance stores).

property creation_date

The date and time the image was created.

property description

The description of the AMI that was provided during image creation.

property hypervisor

The hypervisor type of the image.

property id

The provider-assigned unique ID for this managed resource.

property image_id

The ID of the AMI. Should be the same as the resource id.

property image_location

The location of the AMI.

property image_owner_alias

The AWS account alias (for example, amazon, self) or the AWS account ID of the AMI owner.

property image_type

The type of image.

property kernel_id

The kernel associated with the image, if any. Only applicable for machine images.

property name

The name of the AMI that was provided during image creation.

property owner_id

The AWS account ID of the image owner.

property platform

The value is Windows for Windows AMIs; otherwise blank.

property product_codes

Any product codes associated with the AMI.

  • product_codes.#.product_code_id - The product code.

  • product_codes.#.product_code_type - The type of product code.

property public

true if the image has public launch permissions.

property ramdisk_id

The RAM disk associated with the image, if any. Only applicable for machine images.

property root_device_name

The device name of the root device.

property root_device_type

The type of root device (ie: ebs or instance-store).

property root_snapshot_id

The snapshot id associated with the root device, if any (only applies to ebs root devices).

property sriov_net_support

Specifies whether enhanced networking is enabled.

property state

The current state of the AMI. If the state is available, the image is successfully registered and can be used to launch an instance.

property state_reason

Describes a state change. Fields are UNSET if not available.

  • state_reason.code - The reason code for the state change.

  • state_reason.message - The message for the state change.

property tags

Any tags assigned to the image.

  • tags.#.key - The key name of the tag.

  • tags.#.value - The value of the tag.

property virtualization_type

The type of virtualization of the AMI (ie: hvm or paravirtual).

class pulumi_aws.GetArnResult(account=None, arn=None, id=None, partition=None, region=None, resource=None, service=None)

A collection of values returned by getArn.

property account

The ID of the AWS account that owns the resource, without the hyphens.

property id

The provider-assigned unique ID for this managed resource.

property partition

The partition that the resource is in.

property region

The region the resource resides in. Note that the ARNs for some resources do not require a region, so this component might be omitted.

property resource

The content of this part of the ARN varies by service. It often includes an indicator of the type of resource—for example, an IAM user or Amazon RDS database —followed by a slash (/) or a colon (:), followed by the resource name itself.

property service

The service namespace that identifies the AWS product.

class pulumi_aws.GetAutoscalingGroupsResult(arns=None, filters=None, id=None, names=None)

A collection of values returned by getAutoscalingGroups.

property arns

A list of the Autoscaling Groups Arns in the current region.

property id

The provider-assigned unique ID for this managed resource.

property names

A list of the Autoscaling Groups in the current region.

class pulumi_aws.GetAvailabilityZoneResult(all_availability_zones=None, filters=None, group_name=None, id=None, name=None, name_suffix=None, network_border_group=None, opt_in_status=None, region=None, state=None, zone_id=None)

A collection of values returned by getAvailabilityZone.

property group_name

For Availability Zones, this is the same value as the Region name. For Local Zones, the name of the associated group, for example us-west-2-lax-1.

property id

The provider-assigned unique ID for this managed resource.

property name_suffix

The part of the AZ name that appears after the region name, uniquely identifying the AZ within its region.

property network_border_group

The name of the location from which the address is advertised.

property opt_in_status

For Availability Zones, this always has the value of opt-in-not-required. For Local Zones, this is the opt in status. The possible values are opted-in and not-opted-in.

property region

The region where the selected availability zone resides. This is always the region selected on the provider, since this data source searches only within that region.

class pulumi_aws.GetAvailabilityZonesResult(all_availability_zones=None, exclude_names=None, exclude_zone_ids=None, filters=None, group_names=None, id=None, names=None, state=None, zone_ids=None)

A collection of values returned by getAvailabilityZones.

property id

The provider-assigned unique ID for this managed resource.

property names

A list of the Availability Zone names available to the account.

