1. Packages
  2. AWS Classic
  3. API Docs
  4. ec2
  5. VpcEndpoint

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.24.0 published on Tuesday, Feb 27, 2024 by Pulumi

aws.ec2.VpcEndpoint

Explore with Pulumi AI

aws logo

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.24.0 published on Tuesday, Feb 27, 2024 by Pulumi

    Provides a VPC Endpoint resource.

    NOTE on VPC Endpoints and VPC Endpoint Associations: The provider provides both standalone VPC Endpoint Associations for Route Tables - (an association between a VPC endpoint and a single route_table_id), Security Groups - (an association between a VPC endpoint and a single security_group_id), and Subnets - (an association between a VPC endpoint and a single subnet_id) and a VPC Endpoint resource with route_table_ids and subnet_ids attributes. Do not use the same resource ID in both a VPC Endpoint resource and a VPC Endpoint Association resource. Doing so will cause a conflict of associations and will overwrite the association.

    Example Usage

    Basic

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var s3 = new Aws.Ec2.VpcEndpoint("s3", new()
        {
            VpcId = aws_vpc.Main.Id,
            ServiceName = "com.amazonaws.us-west-2.s3",
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := ec2.NewVpcEndpoint(ctx, "s3", &ec2.VpcEndpointArgs{
    			VpcId:       pulumi.Any(aws_vpc.Main.Id),
    			ServiceName: pulumi.String("com.amazonaws.us-west-2.s3"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.ec2.VpcEndpoint;
    import com.pulumi.aws.ec2.VpcEndpointArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var s3 = new VpcEndpoint("s3", VpcEndpointArgs.builder()        
                .vpcId(aws_vpc.main().id())
                .serviceName("com.amazonaws.us-west-2.s3")
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    s3 = aws.ec2.VpcEndpoint("s3",
        vpc_id=aws_vpc["main"]["id"],
        service_name="com.amazonaws.us-west-2.s3")
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const s3 = new aws.ec2.VpcEndpoint("s3", {
        vpcId: aws_vpc.main.id,
        serviceName: "com.amazonaws.us-west-2.s3",
    });
    
    resources:
      s3:
        type: aws:ec2:VpcEndpoint
        properties:
          vpcId: ${aws_vpc.main.id}
          serviceName: com.amazonaws.us-west-2.s3
    

    Basic w/ Tags

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var s3 = new Aws.Ec2.VpcEndpoint("s3", new()
        {
            VpcId = aws_vpc.Main.Id,
            ServiceName = "com.amazonaws.us-west-2.s3",
            Tags = 
            {
                { "Environment", "test" },
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := ec2.NewVpcEndpoint(ctx, "s3", &ec2.VpcEndpointArgs{
    			VpcId:       pulumi.Any(aws_vpc.Main.Id),
    			ServiceName: pulumi.String("com.amazonaws.us-west-2.s3"),
    			Tags: pulumi.StringMap{
    				"Environment": pulumi.String("test"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.ec2.VpcEndpoint;
    import com.pulumi.aws.ec2.VpcEndpointArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var s3 = new VpcEndpoint("s3", VpcEndpointArgs.builder()        
                .vpcId(aws_vpc.main().id())
                .serviceName("com.amazonaws.us-west-2.s3")
                .tags(Map.of("Environment", "test"))
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    s3 = aws.ec2.VpcEndpoint("s3",
        vpc_id=aws_vpc["main"]["id"],
        service_name="com.amazonaws.us-west-2.s3",
        tags={
            "Environment": "test",
        })
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const s3 = new aws.ec2.VpcEndpoint("s3", {
        vpcId: aws_vpc.main.id,
        serviceName: "com.amazonaws.us-west-2.s3",
        tags: {
            Environment: "test",
        },
    });
    
    resources:
      s3:
        type: aws:ec2:VpcEndpoint
        properties:
          vpcId: ${aws_vpc.main.id}
          serviceName: com.amazonaws.us-west-2.s3
          tags:
            Environment: test
    

