aws-native.ec2.getVpcEncryptionControl

AWS Cloud Control v1.44.0, Dec 19 25

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.44.0 published on Friday, Dec 19, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-aws-native

We recommend new projects start with resources from the AWS provider.

AWS Cloud Control v1.44.0 published on Friday, Dec 19, 2025 by Pulumi

Schema (JSON)

pulumi/pulumi-aws-native

Using getVpcEncryptionControl

Two invocation forms are available. The direct form accepts plain arguments and either blocks until the result value is available, or returns a Promise-wrapped result. The output form accepts Input-wrapped arguments and returns an Output-wrapped result.

function getVpcEncryptionControl(args: GetVpcEncryptionControlArgs, opts?: InvokeOptions): Promise<GetVpcEncryptionControlResult>
function getVpcEncryptionControlOutput(args: GetVpcEncryptionControlOutputArgs, opts?: InvokeOptions): Output<GetVpcEncryptionControlResult>

def get_vpc_encryption_control(vpc_encryption_control_id: Optional[str] = None,
                               opts: Optional[InvokeOptions] = None) -> GetVpcEncryptionControlResult
def get_vpc_encryption_control_output(vpc_encryption_control_id: Optional[pulumi.Input[str]] = None,
                               opts: Optional[InvokeOptions] = None) -> Output[GetVpcEncryptionControlResult]

func LookupVpcEncryptionControl(ctx *Context, args *LookupVpcEncryptionControlArgs, opts ...InvokeOption) (*LookupVpcEncryptionControlResult, error)
func LookupVpcEncryptionControlOutput(ctx *Context, args *LookupVpcEncryptionControlOutputArgs, opts ...InvokeOption) LookupVpcEncryptionControlResultOutput

> Note: This function is named LookupVpcEncryptionControl in the Go SDK.

public static class GetVpcEncryptionControl 
{
    public static Task<GetVpcEncryptionControlResult> InvokeAsync(GetVpcEncryptionControlArgs args, InvokeOptions? opts = null)
    public static Output<GetVpcEncryptionControlResult> Invoke(GetVpcEncryptionControlInvokeArgs args, InvokeOptions? opts = null)
}

public static CompletableFuture<GetVpcEncryptionControlResult> getVpcEncryptionControl(GetVpcEncryptionControlArgs args, InvokeOptions options)
public static Output<GetVpcEncryptionControlResult> getVpcEncryptionControl(GetVpcEncryptionControlArgs args, InvokeOptions options)

fn::invoke:
  function: aws-native:ec2:getVpcEncryptionControl
  arguments:
    # arguments dictionary

The following arguments are supported:

VpcEncryptionControlId string: The VPC encryption control resource id.

VpcEncryptionControlId string: The VPC encryption control resource id.

vpcEncryptionControlId String: The VPC encryption control resource id.

vpcEncryptionControlId string: The VPC encryption control resource id.

vpc_encryption_control_id str: The VPC encryption control resource id.

vpcEncryptionControlId String: The VPC encryption control resource id.

getVpcEncryptionControl Result

The following output properties are available:

Mode Pulumi.AwsNative.Ec2.VpcEncryptionControlMode: The VPC encryption control mode, either monitor or enforce.
ResourceExclusions Pulumi.AwsNative.Ec2.Outputs.VpcEncryptionControlResourceExclusions: Enumerates the states of all the VPC encryption control resource exclusions
State Pulumi.AwsNative.Ec2.VpcEncryptionControlState: The current state of the VPC encryption control.
StateMessage string: Provides additional context on the state of the VPC encryption control.
Tags List<Pulumi.AwsNative.Outputs.Tag>: The tags to assign to the VPC encryption control.
VpcEncryptionControlId string: The VPC encryption control resource id.