property zone_ids

A list of the Availability Zone IDs available to the account.

class pulumi_aws.GetBillingServiceAccountResult(arn=None, id=None)

A collection of values returned by getBillingServiceAccount.

property arn

The ARN of the AWS billing service account.

property id

The provider-assigned unique ID for this managed resource.

class pulumi_aws.GetCallerIdentityResult(account_id=None, arn=None, id=None, user_id=None)

A collection of values returned by getCallerIdentity.

property account_id

The AWS Account ID number of the account that owns or contains the calling entity.

property arn

The AWS ARN associated with the calling entity.

property id

The provider-assigned unique ID for this managed resource.

property user_id

The unique identifier of the calling entity.

class pulumi_aws.GetCanonicalUserIdResult(display_name=None, id=None)

A collection of values returned by getCanonicalUserId.

property display_name

The human-friendly name linked to the canonical user ID. The bucket owner’s display name. NOTE: This value is only included in the response in the US East (N. Virginia), US West (N. California), US West (Oregon), Asia Pacific (Singapore), Asia Pacific (Sydney), Asia Pacific (Tokyo), EU (Ireland), and South America (São Paulo) regions.

property id

The provider-assigned unique ID for this managed resource.

class pulumi_aws.GetElasticIpResult(association_id=None, customer_owned_ip=None, customer_owned_ipv4_pool=None, domain=None, filters=None, id=None, instance_id=None, network_interface_id=None, network_interface_owner_id=None, private_dns=None, private_ip=None, public_dns=None, public_ip=None, public_ipv4_pool=None, tags=None)

A collection of values returned by getElasticIp.

property association_id

The ID representing the association of the address with an instance in a VPC.

property customer_owned_ip

Customer Owned IP.

property customer_owned_ipv4_pool

The ID of a Customer Owned IP Pool. For more on customer owned IP addressed check out Customer-owned IP addresses guide

property domain

Indicates whether the address is for use in EC2-Classic (standard) or in a VPC (vpc).

property id

If VPC Elastic IP, the allocation identifier. If EC2-Classic Elastic IP, the public IP address.

property instance_id

The ID of the instance that the address is associated with (if any).

property network_interface_id

The ID of the network interface.

property network_interface_owner_id

The ID of the AWS account that owns the network interface.

property private_dns

The Private DNS associated with the Elastic IP address.

property private_ip

The private IP address associated with the Elastic IP address.

property public_dns

Public DNS associated with the Elastic IP address.

property public_ip

Public IP address of Elastic IP.

property public_ipv4_pool

The ID of an address pool.

property tags

Key-value map of tags associated with Elastic IP.

class pulumi_aws.GetIpRangesResult(cidr_blocks=None, create_date=None, id=None, ipv6_cidr_blocks=None, regions=None, services=None, sync_token=None, url=None)

A collection of values returned by getIpRanges.

property cidr_blocks

The lexically ordered list of CIDR blocks.

property create_date

The publication time of the IP ranges (e.g. 2016-08-03-23-46-05).

property id

The provider-assigned unique ID for this managed resource.

property ipv6_cidr_blocks

The lexically ordered list of IPv6 CIDR blocks.

property sync_token

The publication time of the IP ranges, in Unix epoch time format (e.g. 1470267965).

class pulumi_aws.GetPartitionResult(dns_suffix=None, id=None, partition=None)

A collection of values returned by getPartition.

property dns_suffix

Base DNS domain name for the current partition (e.g. amazonaws.com in AWS Commercial, amazonaws.com.cn in AWS China).

property id

The provider-assigned unique ID for this managed resource.

property partition

Identifier of the current partition (e.g. aws in AWS Commercial, aws-cn in AWS China).

class pulumi_aws.GetPrefixListResult(cidr_blocks=None, filters=None, id=None, name=None, prefix_list_id=None)

A collection of values returned by getPrefixList.

property cidr_blocks

The list of CIDR blocks for the AWS service associated with the prefix list.

property id

The provider-assigned unique ID for this managed resource.

property name

The name of the selected prefix list.

