AWS Classic v6.12.0, Nov 29 23

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.12.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-aws

aws.ec2.VpcEndpoint

Explore with Pulumi AI

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.12.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-aws

NOTE on VPC Endpoints and VPC Endpoint Associations: The provider provides both standalone VPC Endpoint Associations for Route Tables - (an association between a VPC endpoint and a single route_table_id), Security Groups - (an association between a VPC endpoint and a single security_group_id), and Subnets - (an association between a VPC endpoint and a single subnet_id) and a VPC Endpoint resource with route_table_ids and subnet_ids attributes. Do not use the same resource ID in both a VPC Endpoint resource and a VPC Endpoint Association resource. Doing so will cause a conflict of associations and will overwrite the association.

Example Usage

Basic

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var s3 = new Aws.Ec2.VpcEndpoint("s3", new()
    {
        VpcId = aws_vpc.Main.Id,
        ServiceName = "com.amazonaws.us-west-2.s3",
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ec2.NewVpcEndpoint(ctx, "s3", &ec2.VpcEndpointArgs{
			VpcId:       pulumi.Any(aws_vpc.Main.Id),
			ServiceName: pulumi.String("com.amazonaws.us-west-2.s3"),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.VpcEndpoint;
import com.pulumi.aws.ec2.VpcEndpointArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var s3 = new VpcEndpoint("s3", VpcEndpointArgs.builder()        
            .vpcId(aws_vpc.main().id())
            .serviceName("com.amazonaws.us-west-2.s3")
            .build());

    }
}

import pulumi
import pulumi_aws as aws

s3 = aws.ec2.VpcEndpoint("s3",
    vpc_id=aws_vpc["main"]["id"],
    service_name="com.amazonaws.us-west-2.s3")

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const s3 = new aws.ec2.VpcEndpoint("s3", {
    vpcId: aws_vpc.main.id,
    serviceName: "com.amazonaws.us-west-2.s3",
});

resources:
  s3:
    type: aws:ec2:VpcEndpoint
    properties:
      vpcId: ${aws_vpc.main.id}
      serviceName: com.amazonaws.us-west-2.s3

Basic w/ Tags

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var s3 = new Aws.Ec2.VpcEndpoint("s3", new()
    {
        VpcId = aws_vpc.Main.Id,
        ServiceName = "com.amazonaws.us-west-2.s3",
        Tags = 
        {
            { "Environment", "test" },
        },
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ec2.NewVpcEndpoint(ctx, "s3", &ec2.VpcEndpointArgs{
			VpcId:       pulumi.Any(aws_vpc.Main.Id),
			ServiceName: pulumi.String("com.amazonaws.us-west-2.s3"),
			Tags: pulumi.StringMap{
				"Environment": pulumi.String("test"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.VpcEndpoint;
import com.pulumi.aws.ec2.VpcEndpointArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var s3 = new VpcEndpoint("s3", VpcEndpointArgs.builder()        
            .vpcId(aws_vpc.main().id())
            .serviceName("com.amazonaws.us-west-2.s3")
            .tags(Map.of("Environment", "test"))
            .build());

    }
}

import pulumi
import pulumi_aws as aws

s3 = aws.ec2.VpcEndpoint("s3",
    vpc_id=aws_vpc["main"]["id"],
    service_name="com.amazonaws.us-west-2.s3",
    tags={
        "Environment": "test",
    })

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const s3 = new aws.ec2.VpcEndpoint("s3", {
    vpcId: aws_vpc.main.id,
    serviceName: "com.amazonaws.us-west-2.s3",
    tags: {
        Environment: "test",
    },
});

resources:
  s3:
    type: aws:ec2:VpcEndpoint
    properties:
      vpcId: ${aws_vpc.main.id}
      serviceName: com.amazonaws.us-west-2.s3
      tags:
        Environment: test

