Docs Home
AWS v7.2.0 published on Thursday, Jul 31, 2025 by Pulumi
aws.lightsail.InstancePublicPorts
Explore with Pulumi AI
Manages public ports for a Lightsail instance. Use this resource to open ports for a specific Amazon Lightsail instance and specify the IP addresses allowed to connect to the instance through the ports and the protocol.
See What is Amazon Lightsail? for more information.
Note: Lightsail is currently only supported in a limited number of AWS Regions, please see “Regions and Availability Zones in Amazon Lightsail” for more details.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const available = aws.getAvailabilityZones({
state: "available",
filters: [{
name: "opt-in-status",
values: ["opt-in-not-required"],
}],
});
const example = new aws.lightsail.Instance("example", {
name: "example-instance",
availabilityZone: available.then(available => available.names?.[0]),
blueprintId: "amazon_linux_2",
bundleId: "nano_3_0",
});
const exampleInstancePublicPorts = new aws.lightsail.InstancePublicPorts("example", {
instanceName: example.name,
portInfos: [
{
protocol: "tcp",
fromPort: 80,
toPort: 80,
},
{
protocol: "tcp",
fromPort: 443,
toPort: 443,
cidrs: ["192.168.1.0/24"],
},
],
});
import pulumi
import pulumi_aws as aws
available = aws.get_availability_zones(state="available",
filters=[{
"name": "opt-in-status",
"values": ["opt-in-not-required"],
}])
example = aws.lightsail.Instance("example",
name="example-instance",
availability_zone=available.names[0],
blueprint_id="amazon_linux_2",
bundle_id="nano_3_0")
example_instance_public_ports = aws.lightsail.InstancePublicPorts("example",
instance_name=example.name,
port_infos=[
{
"protocol": "tcp",
"from_port": 80,
"to_port": 80,
},
{
"protocol": "tcp",
"from_port": 443,
"to_port": 443,
"cidrs": ["192.168.1.0/24"],
},
])
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws"
"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/lightsail"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
available, err := aws.GetAvailabilityZones(ctx, &aws.GetAvailabilityZonesArgs{
State: pulumi.StringRef("available"),
Filters: []aws.GetAvailabilityZonesFilter{
{
Name: "opt-in-status",
Values: []string{
"opt-in-not-required",
},
},
},
}, nil)
if err != nil {
return err
}
example, err := lightsail.NewInstance(ctx, "example", &lightsail.InstanceArgs{
Name: pulumi.String("example-instance"),
AvailabilityZone: pulumi.String(available.Names[0]),
BlueprintId: pulumi.String("amazon_linux_2"),
BundleId: pulumi.String("nano_3_0"),
})
if err != nil {
return err
}
_, err = lightsail.NewInstancePublicPorts(ctx, "example", &lightsail.InstancePublicPortsArgs{
InstanceName: example.Name,
PortInfos: lightsail.InstancePublicPortsPortInfoArray{
&lightsail.InstancePublicPortsPortInfoArgs{
Protocol: pulumi.String("tcp"),
FromPort: pulumi.Int(80),
ToPort: pulumi.Int(80),
},
&lightsail.InstancePublicPortsPortInfoArgs{
Protocol: pulumi.String("tcp"),
FromPort: pulumi.Int(443),
ToPort: pulumi.Int(443),
Cidrs: pulumi.StringArray{
pulumi.String("192.168.1.0/24"),
},
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var available = Aws.GetAvailabilityZones.Invoke(new()
{
State = "available",
Filters = new[]
{
new Aws.Inputs.GetAvailabilityZonesFilterInputArgs
{
Name = "opt-in-status",
Values = new[]
{
"opt-in-not-required",
},
},
},
});
var example = new Aws.LightSail.Instance("example", new()
{
Name = "example-instance",
AvailabilityZone = available.Apply(getAvailabilityZonesResult => getAvailabilityZonesResult.Names[0]),
BlueprintId = "amazon_linux_2",
BundleId = "nano_3_0",
});
var exampleInstancePublicPorts = new Aws.LightSail.InstancePublicPorts("example", new()
{
InstanceName = example.Name,
PortInfos = new[]
{
new Aws.LightSail.Inputs.InstancePublicPortsPortInfoArgs
{
Protocol = "tcp",
FromPort = 80,
ToPort = 80,
},
new Aws.LightSail.Inputs.InstancePublicPortsPortInfoArgs
{
Protocol = "tcp",
FromPort = 443,
ToPort = 443,
Cidrs = new[]
{
"192.168.1.0/24",
},
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.AwsFunctions;