class pulumi_aws.GetRegionResult(description=None, endpoint=None, id=None, name=None)

A collection of values returned by getRegion.

property description

The region’s description in this format: “Location (Region name)”.

property endpoint

The EC2 endpoint for the selected region.

property id

The provider-assigned unique ID for this managed resource.

property name

The name of the selected region.

class pulumi_aws.GetRegionsResult(all_regions=None, filters=None, id=None, names=None)

A collection of values returned by getRegions.

property id

The provider-assigned unique ID for this managed resource.

property names

Names of regions that meets the criteria.

class pulumi_aws.Provider(resource_name: str, opts: Optional[pulumi.resource.ResourceOptions] = None, access_key: Union[str, Awaitable[str], Output[T], None] = None, allowed_account_ids: Union[Sequence[Union[str, Awaitable[str], Output[T]]], Awaitable[Sequence[Union[str, Awaitable[str], Output[T]]]], Output[T], None] = None, assume_role: Union[ProviderAssumeRoleArgs, Mapping[str, Any], Awaitable[Union[ProviderAssumeRoleArgs, Mapping[str, Any]]], Output[T], None] = None, endpoints: Union[Sequence[Union[ProviderEndpointArgs, Mapping[str, Any], Awaitable[Union[ProviderEndpointArgs, Mapping[str, Any]]], Output[T]]], Awaitable[Sequence[Union[ProviderEndpointArgs, Mapping[str, Any], Awaitable[Union[ProviderEndpointArgs, Mapping[str, Any]]], Output[T]]]], Output[T], None] = None, forbidden_account_ids: Union[Sequence[Union[str, Awaitable[str], Output[T]]], Awaitable[Sequence[Union[str, Awaitable[str], Output[T]]]], Output[T], None] = None, ignore_tags: Union[ProviderIgnoreTagsArgs, Mapping[str, Any], Awaitable[Union[ProviderIgnoreTagsArgs, Mapping[str, Any]]], Output[T], None] = None, insecure: Union[bool, Awaitable[bool], Output[T], None] = None, max_retries: Union[int, Awaitable[int], Output[T], None] = None, profile: Union[str, Awaitable[str], Output[T], None] = None, region: Union[str, Awaitable[str], Output[T], None] = None, s3_force_path_style: Union[bool, Awaitable[bool], Output[T], None] = None, secret_key: Union[str, Awaitable[str], Output[T], None] = None, shared_credentials_file: Union[str, Awaitable[str], Output[T], None] = None, skip_credentials_validation: Union[bool, Awaitable[bool], Output[T], None] = None, skip_get_ec2_platforms: Union[bool, Awaitable[bool], Output[T], None] = None, skip_metadata_api_check: Union[bool, Awaitable[bool], Output[T], None] = None, skip_region_validation: Union[bool, Awaitable[bool], Output[T], None] = None, skip_requesting_account_id: Union[bool, Awaitable[bool], Output[T], None] = None, token: Union[str, Awaitable[str], Output[T], None] = None, __props__=None, __name__=None, __opts__=None)

The provider type for the aws package. By default, resources use package-wide configuration settings, however an explicit Provider instance may be created and passed during resource construction to achieve fine-grained programmatic control over provider settings. See the documentation for more information.

Parameters
  • resource_name (str) – The name of the resource.

  • opts (pulumi.ResourceOptions) – Options for the resource.

  • access_key (pulumi.Input[str]) – The access key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.

  • ignore_tags (pulumi.Input[pulumi.InputType['ProviderIgnoreTagsArgs']]) – Configuration block with settings to ignore resource tags across all resources.

  • insecure (pulumi.Input[bool]) – Explicitly allow the provider to perform “insecure” SSL requests. If omitted,default value is false

  • max_retries (pulumi.Input[int]) – The maximum number of times an AWS API request is being executed. If the API request still fails, an error is thrown.

  • profile (pulumi.Input[str]) – The profile for API operations. If not set, the default profile created with aws configure will be used.

