Provides EC2 allowed images settings for an AWS account. This feature allows you to control which AMIs can be used to launch EC2 instances in your account based on specified criteria.
For more information about the image criteria that can be set, see the AWS documentation on Allowed AMIs JSON configuration.
NOTE: The AWS API does not delete this resource. When you run
destroy, the provider will attempt to disable the setting.
NOTE: There is only one allowed images settings configuration per AWS account and region. Creating this resource will configure the account-level settings.
Example Usage
Enable with Amazon AMIs only
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.ec2.AllowedImagesSettings("example", {
state: "enabled",
imageCriterions: [{
imageProviders: ["amazon"],
}],
});
import pulumi
import pulumi_aws as aws
example = aws.ec2.AllowedImagesSettings("example",
state="enabled",
image_criterions=[{
"image_providers": ["amazon"],
}])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ec2.NewAllowedImagesSettings(ctx, "example", &ec2.AllowedImagesSettingsArgs{
State: pulumi.String("enabled"),
ImageCriterions: ec2.AllowedImagesSettingsImageCriterionArray{
&ec2.AllowedImagesSettingsImageCriterionArgs{
ImageProviders: pulumi.StringArray{
pulumi.String("amazon"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Ec2.AllowedImagesSettings("example", new()
{
State = "enabled",
ImageCriterions = new[]
{
new Aws.Ec2.Inputs.AllowedImagesSettingsImageCriterionArgs
{
ImageProviders = new[]
{
"amazon",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.AllowedImagesSettings;
import com.pulumi.aws.ec2.AllowedImagesSettingsArgs;
import com.pulumi.aws.ec2.inputs.AllowedImagesSettingsImageCriterionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AllowedImagesSettings("example", AllowedImagesSettingsArgs.builder()
.state("enabled")
.imageCriterions(AllowedImagesSettingsImageCriterionArgs.builder()
.imageProviders("amazon")
.build())
.build());
}
}
resources:
example:
type: aws:ec2:AllowedImagesSettings
properties:
state: enabled
imageCriterions:
- imageProviders:
- amazon
Enable audit mode with specific account IDs
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.ec2.AllowedImagesSettings("example", {
state: "audit-mode",
imageCriterions: [{
imageProviders: [
"amazon",
"123456789012",
],
}],
});
import pulumi
import pulumi_aws as aws
example = aws.ec2.AllowedImagesSettings("example",
state="audit-mode",
image_criterions=[{
"image_providers": [
"amazon",
"123456789012",
],
}])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/ec2"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ec2.NewAllowedImagesSettings(ctx, "example", &ec2.AllowedImagesSettingsArgs{
State: pulumi.String("audit-mode"),
ImageCriterions: ec2.AllowedImagesSettingsImageCriterionArray{
&ec2.AllowedImagesSettingsImageCriterionArgs{
ImageProviders: pulumi.StringArray{
pulumi.String("amazon"),
pulumi.String("123456789012"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.Ec2.AllowedImagesSettings("example", new()
{
State = "audit-mode",
ImageCriterions = new[]
{
new Aws.Ec2.Inputs.AllowedImagesSettingsImageCriterionArgs
{
ImageProviders = new[]
{
"amazon",
"123456789012",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.AllowedImagesSettings;
import com.pulumi.aws.ec2.AllowedImagesSettingsArgs;
import com.pulumi.aws.ec2.inputs.AllowedImagesSettingsImageCriterionArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new AllowedImagesSettings("example", AllowedImagesSettingsArgs.builder()
.state("audit-mode")
.imageCriterions(AllowedImagesSettingsImageCriterionArgs.builder()
.imageProviders(
"amazon",
"123456789012")
.build())
.build());
}
}
resources:
example:
type: aws:ec2:AllowedImagesSettings
properties:
state: audit-mode
imageCriterions:
- imageProviders:
- amazon
- '123456789012'
Create AllowedImagesSettings Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new AllowedImagesSettings(name: string, args: AllowedImagesSettingsArgs, opts?: CustomResourceOptions);@overload
def AllowedImagesSettings(resource_name: str,
args: AllowedImagesSettingsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def AllowedImagesSettings(resource_name: str,
opts: Optional[ResourceOptions] = None,
state: Optional[str] = None,
image_criterions: Optional[Sequence[AllowedImagesSettingsImageCriterionArgs]] = None,
region: Optional[str] = None)func NewAllowedImagesSettings(ctx *Context, name string, args AllowedImagesSettingsArgs, opts ...ResourceOption) (*AllowedImagesSettings, error)public AllowedImagesSettings(string name, AllowedImagesSettingsArgs args, CustomResourceOptions? opts = null)