    Interface Endpoint Type

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var ec2 = new Aws.Ec2.VpcEndpoint("ec2", new()
        {
            VpcId = aws_vpc.Main.Id,
            ServiceName = "com.amazonaws.us-west-2.ec2",
            VpcEndpointType = "Interface",
            SecurityGroupIds = new[]
            {
                aws_security_group.Sg1.Id,
            },
            PrivateDnsEnabled = true,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := ec2.NewVpcEndpoint(ctx, "ec2", &ec2.VpcEndpointArgs{
    			VpcId:           pulumi.Any(aws_vpc.Main.Id),
    			ServiceName:     pulumi.String("com.amazonaws.us-west-2.ec2"),
    			VpcEndpointType: pulumi.String("Interface"),
    			SecurityGroupIds: pulumi.StringArray{
    				aws_security_group.Sg1.Id,
    			},
    			PrivateDnsEnabled: pulumi.Bool(true),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.ec2.VpcEndpoint;
    import com.pulumi.aws.ec2.VpcEndpointArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var ec2 = new VpcEndpoint("ec2", VpcEndpointArgs.builder()        
                .vpcId(aws_vpc.main().id())
                .serviceName("com.amazonaws.us-west-2.ec2")
                .vpcEndpointType("Interface")
                .securityGroupIds(aws_security_group.sg1().id())
                .privateDnsEnabled(true)
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    ec2 = aws.ec2.VpcEndpoint("ec2",
        vpc_id=aws_vpc["main"]["id"],
        service_name="com.amazonaws.us-west-2.ec2",
        vpc_endpoint_type="Interface",
        security_group_ids=[aws_security_group["sg1"]["id"]],
        private_dns_enabled=True)
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const ec2 = new aws.ec2.VpcEndpoint("ec2", {
        vpcId: aws_vpc.main.id,
        serviceName: "com.amazonaws.us-west-2.ec2",
        vpcEndpointType: "Interface",
        securityGroupIds: [aws_security_group.sg1.id],
        privateDnsEnabled: true,
    });
    
    resources:
      ec2:
        type: aws:ec2:VpcEndpoint
        properties:
          vpcId: ${aws_vpc.main.id}
          serviceName: com.amazonaws.us-west-2.ec2
          vpcEndpointType: Interface
          securityGroupIds:
            - ${aws_security_group.sg1.id}
          privateDnsEnabled: true
    

    Gateway Load Balancer Endpoint Type

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var current = Aws.GetCallerIdentity.Invoke();
    
        var exampleVpcEndpointService = new Aws.Ec2.VpcEndpointService("exampleVpcEndpointService", new()
        {
            AcceptanceRequired = false,
            AllowedPrincipals = new[]
            {
                current.Apply(getCallerIdentityResult => getCallerIdentityResult.Arn),
            },
            GatewayLoadBalancerArns = new[]
            {
                aws_lb.Example.Arn,
            },
        });
    
        var exampleVpcEndpoint = new Aws.Ec2.VpcEndpoint("exampleVpcEndpoint", new()
        {
            ServiceName = exampleVpcEndpointService.ServiceName,
            SubnetIds = new[]
            {
                aws_subnet.Example.Id,
            },
            VpcEndpointType = exampleVpcEndpointService.ServiceType,
            VpcId = aws_vpc.Example.Id,
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		current, err := aws.GetCallerIdentity(ctx, nil, nil)
    		if err != nil {
    			return err
    		}
    		exampleVpcEndpointService, err := ec2.NewVpcEndpointService(ctx, "exampleVpcEndpointService", &ec2.VpcEndpointServiceArgs{
    			AcceptanceRequired: pulumi.Bool(false),
    			AllowedPrincipals: pulumi.StringArray{
    				*pulumi.String(current.Arn),
    			},
    			GatewayLoadBalancerArns: pulumi.StringArray{
    				aws_lb.Example.Arn,
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = ec2.NewVpcEndpoint(ctx, "exampleVpcEndpoint", &ec2.VpcEndpointArgs{
    			ServiceName: exampleVpcEndpointService.ServiceName,
    			SubnetIds: pulumi.StringArray{
    				aws_subnet.Example.Id,
    			},
    			VpcEndpointType: exampleVpcEndpointService.ServiceType,
    			VpcId:           pulumi.Any(aws_vpc.Example.Id),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.AwsFunctions;
    import com.pulumi.aws.inputs.GetCallerIdentityArgs;
    import com.pulumi.aws.ec2.VpcEndpointService;
    import com.pulumi.aws.ec2.VpcEndpointServiceArgs;
    import com.pulumi.aws.ec2.VpcEndpoint;
    import com.pulumi.aws.ec2.VpcEndpointArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var current = AwsFunctions.getCallerIdentity();
    