Interface Endpoint Type

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var ec2 = new Aws.Ec2.VpcEndpoint("ec2", new()
    {
        VpcId = aws_vpc.Main.Id,
        ServiceName = "com.amazonaws.us-west-2.ec2",
        VpcEndpointType = "Interface",
        SecurityGroupIds = new[]
        {
            aws_security_group.Sg1.Id,
        },
        PrivateDnsEnabled = true,
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ec2.NewVpcEndpoint(ctx, "ec2", &ec2.VpcEndpointArgs{
			VpcId:           pulumi.Any(aws_vpc.Main.Id),
			ServiceName:     pulumi.String("com.amazonaws.us-west-2.ec2"),
			VpcEndpointType: pulumi.String("Interface"),
			SecurityGroupIds: pulumi.StringArray{
				aws_security_group.Sg1.Id,
			},
			PrivateDnsEnabled: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.ec2.VpcEndpoint;
import com.pulumi.aws.ec2.VpcEndpointArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var ec2 = new VpcEndpoint("ec2", VpcEndpointArgs.builder()        
            .vpcId(aws_vpc.main().id())
            .serviceName("com.amazonaws.us-west-2.ec2")
            .vpcEndpointType("Interface")
            .securityGroupIds(aws_security_group.sg1().id())
            .privateDnsEnabled(true)
            .build());

    }
}

import pulumi
import pulumi_aws as aws

ec2 = aws.ec2.VpcEndpoint("ec2",
    vpc_id=aws_vpc["main"]["id"],
    service_name="com.amazonaws.us-west-2.ec2",
    vpc_endpoint_type="Interface",
    security_group_ids=[aws_security_group["sg1"]["id"]],
    private_dns_enabled=True)

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const ec2 = new aws.ec2.VpcEndpoint("ec2", {
    vpcId: aws_vpc.main.id,
    serviceName: "com.amazonaws.us-west-2.ec2",
    vpcEndpointType: "Interface",
    securityGroupIds: [aws_security_group.sg1.id],
    privateDnsEnabled: true,
});

resources:
  ec2:
    type: aws:ec2:VpcEndpoint
    properties:
      vpcId: ${aws_vpc.main.id}
      serviceName: com.amazonaws.us-west-2.ec2
      vpcEndpointType: Interface
      securityGroupIds:
        - ${aws_security_group.sg1.id}
      privateDnsEnabled: true

Gateway Load Balancer Endpoint Type

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var current = Aws.GetCallerIdentity.Invoke();

    var exampleVpcEndpointService = new Aws.Ec2.VpcEndpointService("exampleVpcEndpointService", new()
    {
        AcceptanceRequired = false,
        AllowedPrincipals = new[]
        {
            current.Apply(getCallerIdentityResult => getCallerIdentityResult.Arn),
        },
        GatewayLoadBalancerArns = new[]
        {
            aws_lb.Example.Arn,
        },
    });

    var exampleVpcEndpoint = new Aws.Ec2.VpcEndpoint("exampleVpcEndpoint", new()
    {
        ServiceName = exampleVpcEndpointService.ServiceName,
        SubnetIds = new[]
        {
            aws_subnet.Example.Id,
        },
        VpcEndpointType = exampleVpcEndpointService.ServiceType,
        VpcId = aws_vpc.Example.Id,
    });

});

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws"
	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		current, err := aws.GetCallerIdentity(ctx, nil, nil)
		if err != nil {
			return err
		}
		exampleVpcEndpointService, err := ec2.NewVpcEndpointService(ctx, "exampleVpcEndpointService", &ec2.VpcEndpointServiceArgs{
			AcceptanceRequired: pulumi.Bool(false),
			AllowedPrincipals: pulumi.StringArray{
				*pulumi.String(current.Arn),
			},
			GatewayLoadBalancerArns: pulumi.StringArray{
				aws_lb.Example.Arn,
			},
		})
		if err != nil {
			return err
		}
		_, err = ec2.NewVpcEndpoint(ctx, "exampleVpcEndpoint", &ec2.VpcEndpointArgs{
			ServiceName: exampleVpcEndpointService.ServiceName,
			SubnetIds: pulumi.StringArray{
				aws_subnet.Example.Id,
			},
			VpcEndpointType: exampleVpcEndpointService.ServiceType,
			VpcId:           pulumi.Any(aws_vpc.Example.Id),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetCallerIdentityArgs;
import com.pulumi.aws.ec2.VpcEndpointService;
import com.pulumi.aws.ec2.VpcEndpointServiceArgs;
import com.pulumi.aws.ec2.VpcEndpoint;
import com.pulumi.aws.ec2.VpcEndpointArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        final var current = AwsFunctions.getCallerIdentity();