public AllowedImagesSettings(String name, AllowedImagesSettingsArgs args)
public AllowedImagesSettings(String name, AllowedImagesSettingsArgs args, CustomResourceOptions options)
type: aws:ec2:AllowedImagesSettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args AllowedImagesSettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args AllowedImagesSettingsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args AllowedImagesSettingsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args AllowedImagesSettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args AllowedImagesSettingsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var allowedImagesSettingsResource = new Aws.Ec2.AllowedImagesSettings("allowedImagesSettingsResource", new()
{
State = "string",
ImageCriterions = new[]
{
new Aws.Ec2.Inputs.AllowedImagesSettingsImageCriterionArgs
{
CreationDateCondition = new Aws.Ec2.Inputs.AllowedImagesSettingsImageCriterionCreationDateConditionArgs
{
MaximumDaysSinceCreated = 0,
},
DeprecationTimeCondition = new Aws.Ec2.Inputs.AllowedImagesSettingsImageCriterionDeprecationTimeConditionArgs
{
MaximumDaysSinceDeprecated = 0,
},
ImageNames = new[]
{
"string",
},
ImageProviders = new[]
{
"string",
},
MarketplaceProductCodes = new[]
{
"string",
},
},
},
Region = "string",
});
example, err := ec2.NewAllowedImagesSettings(ctx, "allowedImagesSettingsResource", &ec2.AllowedImagesSettingsArgs{
State: pulumi.String("string"),
ImageCriterions: ec2.AllowedImagesSettingsImageCriterionArray{
&ec2.AllowedImagesSettingsImageCriterionArgs{
CreationDateCondition: &ec2.AllowedImagesSettingsImageCriterionCreationDateConditionArgs{
MaximumDaysSinceCreated: pulumi.Int(0),
},
DeprecationTimeCondition: &ec2.AllowedImagesSettingsImageCriterionDeprecationTimeConditionArgs{
MaximumDaysSinceDeprecated: pulumi.Int(0),
},
ImageNames: pulumi.StringArray{
pulumi.String("string"),
},
ImageProviders: pulumi.StringArray{
pulumi.String("string"),
},
MarketplaceProductCodes: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Region: pulumi.String("string"),
})
var allowedImagesSettingsResource = new AllowedImagesSettings("allowedImagesSettingsResource", AllowedImagesSettingsArgs.builder()
.state("string")
.imageCriterions(AllowedImagesSettingsImageCriterionArgs.builder()
.creationDateCondition(AllowedImagesSettingsImageCriterionCreationDateConditionArgs.builder()
.maximumDaysSinceCreated(0)
.build())
.deprecationTimeCondition(AllowedImagesSettingsImageCriterionDeprecationTimeConditionArgs.builder()
.maximumDaysSinceDeprecated(0)
.build())
.imageNames("string")
.imageProviders("string")
.marketplaceProductCodes("string")
.build())
.region("string")
.build());
allowed_images_settings_resource = aws.ec2.AllowedImagesSettings("allowedImagesSettingsResource",
state="string",
image_criterions=[{
"creation_date_condition": {
"maximum_days_since_created": 0,
},
"deprecation_time_condition": {
"maximum_days_since_deprecated": 0,
},
"image_names": ["string"],
"image_providers": ["string"],
"marketplace_product_codes": ["string"],
}],
region="string")
const allowedImagesSettingsResource = new aws.ec2.AllowedImagesSettings("allowedImagesSettingsResource", {
state: "string",
imageCriterions: [{
creationDateCondition: {
maximumDaysSinceCreated: 0,
},
deprecationTimeCondition: {
maximumDaysSinceDeprecated: 0,
},
imageNames: ["string"],
imageProviders: ["string"],
marketplaceProductCodes: ["string"],
}],
region: "string",
});
type: aws:ec2:AllowedImagesSettings
properties:
imageCriterions:
- creationDateCondition:
maximumDaysSinceCreated: 0
deprecationTimeCondition:
maximumDaysSinceDeprecated: 0
imageNames:
- string
imageProviders:
- string
marketplaceProductCodes:
- string
region: string
state: string
AllowedImagesSettings Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The AllowedImagesSettings resource accepts the following input properties:
- State string
- State of the allowed images settings. Valid values are
enabledoraudit-mode. - Image
Criterions List<AllowedImages Settings Image Criterion> - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- State string
- State of the allowed images settings. Valid values are
enabledoraudit-mode. - Image
Criterions []AllowedImages Settings Image Criterion Args - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- state String
- State of the allowed images settings. Valid values are
enabledoraudit-mode. - image
Criterions List<AllowedImages Settings Image Criterion> - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- state string
- State of the allowed images settings. Valid values are
enabledoraudit-mode. - image