            var exampleVpcEndpointService = new VpcEndpointService("exampleVpcEndpointService", VpcEndpointServiceArgs.builder()        
                .acceptanceRequired(false)
                .allowedPrincipals(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.arn()))
                .gatewayLoadBalancerArns(aws_lb.example().arn())
                .build());
    
            var exampleVpcEndpoint = new VpcEndpoint("exampleVpcEndpoint", VpcEndpointArgs.builder()        
                .serviceName(exampleVpcEndpointService.serviceName())
                .subnetIds(aws_subnet.example().id())
                .vpcEndpointType(exampleVpcEndpointService.serviceType())
                .vpcId(aws_vpc.example().id())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_aws as aws
    
    current = aws.get_caller_identity()
    example_vpc_endpoint_service = aws.ec2.VpcEndpointService("exampleVpcEndpointService",
        acceptance_required=False,
        allowed_principals=[current.arn],
        gateway_load_balancer_arns=[aws_lb["example"]["arn"]])
    example_vpc_endpoint = aws.ec2.VpcEndpoint("exampleVpcEndpoint",
        service_name=example_vpc_endpoint_service.service_name,
        subnet_ids=[aws_subnet["example"]["id"]],
        vpc_endpoint_type=example_vpc_endpoint_service.service_type,
        vpc_id=aws_vpc["example"]["id"])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const current = aws.getCallerIdentity({});
    const exampleVpcEndpointService = new aws.ec2.VpcEndpointService("exampleVpcEndpointService", {
        acceptanceRequired: false,
        allowedPrincipals: [current.then(current => current.arn)],
        gatewayLoadBalancerArns: [aws_lb.example.arn],
    });
    const exampleVpcEndpoint = new aws.ec2.VpcEndpoint("exampleVpcEndpoint", {
        serviceName: exampleVpcEndpointService.serviceName,
        subnetIds: [aws_subnet.example.id],
        vpcEndpointType: exampleVpcEndpointService.serviceType,
        vpcId: aws_vpc.example.id,
    });
    
    resources:
      exampleVpcEndpointService:
        type: aws:ec2:VpcEndpointService
        properties:
          acceptanceRequired: false
          allowedPrincipals:
            - ${current.arn}
          gatewayLoadBalancerArns:
            - ${aws_lb.example.arn}
      exampleVpcEndpoint:
        type: aws:ec2:VpcEndpoint
        properties:
          serviceName: ${exampleVpcEndpointService.serviceName}
          subnetIds:
            - ${aws_subnet.example.id}
          vpcEndpointType: ${exampleVpcEndpointService.serviceType}
          vpcId: ${aws_vpc.example.id}
    variables:
      current:
        fn::invoke:
          Function: aws:getCallerIdentity
          Arguments: {}
    