        var exampleVpcEndpointService = new VpcEndpointService("exampleVpcEndpointService", VpcEndpointServiceArgs.builder()        
            .acceptanceRequired(false)
            .allowedPrincipals(current.applyValue(getCallerIdentityResult -> getCallerIdentityResult.arn()))
            .gatewayLoadBalancerArns(aws_lb.example().arn())
            .build());

        var exampleVpcEndpoint = new VpcEndpoint("exampleVpcEndpoint", VpcEndpointArgs.builder()        
            .serviceName(exampleVpcEndpointService.serviceName())
            .subnetIds(aws_subnet.example().id())
            .vpcEndpointType(exampleVpcEndpointService.serviceType())
            .vpcId(aws_vpc.example().id())
            .build());

    }
}

import pulumi
import pulumi_aws as aws

current = aws.get_caller_identity()
example_vpc_endpoint_service = aws.ec2.VpcEndpointService("exampleVpcEndpointService",
    acceptance_required=False,
    allowed_principals=[current.arn],
    gateway_load_balancer_arns=[aws_lb["example"]["arn"]])
example_vpc_endpoint = aws.ec2.VpcEndpoint("exampleVpcEndpoint",
    service_name=example_vpc_endpoint_service.service_name,
    subnet_ids=[aws_subnet["example"]["id"]],
    vpc_endpoint_type=example_vpc_endpoint_service.service_type,
    vpc_id=aws_vpc["example"]["id"])

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const current = aws.getCallerIdentity({});
const exampleVpcEndpointService = new aws.ec2.VpcEndpointService("exampleVpcEndpointService", {
    acceptanceRequired: false,
    allowedPrincipals: [current.then(current => current.arn)],
    gatewayLoadBalancerArns: [aws_lb.example.arn],
});
const exampleVpcEndpoint = new aws.ec2.VpcEndpoint("exampleVpcEndpoint", {
    serviceName: exampleVpcEndpointService.serviceName,
    subnetIds: [aws_subnet.example.id],
    vpcEndpointType: exampleVpcEndpointService.serviceType,
    vpcId: aws_vpc.example.id,
});

resources:
  exampleVpcEndpointService:
    type: aws:ec2:VpcEndpointService
    properties:
      acceptanceRequired: false
      allowedPrincipals:
        - ${current.arn}
      gatewayLoadBalancerArns:
        - ${aws_lb.example.arn}
  exampleVpcEndpoint:
    type: aws:ec2:VpcEndpoint
    properties:
      serviceName: ${exampleVpcEndpointService.serviceName}
      subnetIds:
        - ${aws_subnet.example.id}
      vpcEndpointType: ${exampleVpcEndpointService.serviceType}
      vpcId: ${aws_vpc.example.id}
variables:
  current:
    fn::invoke:
      Function: aws:getCallerIdentity
      Arguments: {}

Create VpcEndpoint Resource

new VpcEndpoint(name: string, args: VpcEndpointArgs, opts?: CustomResourceOptions);

@overload
def VpcEndpoint(resource_name: str,
                opts: Optional[ResourceOptions] = None,
                auto_accept: Optional[bool] = None,
                dns_options: Optional[VpcEndpointDnsOptionsArgs] = None,
                ip_address_type: Optional[str] = None,
                policy: Optional[str] = None,
                private_dns_enabled: Optional[bool] = None,
                route_table_ids: Optional[Sequence[str]] = None,
                security_group_ids: Optional[Sequence[str]] = None,
                service_name: Optional[str] = None,
                subnet_ids: Optional[Sequence[str]] = None,
                tags: Optional[Mapping[str, str]] = None,
                vpc_endpoint_type: Optional[str] = None,
                vpc_id: Optional[str] = None)
@overload
def VpcEndpoint(resource_name: str,
                args: VpcEndpointArgs,
                opts: Optional[ResourceOptions] = None)

func NewVpcEndpoint(ctx *Context, name string, args VpcEndpointArgs, opts ...ResourceOption) (*VpcEndpoint, error)

public VpcEndpoint(string name, VpcEndpointArgs args, CustomResourceOptions? opts = null)

public VpcEndpoint(String name, VpcEndpointArgs args)
public VpcEndpoint(String name, VpcEndpointArgs args, CustomResourceOptions options)

type: aws:ec2:VpcEndpoint
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VpcEndpointArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args VpcEndpointArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VpcEndpointArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VpcEndpointArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args VpcEndpointArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