  • region (pulumi.Input[str]) – The region where AWS operations will take place. Examples are us-east-1, us-west-2, etc.

  • s3_force_path_style (pulumi.Input[bool]) – Set this to true to force the request to use path-style addressing, i.e., http://s3.amazonaws.com/BUCKET/KEY. By default, the S3 client will use virtual hosted bucket addressing when possible (http://BUCKET.s3.amazonaws.com/KEY). Specific to the Amazon S3 service.

  • secret_key (pulumi.Input[str]) – The secret key for API operations. You can retrieve this from the ‘Security & Credentials’ section of the AWS console.

  • shared_credentials_file (pulumi.Input[str]) – The path to the shared credentials file. If not set this defaults to ~/.aws/credentials.

  • skip_credentials_validation (pulumi.Input[bool]) – Skip the credentials validation via STS API. Used for AWS API implementations that do not have STS available/implemented.

  • skip_get_ec2_platforms (pulumi.Input[bool]) – Skip getting the supported EC2 platforms. Used by users that don’t have ec2:DescribeAccountAttributes permissions.

  • skip_region_validation (pulumi.Input[bool]) – Skip static validation of region name. Used by users of alternative AWS-like APIs or users w/ access to regions that are not public (yet).

  • skip_requesting_account_id (pulumi.Input[bool]) – Skip requesting the account ID. Used for AWS API implementations that do not have IAM/STS API and/or metadata API.

  • token (pulumi.Input[str]) – session token. A session token is only required if you are using temporary security credentials.

translate_output_property(prop)

Provides subclasses of Resource an opportunity to translate names of output properties into a format of their choosing before writing those properties to the resource object.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

translate_input_property(prop)

Provides subclasses of Resource an opportunity to translate names of input properties into a format of their choosing before sending those properties to the Pulumi engine.

Parameters

prop (str) – A property name.

Returns

A potentially transformed property name.

Return type

str

pulumi_aws.get_ami(executable_users: Optional[Sequence[str]] = None, filters: Optional[Sequence[Union[GetAmiFilterArgs, Mapping[str, Any]]]] = None, most_recent: Optional[bool] = None, name_regex: Optional[str] = None, owners: Optional[Sequence[str]] = None, tags: Optional[Mapping[str, str]] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_ami.AwaitableGetAmiResult

Use this data source to get the ID of a registered AMI for use in other resources.

import pulumi
import pulumi_aws as aws

example = aws.get_ami(executable_users=["self"],
    filters=[
        aws.GetAmiFilterArgs(
            name="name",
            values=["myami-*"],
        ),
        aws.GetAmiFilterArgs(
            name="root-device-type",
            values=["ebs"],
        ),
        aws.GetAmiFilterArgs(
            name="virtualization-type",
            values=["hvm"],
        ),
    ],
    most_recent=True,
    name_regex="^myami-\d{3}",
    owners=["self"])
Parameters
  • executable_users (Sequence[str]) – Limit search to users with explicit launch permission on the image. Valid items are the numeric account ID or self.

  • filters (Sequence[pulumi.InputType['GetAmiFilterArgs']]) – One or more name/value pairs to filter off of. There are several valid keys, for a full reference, check out [describe-images in the AWS CLI reference][1].

  • most_recent (bool) – If more than one result is returned, use the most recent AMI.

  • name_regex (str) – A regex string to apply to the AMI list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other options to narrow down the list AWS returns.

  • owners (Sequence[str]) – List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, self (the current account), or an AWS owner alias (e.g. amazon, aws-marketplace, microsoft).

  • str] tags (Mapping[str,) – Any tags assigned to the image.