    Create VpcEndpoint Resource

    new VpcEndpoint(name: string, args: VpcEndpointArgs, opts?: CustomResourceOptions);
    @overload
    def VpcEndpoint(resource_name: str,
                    opts: Optional[ResourceOptions] = None,
                    auto_accept: Optional[bool] = None,
                    dns_options: Optional[VpcEndpointDnsOptionsArgs] = None,
                    ip_address_type: Optional[str] = None,
                    policy: Optional[str] = None,
                    private_dns_enabled: Optional[bool] = None,
                    route_table_ids: Optional[Sequence[str]] = None,
                    security_group_ids: Optional[Sequence[str]] = None,
                    service_name: Optional[str] = None,
                    subnet_ids: Optional[Sequence[str]] = None,
                    tags: Optional[Mapping[str, str]] = None,
                    vpc_endpoint_type: Optional[str] = None,
                    vpc_id: Optional[str] = None)
    @overload
    def VpcEndpoint(resource_name: str,
                    args: VpcEndpointArgs,
                    opts: Optional[ResourceOptions] = None)
    func NewVpcEndpoint(ctx *Context, name string, args VpcEndpointArgs, opts ...ResourceOption) (*VpcEndpoint, error)
    public VpcEndpoint(string name, VpcEndpointArgs args, CustomResourceOptions? opts = null)
    public VpcEndpoint(String name, VpcEndpointArgs args)
    public VpcEndpoint(String name, VpcEndpointArgs args, CustomResourceOptions options)
    
    type: aws:ec2:VpcEndpoint
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args VpcEndpointArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args VpcEndpointArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args VpcEndpointArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args VpcEndpointArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args VpcEndpointArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    VpcEndpoint Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The VpcEndpoint resource accepts the following input properties:

    ServiceName string
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    VpcId string
    The ID of the VPC in which the endpoint will be used.
    AutoAccept bool
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    DnsOptions VpcEndpointDnsOptions
    The DNS options for the endpoint. See dns_options below.
    IpAddressType string
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    Policy string
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    PrivateDnsEnabled bool
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    RouteTableIds List<string>
    One or more route table IDs. Applicable for endpoints of type Gateway.
    SecurityGroupIds List<string>
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    SubnetIds List<string>
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    Tags Dictionary<string, string>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    VpcEndpointType string
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    ServiceName string
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    VpcId string
    The ID of the VPC in which the endpoint will be used.
    AutoAccept bool
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    DnsOptions VpcEndpointDnsOptionsArgs
    The DNS options for the endpoint. See dns_options below.
    IpAddressType string
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    Policy string
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    PrivateDnsEnabled bool
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    RouteTableIds []string
    One or more route table IDs. Applicable for endpoints of type Gateway.
    SecurityGroupIds []string
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    SubnetIds []string
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    Tags map[string]string
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    VpcEndpointType string
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    serviceName String
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    vpcId String
    The ID of the VPC in which the endpoint will be used.
    autoAccept Boolean
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    dnsOptions VpcEndpointDnsOptions
    The DNS options for the endpoint. See dns_options below.
    ipAddressType String
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    policy String
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    privateDnsEnabled Boolean
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    routeTableIds List<String>
    One or more route table IDs. Applicable for endpoints of type Gateway.
    securityGroupIds List<String>
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    subnetIds List<String>
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    tags Map<String,String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    vpcEndpointType String
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    serviceName string
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    vpcId string
    The ID of the VPC in which the endpoint will be used.
    autoAccept boolean
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    dnsOptions VpcEndpointDnsOptions
    The DNS options for the endpoint. See dns_options below.
    ipAddressType string
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    policy string
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    privateDnsEnabled boolean
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    routeTableIds string[]
    One or more route table IDs. Applicable for endpoints of type Gateway.
    securityGroupIds string[]
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    subnetIds string[]
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    tags {[key: string]: string}
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    vpcEndpointType string
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    service_name str
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    vpc_id str
    The ID of the VPC in which the endpoint will be used.
    auto_accept bool
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    dns_options VpcEndpointDnsOptionsArgs
    The DNS options for the endpoint. See dns_options below.
    ip_address_type str
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    policy str
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    private_dns_enabled bool
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    route_table_ids Sequence[str]
    One or more route table IDs. Applicable for endpoints of type Gateway.
    security_group_ids Sequence[str]
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    subnet_ids Sequence[str]
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    tags Mapping[str, str]
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    vpc_endpoint_type str
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    serviceName String
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    vpcId String
    The ID of the VPC in which the endpoint will be used.
    autoAccept Boolean
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    dnsOptions Property Map
    The DNS options for the endpoint. See dns_options below.
    ipAddressType String
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    policy String
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    privateDnsEnabled Boolean
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    routeTableIds List<String>
    One or more route table IDs. Applicable for endpoints of type Gateway.
    securityGroupIds List<String>
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    subnetIds List<String>
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    tags Map<String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    vpcEndpointType String
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the VpcEndpoint resource produces the following output properties:

    Arn string
    The Amazon Resource Name (ARN) of the VPC endpoint.
    CidrBlocks List<string>
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    DnsEntries List<VpcEndpointDnsEntry>
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    Id string
    The provider-assigned unique ID for this managed resource.
    NetworkInterfaceIds List<string>
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    OwnerId string
    The ID of the AWS account that owns the VPC endpoint.
    PrefixListId string
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    RequesterManaged bool
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    State string
    The state of the VPC endpoint.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    Arn string
    The Amazon Resource Name (ARN) of the VPC endpoint.
    CidrBlocks []string
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    DnsEntries []VpcEndpointDnsEntry
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    Id string
    The provider-assigned unique ID for this managed resource.
    NetworkInterfaceIds []string
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    OwnerId string
    The ID of the AWS account that owns the VPC endpoint.
    PrefixListId string
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    RequesterManaged bool
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    State string
    The state of the VPC endpoint.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    arn String
    The Amazon Resource Name (ARN) of the VPC endpoint.
    cidrBlocks List<String>
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    dnsEntries List<VpcEndpointDnsEntry>
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    id String
    The provider-assigned unique ID for this managed resource.
    networkInterfaceIds List<String>
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    ownerId String
    The ID of the AWS account that owns the VPC endpoint.
    prefixListId String
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    requesterManaged Boolean
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    state String
    The state of the VPC endpoint.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    arn string
    The Amazon Resource Name (ARN) of the VPC endpoint.
    cidrBlocks string[]
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    dnsEntries VpcEndpointDnsEntry[]
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    id string
    The provider-assigned unique ID for this managed resource.
    networkInterfaceIds string[]
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    ownerId string
    The ID of the AWS account that owns the VPC endpoint.
    prefixListId string
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    requesterManaged boolean
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    state string
    The state of the VPC endpoint.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    arn str
    The Amazon Resource Name (ARN) of the VPC endpoint.
    cidr_blocks Sequence[str]
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    dns_entries Sequence[VpcEndpointDnsEntry]
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    id str
    The provider-assigned unique ID for this managed resource.
    network_interface_ids Sequence[str]
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    owner_id str
    The ID of the AWS account that owns the VPC endpoint.
    prefix_list_id str
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    requester_managed bool
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    state str
    The state of the VPC endpoint.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    arn String
    The Amazon Resource Name (ARN) of the VPC endpoint.
    cidrBlocks List<String>
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    dnsEntries List<Property Map>
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    id String
    The provider-assigned unique ID for this managed resource.
    networkInterfaceIds List<String>
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    ownerId String
    The ID of the AWS account that owns the VPC endpoint.
    prefixListId String
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    requesterManaged Boolean
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    state String
    The state of the VPC endpoint.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    Look up Existing VpcEndpoint Resource