VpcEndpoint Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The VpcEndpoint resource accepts the following input properties:

ServiceName string: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
VpcId string: The ID of the VPC in which the endpoint will be used.
AutoAccept bool: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
DnsOptions VpcEndpointDnsOptions: The DNS options for the endpoint. See dns_options below.
IpAddressType string: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
Policy string: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
PrivateDnsEnabled bool: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
RouteTableIds List<string>: One or more route table IDs. Applicable for endpoints of type Gateway.
SecurityGroupIds List<string>: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
SubnetIds List<string>: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
Tags Dictionary<string, string>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
VpcEndpointType string: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

ServiceName string: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
VpcId string: The ID of the VPC in which the endpoint will be used.
AutoAccept bool: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
DnsOptions VpcEndpointDnsOptionsArgs: The DNS options for the endpoint. See dns_options below.
IpAddressType string: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
Policy string: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
PrivateDnsEnabled bool: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
RouteTableIds []string: One or more route table IDs. Applicable for endpoints of type Gateway.
SecurityGroupIds []string: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
SubnetIds []string: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
Tags map[string]string: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
VpcEndpointType string: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

serviceName String: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
vpcId String: The ID of the VPC in which the endpoint will be used.
autoAccept Boolean: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
dnsOptions VpcEndpointDnsOptions: The DNS options for the endpoint. See dns_options below.
ipAddressType String: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
policy String: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
privateDnsEnabled Boolean: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
routeTableIds List<String>: One or more route table IDs. Applicable for endpoints of type Gateway.
securityGroupIds List<String>: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
subnetIds List<String>: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
tags Map<String,String>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointType String: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

serviceName string: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
vpcId string: The ID of the VPC in which the endpoint will be used.
autoAccept boolean: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
dnsOptions VpcEndpointDnsOptions: The DNS options for the endpoint. See dns_options below.
ipAddressType string: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
policy string: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
privateDnsEnabled boolean: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
routeTableIds string[]: One or more route table IDs. Applicable for endpoints of type Gateway.
securityGroupIds string[]: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
subnetIds string[]: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
tags {[key: string]: string}: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointType string: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

service_name str: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
vpc_id str: The ID of the VPC in which the endpoint will be used.
auto_accept bool: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
dns_options VpcEndpointDnsOptionsArgs: The DNS options for the endpoint. See dns_options below.
ip_address_type str: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
policy str: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
private_dns_enabled bool: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
route_table_ids Sequence[str]: One or more route table IDs. Applicable for endpoints of type Gateway.
security_group_ids Sequence[str]: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
subnet_ids Sequence[str]: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
tags Mapping[str, str]: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpc_endpoint_type str: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

serviceName String: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
vpcId String: The ID of the VPC in which the endpoint will be used.
autoAccept Boolean: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
dnsOptions Property Map: The DNS options for the endpoint. See dns_options below.
ipAddressType String: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
policy String: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
privateDnsEnabled Boolean: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.
routeTableIds List<String>: One or more route table IDs. Applicable for endpoints of type Gateway.
securityGroupIds List<String>: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
subnetIds List<String>: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
tags Map<String>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointType String: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

Outputs

All input properties are implicitly available as output properties. Additionally, the VpcEndpoint resource produces the following output properties:

Arn string

The Amazon Resource Name (ARN) of the VPC endpoint.

CidrBlocks List<string>

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

DnsEntries List<VpcEndpointDnsEntry>

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

Id string

The provider-assigned unique ID for this managed resource.

NetworkInterfaceIds List<string>

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

OwnerId string

The ID of the AWS account that owns the VPC endpoint.

PrefixListId string

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

RequesterManaged bool

Whether or not the VPC Endpoint is being managed by its service - true or false.

State string

The state of the VPC endpoint.

TagsAll Dictionary<string, string>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

Arn string

The Amazon Resource Name (ARN) of the VPC endpoint.

CidrBlocks []string

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

DnsEntries []VpcEndpointDnsEntry

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

Id string

The provider-assigned unique ID for this managed resource.

NetworkInterfaceIds []string

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

OwnerId string

The ID of the AWS account that owns the VPC endpoint.