* `tags.#.key` - The key name of the tag.
* `tags.#.value` - The value of the tag.
pulumi_aws.get_ami_ids(executable_users: Optional[Sequence[str]] = None, filters: Optional[Sequence[Union[GetAmiIdsFilterArgs, Mapping[str, Any]]]] = None, name_regex: Optional[str] = None, owners: Optional[Sequence[str]] = None, sort_ascending: Optional[bool] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_ami_ids.AwaitableGetAmiIdsResult

Use this data source to get a list of AMI IDs matching the specified criteria.

import pulumi
import pulumi_aws as aws

ubuntu = aws.get_ami_ids(filters=[aws.GetAmiIdsFilterArgs(
        name="name",
        values=["ubuntu/images/ubuntu-*-*-amd64-server-*"],
    )],
    owners=["099720109477"])
Parameters
  • executable_users (Sequence[str]) – Limit search to users with explicit launch permission on the image. Valid items are the numeric account ID or self.

  • filters (Sequence[pulumi.InputType['GetAmiIdsFilterArgs']]) – One or more name/value pairs to filter off of. There are several valid keys, for a full reference, check out [describe-images in the AWS CLI reference][1].

  • name_regex (str) – A regex string to apply to the AMI list returned by AWS. This allows more advanced filtering not supported from the AWS API. This filtering is done locally on what AWS returns, and could have a performance impact if the result is large. It is recommended to combine this with other options to narrow down the list AWS returns.

  • owners (Sequence[str]) – List of AMI owners to limit search. At least 1 value must be specified. Valid values: an AWS account ID, self (the current account), or an AWS owner alias (e.g. amazon, aws-marketplace, microsoft).

  • sort_ascending (bool) – Used to sort AMIs by creation time.

pulumi_aws.get_arn(arn: Optional[str] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_arn.AwaitableGetArnResult

Parses an Amazon Resource Name (ARN) into its constituent parts.

import pulumi
import pulumi_aws as aws

db_instance = aws.get_arn(arn="arn:aws:rds:eu-west-1:123456789012:db:mysql-db")
Parameters

arn (str) – The ARN to parse.

pulumi_aws.get_autoscaling_groups(filters: Optional[Sequence[Union[GetAutoscalingGroupsFilterArgs, Mapping[str, Any]]]] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_autoscaling_groups.AwaitableGetAutoscalingGroupsResult

The Autoscaling Groups data source allows access to the list of AWS ASGs within a specific region. This will allow you to pass a list of AutoScaling Groups to other resources.

import pulumi
import pulumi_aws as aws

groups = aws.get_autoscaling_groups(filters=[
    aws.GetAutoscalingGroupsFilterArgs(
        name="key",
        values=["Team"],
    ),
    aws.GetAutoscalingGroupsFilterArgs(
        name="value",
        values=["Pets"],
    ),
])
slack_notifications = aws.autoscaling.Notification("slackNotifications",
    group_names=groups.names,
    notifications=[
        "autoscaling:EC2_INSTANCE_LAUNCH",
        "autoscaling:EC2_INSTANCE_TERMINATE",
        "autoscaling:EC2_INSTANCE_LAUNCH_ERROR",
        "autoscaling:EC2_INSTANCE_TERMINATE_ERROR",
    ],
    topic_arn="TOPIC ARN")
Parameters

filters (Sequence[pulumi.InputType['GetAutoscalingGroupsFilterArgs']]) – A filter used to scope the list e.g. by tags. See related docs.

pulumi_aws.get_availability_zone(all_availability_zones: Optional[bool] = None, filters: Optional[Sequence[Union[GetAvailabilityZoneFilterArgs, Mapping[str, Any]]]] = None, name: Optional[str] = None, state: Optional[str] = None, zone_id: Optional[str] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_availability_zone.AwaitableGetAvailabilityZoneResult

getAvailabilityZone provides details about a specific availability zone (AZ) in the current region.

This can be used both to validate an availability zone given in a variable and to split the AZ name into its component parts of an AWS region and an AZ identifier letter. The latter may be useful e.g. for implementing a consistent subnet numbering scheme across several regions by mapping both the region and the subnet letter to network numbers.

This is different from the getAvailabilityZones (plural) data source, which provides a list of the available zones.

Parameters
  • all_availability_zones (bool) – Set to true to include all Availability Zones and Local Zones regardless of your opt in status.