import com.pulumi.aws.inputs.GetAvailabilityZonesArgs;
import com.pulumi.aws.lightsail.Instance;
import com.pulumi.aws.lightsail.InstanceArgs;
import com.pulumi.aws.lightsail.InstancePublicPorts;
import com.pulumi.aws.lightsail.InstancePublicPortsArgs;
import com.pulumi.aws.lightsail.inputs.InstancePublicPortsPortInfoArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var available = AwsFunctions.getAvailabilityZones(GetAvailabilityZonesArgs.builder()
.state("available")
.filters(GetAvailabilityZonesFilterArgs.builder()
.name("opt-in-status")
.values("opt-in-not-required")
.build())
.build());
var example = new Instance("example", InstanceArgs.builder()
.name("example-instance")
.availabilityZone(available.names()[0])
.blueprintId("amazon_linux_2")
.bundleId("nano_3_0")
.build());
var exampleInstancePublicPorts = new InstancePublicPorts("exampleInstancePublicPorts", InstancePublicPortsArgs.builder()
.instanceName(example.name())
.portInfos(
InstancePublicPortsPortInfoArgs.builder()
.protocol("tcp")
.fromPort(80)
.toPort(80)
.build(),
InstancePublicPortsPortInfoArgs.builder()
.protocol("tcp")
.fromPort(443)
.toPort(443)
.cidrs("192.168.1.0/24")
.build())
.build());
}
}
resources:
example:
type: aws:lightsail:Instance
properties:
name: example-instance
availabilityZone: ${available.names[0]}
blueprintId: amazon_linux_2
bundleId: nano_3_0
exampleInstancePublicPorts:
type: aws:lightsail:InstancePublicPorts
name: example
properties:
instanceName: ${example.name}
portInfos:
- protocol: tcp
fromPort: 80
toPort: 80
- protocol: tcp
fromPort: 443
toPort: 443
cidrs:
- 192.168.1.0/24
variables:
available:
fn::invoke:
function: aws:getAvailabilityZones
arguments:
state: available
filters:
- name: opt-in-status
values:
- opt-in-not-required
Create InstancePublicPorts Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new InstancePublicPorts(name: string, args: InstancePublicPortsArgs, opts?: CustomResourceOptions);@overload
def InstancePublicPorts(resource_name: str,
args: InstancePublicPortsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def InstancePublicPorts(resource_name: str,
opts: Optional[ResourceOptions] = None,
instance_name: Optional[str] = None,
port_infos: Optional[Sequence[InstancePublicPortsPortInfoArgs]] = None,
region: Optional[str] = None)func NewInstancePublicPorts(ctx *Context, name string, args InstancePublicPortsArgs, opts ...ResourceOption) (*InstancePublicPorts, error)public InstancePublicPorts(string name, InstancePublicPortsArgs args, CustomResourceOptions? opts = null)
public InstancePublicPorts(String name, InstancePublicPortsArgs args)
public InstancePublicPorts(String name, InstancePublicPortsArgs args, CustomResourceOptions options)
type: aws:lightsail:InstancePublicPorts
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args InstancePublicPortsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args InstancePublicPortsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args InstancePublicPortsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args InstancePublicPortsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args InstancePublicPortsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var instancePublicPortsResource = new Aws.LightSail.InstancePublicPorts("instancePublicPortsResource", new()
{
InstanceName = "string",
PortInfos = new[]
{
new Aws.LightSail.Inputs.InstancePublicPortsPortInfoArgs
{
FromPort = 0,
Protocol = "string",
ToPort = 0,
CidrListAliases = new[]
{
"string",
},
Cidrs = new[]
{
"string",
},
Ipv6Cidrs = new[]
{
"string",
},
},
},
Region = "string",
});
example, err := lightsail.NewInstancePublicPorts(ctx, "instancePublicPortsResource", &lightsail.InstancePublicPortsArgs{
InstanceName: pulumi.String("string"),
PortInfos: lightsail.InstancePublicPortsPortInfoArray{
&lightsail.InstancePublicPortsPortInfoArgs{
FromPort: pulumi.Int(0),
Protocol: pulumi.String("string"),
ToPort: pulumi.Int(0),
CidrListAliases: pulumi.StringArray{
pulumi.String("string"),
},
Cidrs: pulumi.StringArray{
pulumi.String("string"),
},