PrefixListId string

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

RequesterManaged bool

Whether or not the VPC Endpoint is being managed by its service - true or false.

State string

The state of the VPC endpoint.

TagsAll map[string]string

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

arn String

The Amazon Resource Name (ARN) of the VPC endpoint.

cidrBlocks List<String>

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

dnsEntries List<VpcEndpointDnsEntry>

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

id String

The provider-assigned unique ID for this managed resource.

networkInterfaceIds List<String>

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

ownerId String

The ID of the AWS account that owns the VPC endpoint.

prefixListId String

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

requesterManaged Boolean

Whether or not the VPC Endpoint is being managed by its service - true or false.

state String

The state of the VPC endpoint.

tagsAll Map<String,String>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

arn string

The Amazon Resource Name (ARN) of the VPC endpoint.

cidrBlocks string[]

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

dnsEntries VpcEndpointDnsEntry[]

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

id string

The provider-assigned unique ID for this managed resource.

networkInterfaceIds string[]

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

ownerId string

The ID of the AWS account that owns the VPC endpoint.

prefixListId string

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

requesterManaged boolean

Whether or not the VPC Endpoint is being managed by its service - true or false.

state string

The state of the VPC endpoint.

tagsAll {[key: string]: string}

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

arn str

The Amazon Resource Name (ARN) of the VPC endpoint.

cidr_blocks Sequence[str]

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

dns_entries Sequence[VpcEndpointDnsEntry]

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

id str

The provider-assigned unique ID for this managed resource.

network_interface_ids Sequence[str]

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

owner_id str

The ID of the AWS account that owns the VPC endpoint.

prefix_list_id str

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

requester_managed bool

Whether or not the VPC Endpoint is being managed by its service - true or false.

state str

The state of the VPC endpoint.

tags_all Mapping[str, str]

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

arn String

The Amazon Resource Name (ARN) of the VPC endpoint.

cidrBlocks List<String>

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

dnsEntries List<Property Map>

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

id String

The provider-assigned unique ID for this managed resource.

networkInterfaceIds List<String>

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

ownerId String

The ID of the AWS account that owns the VPC endpoint.

prefixListId String

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

requesterManaged Boolean

Whether or not the VPC Endpoint is being managed by its service - true or false.

state String

The state of the VPC endpoint.

tagsAll Map<String>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

Look up Existing VpcEndpoint Resource

Get an existing VpcEndpoint resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VpcEndpointState, opts?: CustomResourceOptions): VpcEndpoint

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        arn: Optional[str] = None,
        auto_accept: Optional[bool] = None,
        cidr_blocks: Optional[Sequence[str]] = None,
        dns_entries: Optional[Sequence[VpcEndpointDnsEntryArgs]] = None,
        dns_options: Optional[VpcEndpointDnsOptionsArgs] = None,
        ip_address_type: Optional[str] = None,
        network_interface_ids: Optional[Sequence[str]] = None,
        owner_id: Optional[str] = None,
        policy: Optional[str] = None,
        prefix_list_id: Optional[str] = None,
        private_dns_enabled: Optional[bool] = None,
        requester_managed: Optional[bool] = None,
        route_table_ids: Optional[Sequence[str]] = None,
        security_group_ids: Optional[Sequence[str]] = None,
        service_name: Optional[str] = None,
        state: Optional[str] = None,
        subnet_ids: Optional[Sequence[str]] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        vpc_endpoint_type: Optional[str] = None,
        vpc_id: Optional[str] = None) -> VpcEndpoint

func GetVpcEndpoint(ctx *Context, name string, id IDInput, state *VpcEndpointState, opts ...ResourceOption) (*VpcEndpoint, error)

public static VpcEndpoint Get(string name, Input<string> id, VpcEndpointState? state, CustomResourceOptions? opts = null)

public static VpcEndpoint get(String name, Output<String> id, VpcEndpointState state, CustomResourceOptions options)

Resource lookup is not supported in YAML

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Arn string

The Amazon Resource Name (ARN) of the VPC endpoint.

AutoAccept bool

Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).

CidrBlocks List<string>

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

DnsEntries List<VpcEndpointDnsEntry>

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

DnsOptions VpcEndpointDnsOptions

The DNS options for the endpoint. See dns_options below.