    Get an existing VpcEndpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: VpcEndpointState, opts?: CustomResourceOptions): VpcEndpoint
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            arn: Optional[str] = None,
            auto_accept: Optional[bool] = None,
            cidr_blocks: Optional[Sequence[str]] = None,
            dns_entries: Optional[Sequence[VpcEndpointDnsEntryArgs]] = None,
            dns_options: Optional[VpcEndpointDnsOptionsArgs] = None,
            ip_address_type: Optional[str] = None,
            network_interface_ids: Optional[Sequence[str]] = None,
            owner_id: Optional[str] = None,
            policy: Optional[str] = None,
            prefix_list_id: Optional[str] = None,
            private_dns_enabled: Optional[bool] = None,
            requester_managed: Optional[bool] = None,
            route_table_ids: Optional[Sequence[str]] = None,
            security_group_ids: Optional[Sequence[str]] = None,
            service_name: Optional[str] = None,
            state: Optional[str] = None,
            subnet_ids: Optional[Sequence[str]] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            vpc_endpoint_type: Optional[str] = None,
            vpc_id: Optional[str] = None) -> VpcEndpoint
    func GetVpcEndpoint(ctx *Context, name string, id IDInput, state *VpcEndpointState, opts ...ResourceOption) (*VpcEndpoint, error)
    public static VpcEndpoint Get(string name, Input<string> id, VpcEndpointState? state, CustomResourceOptions? opts = null)
    public static VpcEndpoint get(String name, Output<String> id, VpcEndpointState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Arn string
    The Amazon Resource Name (ARN) of the VPC endpoint.
    AutoAccept bool
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    CidrBlocks List<string>
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    DnsEntries List<VpcEndpointDnsEntry>
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    DnsOptions VpcEndpointDnsOptions
    The DNS options for the endpoint. See dns_options below.
    IpAddressType string
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    NetworkInterfaceIds List<string>
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    OwnerId string
    The ID of the AWS account that owns the VPC endpoint.
    Policy string
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    PrefixListId string
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    PrivateDnsEnabled bool
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    RequesterManaged bool
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    RouteTableIds List<string>
    One or more route table IDs. Applicable for endpoints of type Gateway.
    SecurityGroupIds List<string>
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    ServiceName string
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    State string
    The state of the VPC endpoint.
    SubnetIds List<string>
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    Tags Dictionary<string, string>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll Dictionary<string, string>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    VpcEndpointType string
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    VpcId string
    The ID of the VPC in which the endpoint will be used.
    Arn string
    The Amazon Resource Name (ARN) of the VPC endpoint.
    AutoAccept bool
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    CidrBlocks []string
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    DnsEntries []VpcEndpointDnsEntryArgs
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    DnsOptions VpcEndpointDnsOptionsArgs
    The DNS options for the endpoint. See dns_options below.
    IpAddressType string
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    NetworkInterfaceIds []string
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    OwnerId string
    The ID of the AWS account that owns the VPC endpoint.
    Policy string
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    PrefixListId string
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    PrivateDnsEnabled bool
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    RequesterManaged bool
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    RouteTableIds []string
    One or more route table IDs. Applicable for endpoints of type Gateway.
    SecurityGroupIds []string
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    ServiceName string
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    State string
    The state of the VPC endpoint.
    SubnetIds []string
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    Tags map[string]string
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    TagsAll map[string]string
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    VpcEndpointType string
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    VpcId string
    The ID of the VPC in which the endpoint will be used.
    arn String
    The Amazon Resource Name (ARN) of the VPC endpoint.
    autoAccept Boolean
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    cidrBlocks List<String>
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    dnsEntries List<VpcEndpointDnsEntry>
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    dnsOptions VpcEndpointDnsOptions
    The DNS options for the endpoint. See dns_options below.
    ipAddressType String
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    networkInterfaceIds List<String>
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    ownerId String
    The ID of the AWS account that owns the VPC endpoint.
    policy String
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    prefixListId String
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    privateDnsEnabled Boolean
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    requesterManaged Boolean
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    routeTableIds List<String>
    One or more route table IDs. Applicable for endpoints of type Gateway.
    securityGroupIds List<String>
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    serviceName String
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    state String
    The state of the VPC endpoint.
    subnetIds List<String>
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    tags Map<String,String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String,String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    vpcEndpointType String
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    vpcId String
    The ID of the VPC in which the endpoint will be used.
    arn string
    The Amazon Resource Name (ARN) of the VPC endpoint.
    autoAccept boolean
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    cidrBlocks string[]
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    dnsEntries VpcEndpointDnsEntry[]
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    dnsOptions VpcEndpointDnsOptions
    The DNS options for the endpoint. See dns_options below.
    ipAddressType string
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    networkInterfaceIds string[]
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    ownerId string
    The ID of the AWS account that owns the VPC endpoint.
    policy string
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    prefixListId string
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    privateDnsEnabled boolean
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    requesterManaged boolean
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    routeTableIds string[]
    One or more route table IDs. Applicable for endpoints of type Gateway.
    securityGroupIds string[]
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    serviceName string
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    state string
    The state of the VPC endpoint.
    subnetIds string[]
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    tags {[key: string]: string}
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll {[key: string]: string}
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    vpcEndpointType string
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    vpcId string
    The ID of the VPC in which the endpoint will be used.
    arn str
    The Amazon Resource Name (ARN) of the VPC endpoint.
    auto_accept bool
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    cidr_blocks Sequence[str]
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    dns_entries Sequence[VpcEndpointDnsEntryArgs]
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    dns_options VpcEndpointDnsOptionsArgs
    The DNS options for the endpoint. See dns_options below.
    ip_address_type str
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    network_interface_ids Sequence[str]
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    owner_id str
    The ID of the AWS account that owns the VPC endpoint.
    policy str
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    prefix_list_id str
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    private_dns_enabled bool
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    requester_managed bool
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    route_table_ids Sequence[str]
    One or more route table IDs. Applicable for endpoints of type Gateway.
    security_group_ids Sequence[str]
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    service_name str
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    state str
    The state of the VPC endpoint.
    subnet_ids Sequence[str]
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    tags Mapping[str, str]
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tags_all Mapping[str, str]
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    vpc_endpoint_type str
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    vpc_id str
    The ID of the VPC in which the endpoint will be used.
    arn String
    The Amazon Resource Name (ARN) of the VPC endpoint.
    autoAccept Boolean
    Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
    cidrBlocks List<String>
    The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.
    dnsEntries List<Property Map>
    The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.
    dnsOptions Property Map
    The DNS options for the endpoint. See dns_options below.
    ipAddressType String
    The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
    networkInterfaceIds List<String>
    One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.
    ownerId String
    The ID of the AWS account that owns the VPC endpoint.
    policy String
    A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
    prefixListId String
    The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.
    privateDnsEnabled Boolean
    Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
    requesterManaged Boolean
    Whether or not the VPC Endpoint is being managed by its service - true or false.
    routeTableIds List<String>
    One or more route table IDs. Applicable for endpoints of type Gateway.
    securityGroupIds List<String>
    The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
    serviceName String
    The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
    state String
    The state of the VPC endpoint.
    subnetIds List<String>
    The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
    tags Map<String>
    A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
    tagsAll Map<String>
    A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated:Please use tags instead.

