AWS v7.7.0, Sep 5 25

AWS v7.7.0 published on Friday, Sep 5, 2025 by Pulumi

aws.networkfirewall.VpcEndpointAssociation

Explore with Pulumi AI

AWS v7.7.0 published on Friday, Sep 5, 2025 by Pulumi

pulumi/pulumi-aws

Example Usage

Basic Usage

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.networkfirewall.VpcEndpointAssociation("example", {
    firewallArn: exampleAwsNetworkfirewallFirewall.arn,
    vpcId: exampleAwsVpc.id,
    subnetMapping: {
        subnetId: exampleTwo.id,
    },
    tags: {
        Name: "example endpoint",
    },
});

import pulumi
import pulumi_aws as aws

example = aws.networkfirewall.VpcEndpointAssociation("example",
    firewall_arn=example_aws_networkfirewall_firewall["arn"],
    vpc_id=example_aws_vpc["id"],
    subnet_mapping={
        "subnet_id": example_two["id"],
    },
    tags={
        "Name": "example endpoint",
    })

package main

import (
	"github.com/pulumi/pulumi-aws/sdk/v7/go/aws/networkfirewall"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := networkfirewall.NewVpcEndpointAssociation(ctx, "example", &networkfirewall.VpcEndpointAssociationArgs{
			FirewallArn: pulumi.Any(exampleAwsNetworkfirewallFirewall.Arn),
			VpcId:       pulumi.Any(exampleAwsVpc.Id),
			SubnetMapping: &networkfirewall.VpcEndpointAssociationSubnetMappingArgs{
				SubnetId: pulumi.Any(exampleTwo.Id),
			},
			Tags: pulumi.StringMap{
				"Name": pulumi.String("example endpoint"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;

return await Deployment.RunAsync(() => 
{
    var example = new Aws.NetworkFirewall.VpcEndpointAssociation("example", new()
    {
        FirewallArn = exampleAwsNetworkfirewallFirewall.Arn,
        VpcId = exampleAwsVpc.Id,
        SubnetMapping = new Aws.NetworkFirewall.Inputs.VpcEndpointAssociationSubnetMappingArgs
        {
            SubnetId = exampleTwo.Id,
        },
        Tags = 
        {
            { "Name", "example endpoint" },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.networkfirewall.VpcEndpointAssociation;
import com.pulumi.aws.networkfirewall.VpcEndpointAssociationArgs;
import com.pulumi.aws.networkfirewall.inputs.VpcEndpointAssociationSubnetMappingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var example = new VpcEndpointAssociation("example", VpcEndpointAssociationArgs.builder()
            .firewallArn(exampleAwsNetworkfirewallFirewall.arn())
            .vpcId(exampleAwsVpc.id())
            .subnetMapping(VpcEndpointAssociationSubnetMappingArgs.builder()
                .subnetId(exampleTwo.id())
                .build())
            .tags(Map.of("Name", "example endpoint"))
            .build());

    }
}

resources:
  example:
    type: aws:networkfirewall:VpcEndpointAssociation
    properties:
      firewallArn: ${exampleAwsNetworkfirewallFirewall.arn}
      vpcId: ${exampleAwsVpc.id}
      subnetMapping:
        subnetId: ${exampleTwo.id}
      tags:
        Name: example endpoint

Create VpcEndpointAssociation Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new VpcEndpointAssociation(name: string, args: VpcEndpointAssociationArgs, opts?: CustomResourceOptions);

@overload
def VpcEndpointAssociation(resource_name: str,
                           args: VpcEndpointAssociationArgs,
                           opts: Optional[ResourceOptions] = None)