IpAddressType string

The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.

NetworkInterfaceIds List<string>

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

OwnerId string

The ID of the AWS account that owns the VPC endpoint.

Policy string

A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.

PrefixListId string

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

PrivateDnsEnabled bool

Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Most users will want this enabled to allow services within the VPC to automatically use the endpoint. Defaults to false.

RequesterManaged bool

Whether or not the VPC Endpoint is being managed by its service - true or false.

RouteTableIds List<string>

One or more route table IDs. Applicable for endpoints of type Gateway.

SecurityGroupIds List<string>

The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.

ServiceName string

The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).

State string

The state of the VPC endpoint.

SubnetIds List<string>

The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.

Tags Dictionary<string, string>

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll Dictionary<string, string>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

VpcEndpointType string

The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

VpcId string

The ID of the VPC in which the endpoint will be used.

Arn string

The Amazon Resource Name (ARN) of the VPC endpoint.

AutoAccept bool

Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).

CidrBlocks []string

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

DnsEntries []VpcEndpointDnsEntryArgs

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

DnsOptions VpcEndpointDnsOptionsArgs

The DNS options for the endpoint. See dns_options below.

IpAddressType string

The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.

NetworkInterfaceIds []string

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

OwnerId string

The ID of the AWS account that owns the VPC endpoint.

Policy string

PrefixListId string

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

PrivateDnsEnabled bool

RequesterManaged bool

Whether or not the VPC Endpoint is being managed by its service - true or false.

RouteTableIds []string

One or more route table IDs. Applicable for endpoints of type Gateway.

SecurityGroupIds []string

ServiceName string

State string

The state of the VPC endpoint.

SubnetIds []string

Tags map[string]string

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

TagsAll map[string]string

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

VpcEndpointType string

The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

VpcId string

The ID of the VPC in which the endpoint will be used.

arn String

The Amazon Resource Name (ARN) of the VPC endpoint.

autoAccept Boolean

Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).

cidrBlocks List<String>

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

dnsEntries List<VpcEndpointDnsEntry>

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

dnsOptions VpcEndpointDnsOptions

The DNS options for the endpoint. See dns_options below.

ipAddressType String

The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.

networkInterfaceIds List<String>

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

ownerId String

The ID of the AWS account that owns the VPC endpoint.

policy String

prefixListId String

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

privateDnsEnabled Boolean

requesterManaged Boolean

Whether or not the VPC Endpoint is being managed by its service - true or false.

routeTableIds List<String>

One or more route table IDs. Applicable for endpoints of type Gateway.

securityGroupIds List<String>

serviceName String

state String

The state of the VPC endpoint.

subnetIds List<String>

tags Map<String,String>

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String,String>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

vpcEndpointType String

The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

vpcId String

The ID of the VPC in which the endpoint will be used.

arn string

The Amazon Resource Name (ARN) of the VPC endpoint.

autoAccept boolean

Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).

cidrBlocks string[]

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

dnsEntries VpcEndpointDnsEntry[]

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

dnsOptions VpcEndpointDnsOptions

The DNS options for the endpoint. See dns_options below.

ipAddressType string

The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.

networkInterfaceIds string[]

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

ownerId string

The ID of the AWS account that owns the VPC endpoint.

policy string

prefixListId string

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

privateDnsEnabled boolean

requesterManaged boolean

Whether or not the VPC Endpoint is being managed by its service - true or false.

routeTableIds string[]

One or more route table IDs. Applicable for endpoints of type Gateway.

securityGroupIds string[]

serviceName string

state string

The state of the VPC endpoint.

subnetIds string[]

tags {[key: string]: string}

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll {[key: string]: string}

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

vpcEndpointType string

The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

vpcId string

The ID of the VPC in which the endpoint will be used.

arn str

The Amazon Resource Name (ARN) of the VPC endpoint.

auto_accept bool

Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).

cidr_blocks Sequence[str]

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

dns_entries Sequence[VpcEndpointDnsEntryArgs]

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

dns_options VpcEndpointDnsOptionsArgs

The DNS options for the endpoint. See dns_options below.

ip_address_type str

The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.

network_interface_ids Sequence[str]

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

owner_id str

The ID of the AWS account that owns the VPC endpoint.