Mode VpcEncryptionControlMode: The VPC encryption control mode, either monitor or enforce.
ResourceExclusions VpcEncryptionControlResourceExclusions: Enumerates the states of all the VPC encryption control resource exclusions
State VpcEncryptionControlStateEnum: The current state of the VPC encryption control.
StateMessage string: Provides additional context on the state of the VPC encryption control.
Tags Tag: The tags to assign to the VPC encryption control.
VpcEncryptionControlId string: The VPC encryption control resource id.

mode VpcEncryptionControlMode: The VPC encryption control mode, either monitor or enforce.
resourceExclusions VpcEncryptionControlResourceExclusions: Enumerates the states of all the VPC encryption control resource exclusions
state VpcEncryptionControlState: The current state of the VPC encryption control.
stateMessage String: Provides additional context on the state of the VPC encryption control.
tags List<Tag>: The tags to assign to the VPC encryption control.
vpcEncryptionControlId String: The VPC encryption control resource id.

mode VpcEncryptionControlMode: The VPC encryption control mode, either monitor or enforce.
resourceExclusions VpcEncryptionControlResourceExclusions: Enumerates the states of all the VPC encryption control resource exclusions
state VpcEncryptionControlState: The current state of the VPC encryption control.
stateMessage string: Provides additional context on the state of the VPC encryption control.
tags Tag[]: The tags to assign to the VPC encryption control.
vpcEncryptionControlId string: The VPC encryption control resource id.

mode VpcEncryptionControlMode: The VPC encryption control mode, either monitor or enforce.
resource_exclusions VpcEncryptionControlResourceExclusions: Enumerates the states of all the VPC encryption control resource exclusions
state VpcEncryptionControlState: The current state of the VPC encryption control.
state_message str: Provides additional context on the state of the VPC encryption control.
tags Sequence[root_Tag]: The tags to assign to the VPC encryption control.
vpc_encryption_control_id str: The VPC encryption control resource id.

mode "monitor" | "enforce": The VPC encryption control mode, either monitor or enforce.
resourceExclusions Property Map: Enumerates the states of all the VPC encryption control resource exclusions
state "creating" | "available" | "monitor-in-progress" | "enforce-in-progress" | "monitor-failed" | "enforce-failed" | "deleting" | "deleted" | "delete-failed": The current state of the VPC encryption control.
stateMessage String: Provides additional context on the state of the VPC encryption control.
tags List<Property Map>: The tags to assign to the VPC encryption control.
vpcEncryptionControlId String: The VPC encryption control resource id.

Supporting Types

VpcEncryptionControlExclusion

State string: The current state of the exclusion configuration.
StateMessage string: A message providing additional information about the exclusion state.

State string: The current state of the exclusion configuration.
StateMessage string: A message providing additional information about the exclusion state.

state String: The current state of the exclusion configuration.
stateMessage String: A message providing additional information about the exclusion state.

state string: The current state of the exclusion configuration.
stateMessage string: A message providing additional information about the exclusion state.

state str: The current state of the exclusion configuration.
state_message str: A message providing additional information about the exclusion state.

state String: The current state of the exclusion configuration.
stateMessage String: A message providing additional information about the exclusion state.

VpcEncryptionControlMode

VpcEncryptionControlResourceExclusions

EgressOnlyInternetGateway Pulumi.AwsNative.Ec2.Inputs.VpcEncryptionControlExclusion: Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.
ElasticFileSystem Pulumi.AwsNative.Ec2.Inputs.VpcEncryptionControlExclusion: Specifies whether to exclude Elastic File System traffic from encryption enforcement.
InternetGateway Pulumi.AwsNative.Ec2.Inputs.VpcEncryptionControlExclusion: Specifies whether to exclude internet gateway traffic from encryption enforcement.
Lambda Pulumi.AwsNative.Ec2.Inputs.VpcEncryptionControlExclusion: Specifies whether to exclude Lambda function traffic from encryption enforcement.
NatGateway Pulumi.AwsNative.Ec2.Inputs.VpcEncryptionControlExclusion: Specifies whether to exclude NAT gateway traffic from encryption enforcement.
VirtualPrivateGateway Pulumi.AwsNative.Ec2.Inputs.VpcEncryptionControlExclusion: Specifies whether to exclude virtual private gateway traffic from encryption enforcement.
VpcLattice Pulumi.AwsNative.Ec2.Inputs.VpcEncryptionControlExclusion: Specifies whether to exclude VPC Lattice traffic from encryption enforcement.
VpcPeering Pulumi.AwsNative.Ec2.Inputs.VpcEncryptionControlExclusion: Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