  • filters (Sequence[pulumi.InputType['GetAvailabilityZoneFilterArgs']]) – Configuration block(s) for filtering. Detailed below.

  • name (str) – The name of the filter field. Valid values can be found in the EC2 DescribeAvailabilityZones API Reference.

  • state (str) – A specific availability zone state to require. May be any of "available", "information" or "impaired".

  • zone_id (str) – The zone ID of the availability zone to select.

pulumi_aws.get_availability_zones(all_availability_zones: Optional[bool] = None, exclude_names: Optional[Sequence[str]] = None, exclude_zone_ids: Optional[Sequence[str]] = None, filters: Optional[Sequence[Union[GetAvailabilityZonesFilterArgs, Mapping[str, Any]]]] = None, state: Optional[str] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_availability_zones.AwaitableGetAvailabilityZonesResult

The Availability Zones data source allows access to the list of AWS Availability Zones which can be accessed by an AWS account within the region configured in the provider.

This is different from the getAvailabilityZone (singular) data source, which provides some details about a specific availability zone.

When Local Zones are enabled in a region, by default the API and this data source include both Local Zones and Availability Zones. To return only Availability Zones, see the example section below.

import pulumi
import pulumi_aws as aws

available = aws.get_availability_zones(state="available")
primary = aws.ec2.Subnet("primary", availability_zone=available.names[0])
# ...
secondary = aws.ec2.Subnet("secondary", availability_zone=available.names[1])
# ...

All Local Zones (regardless of opt-in status):

import pulumi
import pulumi_aws as aws

example = aws.get_availability_zones(all_availability_zones=True,
    filters=[aws.GetAvailabilityZonesFilterArgs(
        name="opt-in-status",
        values=[
            "not-opted-in",
            "opted-in",
        ],
    )])

Only Availability Zones (no Local Zones):

import pulumi
import pulumi_aws as aws

example = aws.get_availability_zones(filters=[aws.GetAvailabilityZonesFilterArgs(
    name="opt-in-status",
    values=["opt-in-not-required"],
)])
Parameters
  • all_availability_zones (bool) – Set to true to include all Availability Zones and Local Zones regardless of your opt in status.

  • exclude_names (Sequence[str]) – List of Availability Zone names to exclude.

  • exclude_zone_ids (Sequence[str]) – List of Availability Zone IDs to exclude.

  • filters (Sequence[pulumi.InputType['GetAvailabilityZonesFilterArgs']]) – Configuration block(s) for filtering. Detailed below.

  • state (str) – Allows to filter list of Availability Zones based on their current state. Can be either "available", "information", "impaired" or "unavailable". By default the list includes a complete set of Availability Zones to which the underlying AWS account has access, regardless of their state.

pulumi_aws.get_billing_service_account(opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_billing_service_account.AwaitableGetBillingServiceAccountResult

Use this data source to get the Account ID of the AWS Billing and Cost Management Service Account for the purpose of permitting in S3 bucket policy.

import pulumi
import pulumi_aws as aws

main = aws.get_billing_service_account()
billing_logs = aws.s3.Bucket("billingLogs",
    acl="private",
    policy=f"""{{
  "Id": "Policy",
  "Version": "2012-10-17",
  "Statement": [
    {{
      "Action": [
        "s3:GetBucketAcl", "s3:GetBucketPolicy"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-billing-tf-test-bucket",
      "Principal": {{
        "AWS": [
          "{main.arn}"
        ]
      }}
    }},
    {{
      "Action": [
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::my-billing-tf-test-bucket/*",
      "Principal": {{
        "AWS": [
          "{main.arn}"
        ]
      }}
    }}
  ]
}}

""")
pulumi_aws.get_caller_identity(opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_caller_identity.AwaitableGetCallerIdentityResult

Use this data source to get the access to the effective Account ID, User ID, and ARN in which this provider is authorized.

import pulumi
import pulumi_aws as aws

current = aws.get_caller_identity()
pulumi.export("accountId", current.account_id)
pulumi.export("callerArn", current.arn)
pulumi.export("callerUser", current.user_id)
pulumi_aws.get_canonical_user_id(opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_canonical_user_id.AwaitableGetCanonicalUserIdResult