Criterions AllowedImages Settings Image Criterion[] - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- state str
- State of the allowed images settings. Valid values are
enabledoraudit-mode. - image_
criterions Sequence[AllowedImages Settings Image Criterion Args] - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - region str
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- state String
- State of the allowed images settings. Valid values are
enabledoraudit-mode. - image
Criterions List<Property Map> - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
Outputs
All input properties are implicitly available as output properties. Additionally, the AllowedImagesSettings resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing AllowedImagesSettings Resource
Get an existing AllowedImagesSettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: AllowedImagesSettingsState, opts?: CustomResourceOptions): AllowedImagesSettings@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
image_criterions: Optional[Sequence[AllowedImagesSettingsImageCriterionArgs]] = None,
region: Optional[str] = None,
state: Optional[str] = None) -> AllowedImagesSettingsfunc GetAllowedImagesSettings(ctx *Context, name string, id IDInput, state *AllowedImagesSettingsState, opts ...ResourceOption) (*AllowedImagesSettings, error)public static AllowedImagesSettings Get(string name, Input<string> id, AllowedImagesSettingsState? state, CustomResourceOptions? opts = null)public static AllowedImagesSettings get(String name, Output<String> id, AllowedImagesSettingsState state, CustomResourceOptions options)resources: _: type: aws:ec2:AllowedImagesSettings get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Image
Criterions List<AllowedImages Settings Image Criterion> - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- State string
- State of the allowed images settings. Valid values are
enabledoraudit-mode.
- Image
Criterions []AllowedImages Settings Image Criterion Args - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- State string
- State of the allowed images settings. Valid values are
enabledoraudit-mode.
- image
Criterions List<AllowedImages Settings Image Criterion> - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- state String
- State of the allowed images settings. Valid values are
enabledoraudit-mode.
- image
Criterions AllowedImages Settings Image Criterion[] - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- state string
- State of the allowed images settings. Valid values are
enabledoraudit-mode.
- image_
criterions Sequence[AllowedImages Settings Image Criterion Args] - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - region str
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- state str
- State of the allowed images settings. Valid values are
enabledoraudit-mode.
- image
Criterions List<Property Map> - List of image criteria. Maximum of 10 criterion blocks allowed. See
image_criterionbelow. - region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- state String
- State of the allowed images settings. Valid values are
enabledoraudit-mode.
Supporting Types
AllowedImagesSettingsImageCriterion, AllowedImagesSettingsImageCriterionArgs
- Creation
Date AllowedCondition Images Settings Image Criterion Creation Date Condition - Condition based on AMI creation date. See
creation_date_conditionbelow. - Deprecation
Time AllowedCondition Images Settings Image Criterion Deprecation Time Condition - Condition based on AMI deprecation time. See
deprecation_time_conditionbelow. - Image
Names List<string> - Set of AMI name patterns to allow. Maximum of 50 names.
- Image
Providers List<string> - Set of image providers to allow. Maximum of 200 providers. Valid values include
amazon,aws-marketplace,aws-backup-vault,none, or a 12-digit AWS account ID. - Marketplace
Product List<string>Codes - Set of AWS Marketplace product codes to allow. Maximum of 50 product codes.
- Creation
Date AllowedCondition Images Settings Image Criterion Creation Date Condition - Condition based on AMI creation date. See
creation_date_conditionbelow. - Deprecation
Time AllowedCondition Images Settings Image Criterion Deprecation Time Condition - Condition based on AMI deprecation time. See
deprecation_time_conditionbelow. - Image
Names []string - Set of AMI name patterns to allow. Maximum of 50 names.
- Image
Providers []string - Set of image providers to allow. Maximum of 200 providers. Valid values include
amazon,aws-marketplace,aws-backup-vault,none, or a 12-digit AWS account ID. - Marketplace
Product []stringCodes - Set of AWS Marketplace product codes to allow. Maximum of 50 product codes.