    vpcEndpointType String
    The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.
    vpcId String
    The ID of the VPC in which the endpoint will be used.

    Supporting Types

    VpcEndpointDnsEntry, VpcEndpointDnsEntryArgs

    DnsName string
    The DNS name.
    HostedZoneId string
    The ID of the private hosted zone.
    DnsName string
    The DNS name.
    HostedZoneId string
    The ID of the private hosted zone.
    dnsName String
    The DNS name.
    hostedZoneId String
    The ID of the private hosted zone.
    dnsName string
    The DNS name.
    hostedZoneId string
    The ID of the private hosted zone.
    dns_name str
    The DNS name.
    hosted_zone_id str
    The ID of the private hosted zone.
    dnsName String
    The DNS name.
    hostedZoneId String
    The ID of the private hosted zone.

    VpcEndpointDnsOptions, VpcEndpointDnsOptionsArgs

    DnsRecordIpType string
    The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
    PrivateDnsOnlyForInboundResolverEndpoint bool
    Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.
    DnsRecordIpType string
    The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
    PrivateDnsOnlyForInboundResolverEndpoint bool
    Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.
    dnsRecordIpType String
    The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
    privateDnsOnlyForInboundResolverEndpoint Boolean
    Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.
    dnsRecordIpType string
    The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
    privateDnsOnlyForInboundResolverEndpoint boolean
    Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.
    dns_record_ip_type str
    The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
    private_dns_only_for_inbound_resolver_endpoint bool
    Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.
    dnsRecordIpType String
    The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
    privateDnsOnlyForInboundResolverEndpoint Boolean
    Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.

    Import

    Using pulumi import, import VPC Endpoints using the VPC endpoint id. For example:

     $ pulumi import aws:ec2/vpcEndpoint:VpcEndpoint endpoint1 vpce-3ecf2a57
    

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo

    Try AWS Native preview for resources not in the classic version.

    AWS Classic v6.24.0 published on Tuesday, Feb 27, 2024 by Pulumi