The Canonical User ID data source allows access to the canonical user ID for the effective account in which this provider is working.

import pulumi
import pulumi_aws as aws

current = aws.get_canonical_user_id()
pulumi.export("canonicalUserId", current.id)
pulumi_aws.get_elastic_ip(filters: Optional[Sequence[Union[GetElasticIpFilterArgs, Mapping[str, Any]]]] = None, id: Optional[str] = None, public_ip: Optional[str] = None, tags: Optional[Mapping[str, str]] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_elastic_ip.AwaitableGetElasticIpResult

ec2.Eip provides details about a specific Elastic IP.

import pulumi
import pulumi_aws as aws

by_allocation_id = aws.get_elastic_ip(id="eipalloc-12345678")
import pulumi
import pulumi_aws as aws

by_filter = aws.get_elastic_ip(filters=[aws.GetElasticIpFilterArgs(
    name="tag:Name",
    values=["exampleNameTagValue"],
)])
import pulumi
import pulumi_aws as aws

by_public_ip = aws.get_elastic_ip(public_ip="1.2.3.4")
import pulumi
import pulumi_aws as aws

by_tags = aws.get_elastic_ip(tags={
    "Name": "exampleNameTagValue",
})
Parameters
  • filters (Sequence[pulumi.InputType['GetElasticIpFilterArgs']]) – One or more name/value pairs to use as filters. There are several valid keys, for a full reference, check out the EC2 API Reference.

  • id (str) – The allocation id of the specific VPC EIP to retrieve. If a classic EIP is required, do NOT set id, only set public_ip

  • public_ip (str) – The public IP of the specific EIP to retrieve.

  • str] tags (Mapping[str,) – A map of tags, each pair of which must exactly match a pair on the desired Elastic IP

pulumi_aws.get_ip_ranges(regions: Optional[Sequence[str]] = None, services: Optional[Sequence[str]] = None, url: Optional[str] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_ip_ranges.AwaitableGetIpRangesResult

Use this data source to get the IP ranges of various AWS products and services. For more information about the contents of this data source and required JSON syntax if referencing a custom URL, see the AWS IP Address Ranges documentation.

import pulumi
import pulumi_aws as aws

european_ec2 = aws.get_ip_ranges(regions=[
        "eu-west-1",
        "eu-central-1",
    ],
    services=["ec2"])
from_europe = aws.ec2.SecurityGroup("fromEurope",
    ingress=[aws.ec2.SecurityGroupIngressArgs(
        from_port="443",
        to_port="443",
        protocol="tcp",
        cidr_blocks=european_ec2.cidr_blocks,
        ipv6_cidr_blocks=european_ec2.ipv6_cidr_blocks,
    )],
    tags={
        "CreateDate": european_ec2.create_date,
        "SyncToken": european_ec2.sync_token,
    })
Parameters
  • regions (Sequence[str]) – Filter IP ranges by regions (or include all regions, if omitted). Valid items are global (for cloudfront) as well as all AWS regions (e.g. eu-central-1)

  • services (Sequence[str]) – Filter IP ranges by services. Valid items are amazon (for amazon.com), amazon_connect, api_gateway, cloud9, cloudfront, codebuild, dynamodb, ec2, ec2_instance_connect, globalaccelerator, route53, route53_healthchecks, s3 and workspaces_gateways. See the [service attribute][2] documentation for other possible values.