policy str

prefix_list_id str

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

private_dns_enabled bool

requester_managed bool

Whether or not the VPC Endpoint is being managed by its service - true or false.

route_table_ids Sequence[str]

One or more route table IDs. Applicable for endpoints of type Gateway.

security_group_ids Sequence[str]

service_name str

state str

The state of the VPC endpoint.

subnet_ids Sequence[str]

tags Mapping[str, str]

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tags_all Mapping[str, str]

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

vpc_endpoint_type str

The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

vpc_id str

The ID of the VPC in which the endpoint will be used.

arn String

The Amazon Resource Name (ARN) of the VPC endpoint.

autoAccept Boolean

Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).

cidrBlocks List<String>

The list of CIDR blocks for the exposed AWS service. Applicable for endpoints of type Gateway.

dnsEntries List<Property Map>

The DNS entries for the VPC Endpoint. Applicable for endpoints of type Interface. DNS blocks are documented below.

dnsOptions Property Map

The DNS options for the endpoint. See dns_options below.

ipAddressType String

The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.

networkInterfaceIds List<String>

One or more network interfaces for the VPC Endpoint. Applicable for endpoints of type Interface.

ownerId String

The ID of the AWS account that owns the VPC endpoint.

policy String

prefixListId String

The prefix list ID of the exposed AWS service. Applicable for endpoints of type Gateway.

privateDnsEnabled Boolean

requesterManaged Boolean

Whether or not the VPC Endpoint is being managed by its service - true or false.

routeTableIds List<String>

One or more route table IDs. Applicable for endpoints of type Gateway.

securityGroupIds List<String>

serviceName String

state String

The state of the VPC endpoint.

subnetIds List<String>

tags Map<String>

A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.

tagsAll Map<String>

A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

Deprecated:

Please use tags instead.

vpcEndpointType String

The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

vpcId String

The ID of the VPC in which the endpoint will be used.

Supporting Types

VpcEndpointDnsEntry, VpcEndpointDnsEntryArgs

DnsName string: The DNS name.
HostedZoneId string: The ID of the private hosted zone.

DnsName string: The DNS name.
HostedZoneId string: The ID of the private hosted zone.

dnsName String: The DNS name.
hostedZoneId String: The ID of the private hosted zone.

dnsName string: The DNS name.
hostedZoneId string: The ID of the private hosted zone.

dns_name str: The DNS name.
hosted_zone_id str: The ID of the private hosted zone.

dnsName String: The DNS name.
hostedZoneId String: The ID of the private hosted zone.

VpcEndpointDnsOptions, VpcEndpointDnsOptionsArgs

DnsRecordIpType string: The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
PrivateDnsOnlyForInboundResolverEndpoint bool: Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.

DnsRecordIpType string: The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
PrivateDnsOnlyForInboundResolverEndpoint bool: Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.

dnsRecordIpType String: The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
privateDnsOnlyForInboundResolverEndpoint Boolean: Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.

dnsRecordIpType string: The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
privateDnsOnlyForInboundResolverEndpoint boolean: Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.

dns_record_ip_type str: The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
private_dns_only_for_inbound_resolver_endpoint bool: Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.

dnsRecordIpType String: The DNS records created for the endpoint. Valid values are ipv4, dualstack, service-defined, and ipv6.
privateDnsOnlyForInboundResolverEndpoint Boolean: Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. Default is false. Can only be specified if private_dns_enabled is true.

Import

Using pulumi import, import VPC Endpoints using the VPC endpoint id. For example:

 $ pulumi import aws:ec2/vpcEndpoint:VpcEndpoint endpoint1 vpce-3ecf2a57

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

Try AWS Native preview for resources not in the classic version.

AWS Classic v6.12.0 published on Wednesday, Nov 29, 2023 by Pulumi

pulumi/pulumi-aws

aws.ec2.VpcEndpoint

On this page

On this page

Example Usage

Basic

Basic w/ Tags

Interface Endpoint Type

Gateway Load Balancer Endpoint Type

Create VpcEndpoint Resource

VpcEndpoint Resource Properties

Inputs

Outputs

Look up Existing VpcEndpoint Resource

Supporting Types

VpcEndpointDnsEntry, VpcEndpointDnsEntryArgs

VpcEndpointDnsOptions, VpcEndpointDnsOptionsArgs

Import

Package Details

On this page

On this page