- creation
Date AllowedCondition Images Settings Image Criterion Creation Date Condition - Condition based on AMI creation date. See
creation_date_conditionbelow. - deprecation
Time AllowedCondition Images Settings Image Criterion Deprecation Time Condition - Condition based on AMI deprecation time. See
deprecation_time_conditionbelow. - image
Names List<String> - Set of AMI name patterns to allow. Maximum of 50 names.
- image
Providers List<String> - Set of image providers to allow. Maximum of 200 providers. Valid values include
amazon,aws-marketplace,aws-backup-vault,none, or a 12-digit AWS account ID. - marketplace
Product List<String>Codes - Set of AWS Marketplace product codes to allow. Maximum of 50 product codes.
- creation
Date AllowedCondition Images Settings Image Criterion Creation Date Condition - Condition based on AMI creation date. See
creation_date_conditionbelow. - deprecation
Time AllowedCondition Images Settings Image Criterion Deprecation Time Condition - Condition based on AMI deprecation time. See
deprecation_time_conditionbelow. - image
Names string[] - Set of AMI name patterns to allow. Maximum of 50 names.
- image
Providers string[] - Set of image providers to allow. Maximum of 200 providers. Valid values include
amazon,aws-marketplace,aws-backup-vault,none, or a 12-digit AWS account ID. - marketplace
Product string[]Codes - Set of AWS Marketplace product codes to allow. Maximum of 50 product codes.
- creation_
date_ Allowedcondition Images Settings Image Criterion Creation Date Condition - Condition based on AMI creation date. See
creation_date_conditionbelow. - deprecation_
time_ Allowedcondition Images Settings Image Criterion Deprecation Time Condition - Condition based on AMI deprecation time. See
deprecation_time_conditionbelow. - image_
names Sequence[str] - Set of AMI name patterns to allow. Maximum of 50 names.
- image_
providers Sequence[str] - Set of image providers to allow. Maximum of 200 providers. Valid values include
amazon,aws-marketplace,aws-backup-vault,none, or a 12-digit AWS account ID. - marketplace_
product_ Sequence[str]codes - Set of AWS Marketplace product codes to allow. Maximum of 50 product codes.
- creation
Date Property MapCondition - Condition based on AMI creation date. See
creation_date_conditionbelow. - deprecation
Time Property MapCondition - Condition based on AMI deprecation time. See
deprecation_time_conditionbelow. - image
Names List<String> - Set of AMI name patterns to allow. Maximum of 50 names.
- image
Providers List<String> - Set of image providers to allow. Maximum of 200 providers. Valid values include
amazon,aws-marketplace,aws-backup-vault,none, or a 12-digit AWS account ID. - marketplace
Product List<String>Codes - Set of AWS Marketplace product codes to allow. Maximum of 50 product codes.
AllowedImagesSettingsImageCriterionCreationDateCondition, AllowedImagesSettingsImageCriterionCreationDateConditionArgs
- Maximum
Days intSince Created - Maximum number of days since the AMI was created.
- Maximum
Days intSince Created - Maximum number of days since the AMI was created.
- maximum
Days IntegerSince Created - Maximum number of days since the AMI was created.
- maximum
Days numberSince Created - Maximum number of days since the AMI was created.
- maximum_
days_ intsince_ created - Maximum number of days since the AMI was created.
- maximum
Days NumberSince Created - Maximum number of days since the AMI was created.
AllowedImagesSettingsImageCriterionDeprecationTimeCondition, AllowedImagesSettingsImageCriterionDeprecationTimeConditionArgs
- Maximum
Days intSince Deprecated - Maximum number of days since the AMI was deprecated. Setting this to
0means no deprecated images are allowed.
- Maximum
Days intSince Deprecated - Maximum number of days since the AMI was deprecated. Setting this to
0means no deprecated images are allowed.
- maximum
Days IntegerSince Deprecated - Maximum number of days since the AMI was deprecated. Setting this to
0means no deprecated images are allowed.
- maximum
Days numberSince Deprecated - Maximum number of days since the AMI was deprecated. Setting this to
0means no deprecated images are allowed.
- maximum_
days_ intsince_ deprecated - Maximum number of days since the AMI was deprecated. Setting this to
0means no deprecated images are allowed.
- maximum
Days NumberSince Deprecated - Maximum number of days since the AMI was deprecated. Setting this to
0means no deprecated images are allowed.
Import
Using pulumi import, import EC2 allowed images settings. For example:
$ pulumi import aws:ec2/allowedImagesSettings:AllowedImagesSettings example us-east-1
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.