  • url (str) –

    Custom URL for source JSON file. Syntax must match AWS IP Address Ranges documentation. Defaults to https://ip-ranges.amazonaws.com/ip-ranges.json.

pulumi_aws.get_partition(opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_partition.AwaitableGetPartitionResult

Use this data source to lookup current AWS partition in which this provider is working

import pulumi
import pulumi_aws as aws

current = aws.get_partition()
s3_policy = aws.iam.get_policy_document(statements=[aws.iam.GetPolicyDocumentStatementArgs(
    actions=["s3:ListBucket"],
    resources=[f"arn:{current.partition}:s3:::my-bucket"],
    sid="1",
)])
pulumi_aws.get_prefix_list(filters: Optional[Sequence[Union[GetPrefixListFilterArgs, Mapping[str, Any]]]] = None, name: Optional[str] = None, prefix_list_id: Optional[str] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_prefix_list.AwaitableGetPrefixListResult

getPrefixList provides details about a specific prefix list (PL) in the current region.

This can be used both to validate a prefix list given in a variable and to obtain the CIDR blocks (IP address ranges) for the associated AWS service. The latter may be useful e.g. for adding network ACL rules.

import pulumi
import pulumi_aws as aws

private_s3_vpc_endpoint = aws.ec2.VpcEndpoint("privateS3VpcEndpoint",
    vpc_id=aws_vpc["foo"]["id"],
    service_name="com.amazonaws.us-west-2.s3")
private_s3_prefix_list = private_s3_vpc_endpoint.prefix_list_id.apply(lambda prefix_list_id: aws.get_prefix_list(prefix_list_id=prefix_list_id))
bar = aws.ec2.NetworkAcl("bar", vpc_id=aws_vpc["foo"]["id"])
private_s3_network_acl_rule = aws.ec2.NetworkAclRule("privateS3NetworkAclRule",
    network_acl_id=bar.id,
    rule_number=200,
    egress=False,
    protocol="tcp",
    rule_action="allow",
    cidr_block=private_s3_prefix_list.cidr_blocks[0],
    from_port=443,
    to_port=443)
import pulumi
import pulumi_aws as aws

test = aws.get_prefix_list(filters=[aws.GetPrefixListFilterArgs(
    name="prefix-list-id",
    values=["pl-68a54001"],
)])
Parameters
  • filters (Sequence[pulumi.InputType['GetPrefixListFilterArgs']]) – Configuration block(s) for filtering. Detailed below.

  • name (str) – The name of the filter field. Valid values can be found in the EC2 DescribePrefixLists API Reference.

  • prefix_list_id (str) – The ID of the prefix list to select.

pulumi_aws.get_region(endpoint: Optional[str] = None, name: Optional[str] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_region.AwaitableGetRegionResult

getRegion provides details about a specific AWS region.

As well as validating a given region name this resource can be used to discover the name of the region configured within the provider. The latter can be useful in a child module which is inheriting an AWS provider configuration from its parent module.

The following example shows how the resource might be used to obtain the name of the AWS region configured on the provider.

import pulumi
import pulumi_aws as aws

current = aws.get_region()
Parameters
  • endpoint (str) – The EC2 endpoint of the region to select.

  • name (str) – The full name of the region to select.

pulumi_aws.get_regions(all_regions: Optional[bool] = None, filters: Optional[Sequence[Union[GetRegionsFilterArgs, Mapping[str, Any]]]] = None, opts: Optional[pulumi.invoke.InvokeOptions] = None) → pulumi_aws.get_regions.AwaitableGetRegionsResult

Provides information about AWS Regions. Can be used to filter regions i.e. by Opt-In status or only regions enabled for current account. To get details like endpoint and description of each region the data source can be combined with the getRegion data source.

Enabled AWS Regions:

import pulumi
import pulumi_aws as aws

current = aws.get_regions()

All the regions regardless of the availability

import pulumi
import pulumi_aws as aws

current = aws.get_regions(all_regions=True)

To see regions that are filtered by "not-opted-in", the all_regions argument needs to be set to true or no results will be returned.

import pulumi
import pulumi_aws as aws

current = aws.get_regions(all_regions=True,
    filters=[aws.GetRegionsFilterArgs(
        name="opt-in-status",
        values=["not-opted-in"],
    )])
Parameters
  • all_regions (bool) – If true the source will query all regions regardless of availability.

  • filters (Sequence[pulumi.InputType['GetRegionsFilterArgs']]) – Configuration block(s) to use as filters. Detailed below.