EgressOnlyInternetGateway VpcEncryptionControlExclusion: Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.
ElasticFileSystem VpcEncryptionControlExclusion: Specifies whether to exclude Elastic File System traffic from encryption enforcement.
InternetGateway VpcEncryptionControlExclusion: Specifies whether to exclude internet gateway traffic from encryption enforcement.
Lambda VpcEncryptionControlExclusion: Specifies whether to exclude Lambda function traffic from encryption enforcement.
NatGateway VpcEncryptionControlExclusion: Specifies whether to exclude NAT gateway traffic from encryption enforcement.
VirtualPrivateGateway VpcEncryptionControlExclusion: Specifies whether to exclude virtual private gateway traffic from encryption enforcement.
VpcLattice VpcEncryptionControlExclusion: Specifies whether to exclude VPC Lattice traffic from encryption enforcement.
VpcPeering VpcEncryptionControlExclusion: Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

egressOnlyInternetGateway VpcEncryptionControlExclusion: Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.
elasticFileSystem VpcEncryptionControlExclusion: Specifies whether to exclude Elastic File System traffic from encryption enforcement.
internetGateway VpcEncryptionControlExclusion: Specifies whether to exclude internet gateway traffic from encryption enforcement.
lambda VpcEncryptionControlExclusion: Specifies whether to exclude Lambda function traffic from encryption enforcement.
natGateway VpcEncryptionControlExclusion: Specifies whether to exclude NAT gateway traffic from encryption enforcement.
virtualPrivateGateway VpcEncryptionControlExclusion: Specifies whether to exclude virtual private gateway traffic from encryption enforcement.
vpcLattice VpcEncryptionControlExclusion: Specifies whether to exclude VPC Lattice traffic from encryption enforcement.
vpcPeering VpcEncryptionControlExclusion: Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

egressOnlyInternetGateway VpcEncryptionControlExclusion: Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.
elasticFileSystem VpcEncryptionControlExclusion: Specifies whether to exclude Elastic File System traffic from encryption enforcement.
internetGateway VpcEncryptionControlExclusion: Specifies whether to exclude internet gateway traffic from encryption enforcement.
lambda VpcEncryptionControlExclusion: Specifies whether to exclude Lambda function traffic from encryption enforcement.
natGateway VpcEncryptionControlExclusion: Specifies whether to exclude NAT gateway traffic from encryption enforcement.
virtualPrivateGateway VpcEncryptionControlExclusion: Specifies whether to exclude virtual private gateway traffic from encryption enforcement.
vpcLattice VpcEncryptionControlExclusion: Specifies whether to exclude VPC Lattice traffic from encryption enforcement.
vpcPeering VpcEncryptionControlExclusion: Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

egress_only_internet_gateway VpcEncryptionControlExclusion: Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.
elastic_file_system VpcEncryptionControlExclusion: Specifies whether to exclude Elastic File System traffic from encryption enforcement.
internet_gateway VpcEncryptionControlExclusion: Specifies whether to exclude internet gateway traffic from encryption enforcement.
lambda_ VpcEncryptionControlExclusion: Specifies whether to exclude Lambda function traffic from encryption enforcement.
nat_gateway VpcEncryptionControlExclusion: Specifies whether to exclude NAT gateway traffic from encryption enforcement.
virtual_private_gateway VpcEncryptionControlExclusion: Specifies whether to exclude virtual private gateway traffic from encryption enforcement.
vpc_lattice VpcEncryptionControlExclusion: Specifies whether to exclude VPC Lattice traffic from encryption enforcement.
vpc_peering VpcEncryptionControlExclusion: Specifies whether to exclude VPC peering connection traffic from encryption enforcement.

egressOnlyInternetGateway Property Map: Specifies whether to exclude egress-only internet gateway traffic from encryption enforcement.
elasticFileSystem Property Map: Specifies whether to exclude Elastic File System traffic from encryption enforcement.
internetGateway Property Map: Specifies whether to exclude internet gateway traffic from encryption enforcement.
lambda Property Map: Specifies whether to exclude Lambda function traffic from encryption enforcement.
natGateway Property Map: Specifies whether to exclude NAT gateway traffic from encryption enforcement.
virtualPrivateGateway Property Map: Specifies whether to exclude virtual private gateway traffic from encryption enforcement.
vpcLattice Property Map: Specifies whether to exclude VPC Lattice traffic from encryption enforcement.
vpcPeering Property Map: Specifies whether to exclude VPC peering connection traffic from encryption enforcement.