Ipv6Cidrs: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Region: pulumi.String("string"),
})
var instancePublicPortsResource = new InstancePublicPorts("instancePublicPortsResource", InstancePublicPortsArgs.builder()
.instanceName("string")
.portInfos(InstancePublicPortsPortInfoArgs.builder()
.fromPort(0)
.protocol("string")
.toPort(0)
.cidrListAliases("string")
.cidrs("string")
.ipv6Cidrs("string")
.build())
.region("string")
.build());
instance_public_ports_resource = aws.lightsail.InstancePublicPorts("instancePublicPortsResource",
instance_name="string",
port_infos=[{
"from_port": 0,
"protocol": "string",
"to_port": 0,
"cidr_list_aliases": ["string"],
"cidrs": ["string"],
"ipv6_cidrs": ["string"],
}],
region="string")
const instancePublicPortsResource = new aws.lightsail.InstancePublicPorts("instancePublicPortsResource", {
instanceName: "string",
portInfos: [{
fromPort: 0,
protocol: "string",
toPort: 0,
cidrListAliases: ["string"],
cidrs: ["string"],
ipv6Cidrs: ["string"],
}],
region: "string",
});
type: aws:lightsail:InstancePublicPorts
properties:
instanceName: string
portInfos:
- cidrListAliases:
- string
cidrs:
- string
fromPort: 0
ipv6Cidrs:
- string
protocol: string
toPort: 0
region: string
InstancePublicPorts Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The InstancePublicPorts resource accepts the following input properties:
- Instance
Name string - Name of the instance for which to open ports.
- Port
Infos List<InstancePublic Ports Port Info> Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Instance
Name string - Name of the instance for which to open ports.
- Port
Infos []InstancePublic Ports Port Info Args Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- instance
Name String - Name of the instance for which to open ports.
- port
Infos List<InstancePublic Ports Port Info> Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- instance
Name string - Name of the instance for which to open ports.
- port
Infos InstancePublic Ports Port Info[] Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- instance_
name str - Name of the instance for which to open ports.
- port_
infos Sequence[InstancePublic Ports Port Info Args] Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- region str
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- instance
Name String - Name of the instance for which to open ports.
- port
Infos List<Property Map> Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
Outputs
All input properties are implicitly available as output properties. Additionally, the InstancePublicPorts resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing InstancePublicPorts Resource
Get an existing InstancePublicPorts resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: InstancePublicPortsState, opts?: CustomResourceOptions): InstancePublicPorts@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
instance_name: Optional[str] = None,
port_infos: Optional[Sequence[InstancePublicPortsPortInfoArgs]] = None,
region: Optional[str] = None) -> InstancePublicPortsfunc GetInstancePublicPorts(ctx *Context, name string, id IDInput, state *InstancePublicPortsState, opts ...ResourceOption) (*InstancePublicPorts, error)public static InstancePublicPorts Get(string name, Input<string> id, InstancePublicPortsState? state, CustomResourceOptions? opts = null)public static InstancePublicPorts get(String name, Output<String> id, InstancePublicPortsState state, CustomResourceOptions options)resources: _: type: aws:lightsail:InstancePublicPorts get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Instance
Name string - Name of the instance for which to open ports.
- Port
Infos List<InstancePublic Ports Port Info> Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- Instance
Name string - Name of the instance for which to open ports.
- Port
Infos []InstancePublic Ports Port Info Args Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- Region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- instance
Name String - Name of the instance for which to open ports.
- port
Infos List<InstancePublic Ports Port Info> Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- instance
Name string - Name of the instance for which to open ports.
- port
Infos InstancePublic Ports Port Info[] Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- region string
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- instance_
name str - Name of the instance for which to open ports.
- port_
infos Sequence[InstancePublic Ports Port Info Args] Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- region str
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
- instance
Name String - Name of the instance for which to open ports.
- port
Infos List<Property Map> Descriptor of the ports to open for the specified instance. AWS closes all currently open ports that are not included in this argument. See
port_infoBlock for details.The following arguments are optional:
- region String
- Region where this resource will be managed. Defaults to the Region set in the provider configuration.
Supporting Types
InstancePublicPortsPortInfo, InstancePublicPortsPortInfoArgs
- From
Port int - First port in a range of open ports on an instance. See PortInfo for details.
- Protocol string
- IP protocol name. Valid values:
tcp,all,udp,icmp,icmpv6. See PortInfo for details. - To
Port int - Last port in a range of open ports on an instance. See PortInfo for details.
- Cidr
List List<string>Aliases - Set of CIDR aliases that define access for a preconfigured range of IP addresses.
- Cidrs List<string>
- Set of IPv4 addresses or ranges of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- Ipv6Cidrs List<string>
- Set of IPv6 addresses or ranges of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- From
Port int - First port in a range of open ports on an instance. See PortInfo for details.
- Protocol string
- IP protocol name. Valid values:
tcp,all,udp,icmp,icmpv6. See PortInfo for details. - To
Port int - Last port in a range of open ports on an instance. See PortInfo for details.
- Cidr
List []stringAliases - Set of CIDR aliases that define access for a preconfigured range of IP addresses.
- Cidrs []string
- Set of IPv4 addresses or ranges of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- Ipv6Cidrs []string
- Set of IPv6 addresses or ranges of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- from
Port Integer - First port in a range of open ports on an instance. See PortInfo for details.
- protocol String
- IP protocol name. Valid values:
tcp,all,udp,icmp,icmpv6. See PortInfo for details. - to
Port Integer - Last port in a range of open ports on an instance. See PortInfo for details.
- cidr
List List<String>Aliases - Set of CIDR aliases that define access for a preconfigured range of IP addresses.
- cidrs List<String>
- Set of IPv4 addresses or ranges of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- ipv6Cidrs List<String>
- Set of IPv6 addresses or ranges of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- from
Port number - First port in a range of open ports on an instance. See PortInfo for details.
- protocol string
- IP protocol name. Valid values:
tcp,all,udp,icmp,icmpv6. See PortInfo for details. - to
Port number - Last port in a range of open ports on an instance. See PortInfo for details.
- cidr
List string[]Aliases - Set of CIDR aliases that define access for a preconfigured range of IP addresses.
- cidrs string[]
- Set of IPv4 addresses or ranges of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- ipv6Cidrs string[]
- Set of IPv6 addresses or ranges of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- from_
port int - First port in a range of open ports on an instance. See PortInfo for details.
- protocol str
- IP protocol name. Valid values:
tcp,all,udp,icmp,icmpv6. See PortInfo for details. - to_
port int - Last port in a range of open ports on an instance. See PortInfo for details.
- cidr_
list_ Sequence[str]aliases - Set of CIDR aliases that define access for a preconfigured range of IP addresses.
- cidrs Sequence[str]
- Set of IPv4 addresses or ranges of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- ipv6_
cidrs Sequence[str] - Set of IPv6 addresses or ranges of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- from
Port Number - First port in a range of open ports on an instance. See PortInfo for details.
- protocol String
- IP protocol name. Valid values:
tcp,all,udp,icmp,icmpv6. See PortInfo for details. - to
Port Number - Last port in a range of open ports on an instance. See PortInfo for details.
- cidr
List List<String>Aliases - Set of CIDR aliases that define access for a preconfigured range of IP addresses.
- cidrs List<String>
- Set of IPv4 addresses or ranges of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
- ipv6Cidrs List<String>
- Set of IPv6 addresses or ranges of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.