@overload
def VpcEndpointAssociation(resource_name: str,
                           opts: Optional[ResourceOptions] = None,
                           firewall_arn: Optional[str] = None,
                           vpc_id: Optional[str] = None,
                           description: Optional[str] = None,
                           region: Optional[str] = None,
                           subnet_mapping: Optional[VpcEndpointAssociationSubnetMappingArgs] = None,
                           tags: Optional[Mapping[str, str]] = None,
                           timeouts: Optional[VpcEndpointAssociationTimeoutsArgs] = None)

func NewVpcEndpointAssociation(ctx *Context, name string, args VpcEndpointAssociationArgs, opts ...ResourceOption) (*VpcEndpointAssociation, error)

public VpcEndpointAssociation(string name, VpcEndpointAssociationArgs args, CustomResourceOptions? opts = null)

public VpcEndpointAssociation(String name, VpcEndpointAssociationArgs args)
public VpcEndpointAssociation(String name, VpcEndpointAssociationArgs args, CustomResourceOptions options)

type: aws:networkfirewall:VpcEndpointAssociation
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args VpcEndpointAssociationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args VpcEndpointAssociationArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VpcEndpointAssociationArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VpcEndpointAssociationArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args VpcEndpointAssociationArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var vpcEndpointAssociationResource = new Aws.NetworkFirewall.VpcEndpointAssociation("vpcEndpointAssociationResource", new()
{
    FirewallArn = "string",
    VpcId = "string",
    Description = "string",
    Region = "string",
    SubnetMapping = new Aws.NetworkFirewall.Inputs.VpcEndpointAssociationSubnetMappingArgs
    {
        SubnetId = "string",
        IpAddressType = "string",
    },
    Tags = 
    {
        { "string", "string" },
    },
    Timeouts = new Aws.NetworkFirewall.Inputs.VpcEndpointAssociationTimeoutsArgs
    {
        Create = "string",
        Delete = "string",
    },
});

example, err := networkfirewall.NewVpcEndpointAssociation(ctx, "vpcEndpointAssociationResource", &networkfirewall.VpcEndpointAssociationArgs{
	FirewallArn: pulumi.String("string"),
	VpcId:       pulumi.String("string"),
	Description: pulumi.String("string"),
	Region:      pulumi.String("string"),
	SubnetMapping: &networkfirewall.VpcEndpointAssociationSubnetMappingArgs{
		SubnetId:      pulumi.String("string"),
		IpAddressType: pulumi.String("string"),
	},
	Tags: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	Timeouts: &networkfirewall.VpcEndpointAssociationTimeoutsArgs{
		Create: pulumi.String("string"),
		Delete: pulumi.String("string"),
	},
})

var vpcEndpointAssociationResource = new VpcEndpointAssociation("vpcEndpointAssociationResource", VpcEndpointAssociationArgs.builder()
    .firewallArn("string")
    .vpcId("string")
    .description("string")
    .region("string")
    .subnetMapping(VpcEndpointAssociationSubnetMappingArgs.builder()
        .subnetId("string")
        .ipAddressType("string")
        .build())
    .tags(Map.of("string", "string"))
    .timeouts(VpcEndpointAssociationTimeoutsArgs.builder()
        .create("string")
        .delete("string")
        .build())
    .build());

vpc_endpoint_association_resource = aws.networkfirewall.VpcEndpointAssociation("vpcEndpointAssociationResource",
    firewall_arn="string",
    vpc_id="string",
    description="string",
    region="string",
    subnet_mapping={
        "subnet_id": "string",
        "ip_address_type": "string",
    },
    tags={
        "string": "string",
    },
    timeouts={
        "create": "string",
        "delete": "string",
    })

const vpcEndpointAssociationResource = new aws.networkfirewall.VpcEndpointAssociation("vpcEndpointAssociationResource", {
    firewallArn: "string",
    vpcId: "string",
    description: "string",
    region: "string",
    subnetMapping: {
        subnetId: "string",
        ipAddressType: "string",
    },
    tags: {
        string: "string",
    },
    timeouts: {
        create: "string",
        "delete": "string",
    },
});

type: aws:networkfirewall:VpcEndpointAssociation
properties:
    description: string
    firewallArn: string
    region: string
    subnetMapping:
        ipAddressType: string
        subnetId: string
    tags:
        string: string
    timeouts:
        create: string
        delete: string
    vpcId: string

VpcEndpointAssociation Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The VpcEndpointAssociation resource accepts the following input properties:

FirewallArn string: The Amazon Resource Name (ARN) that identifies the firewall.
VpcId string: The unique identifier of the VPC for the endpoint association.
Description string: A description of the VPC endpoint association.
Region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
SubnetMapping VpcEndpointAssociationSubnetMapping: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
Tags Dictionary<string, string>: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
Timeouts VpcEndpointAssociationTimeouts

FirewallArn string: The Amazon Resource Name (ARN) that identifies the firewall.
VpcId string: The unique identifier of the VPC for the endpoint association.
Description string: A description of the VPC endpoint association.
Region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
SubnetMapping VpcEndpointAssociationSubnetMappingArgs: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
Tags map[string]string: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
Timeouts VpcEndpointAssociationTimeoutsArgs

firewallArn String: The Amazon Resource Name (ARN) that identifies the firewall.
vpcId String: The unique identifier of the VPC for the endpoint association.
description String: A description of the VPC endpoint association.
region String: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
subnetMapping VpcEndpointAssociationSubnetMapping: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
tags Map<String,String>: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
timeouts VpcEndpointAssociationTimeouts

firewallArn string: The Amazon Resource Name (ARN) that identifies the firewall.
vpcId string: The unique identifier of the VPC for the endpoint association.
description string: A description of the VPC endpoint association.
region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
subnetMapping VpcEndpointAssociationSubnetMapping: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
tags {[key: string]: string}: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
timeouts VpcEndpointAssociationTimeouts

firewall_arn str: The Amazon Resource Name (ARN) that identifies the firewall.
vpc_id str: The unique identifier of the VPC for the endpoint association.
description str: A description of the VPC endpoint association.
region str: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
subnet_mapping VpcEndpointAssociationSubnetMappingArgs: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
tags Mapping[str, str]: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
timeouts VpcEndpointAssociationTimeoutsArgs

firewallArn String: The Amazon Resource Name (ARN) that identifies the firewall.
vpcId String: The unique identifier of the VPC for the endpoint association.
description String: A description of the VPC endpoint association.
region String: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
subnetMapping Property Map: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
tags Map<String>: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
timeouts Property Map

Outputs

All input properties are implicitly available as output properties. Additionally, the VpcEndpointAssociation resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.
TagsAll Dictionary<string, string>: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
VpcEndpointAssociationArn string: ARN of the VPC Endpoint Association.
VpcEndpointAssociationId string: The unique identifier of the VPC endpoint association.
VpcEndpointAssociationStatuses List<VpcEndpointAssociationVpcEndpointAssociationStatus>: Nested list of information about the current status of the VPC Endpoint Association.

Id string: The provider-assigned unique ID for this managed resource.
TagsAll map[string]string: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
VpcEndpointAssociationArn string: ARN of the VPC Endpoint Association.
VpcEndpointAssociationId string: The unique identifier of the VPC endpoint association.
VpcEndpointAssociationStatuses []VpcEndpointAssociationVpcEndpointAssociationStatus: Nested list of information about the current status of the VPC Endpoint Association.

id String: The provider-assigned unique ID for this managed resource.
tagsAll Map<String,String>: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
vpcEndpointAssociationArn String: ARN of the VPC Endpoint Association.
vpcEndpointAssociationId String: The unique identifier of the VPC endpoint association.
vpcEndpointAssociationStatuses List<VpcEndpointAssociationVpcEndpointAssociationStatus>: Nested list of information about the current status of the VPC Endpoint Association.

id string: The provider-assigned unique ID for this managed resource.
tagsAll {[key: string]: string}: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
vpcEndpointAssociationArn string: ARN of the VPC Endpoint Association.
vpcEndpointAssociationId string: The unique identifier of the VPC endpoint association.
vpcEndpointAssociationStatuses VpcEndpointAssociationVpcEndpointAssociationStatus[]: Nested list of information about the current status of the VPC Endpoint Association.

id str: The provider-assigned unique ID for this managed resource.
tags_all Mapping[str, str]: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
vpc_endpoint_association_arn str: ARN of the VPC Endpoint Association.
vpc_endpoint_association_id str: The unique identifier of the VPC endpoint association.
vpc_endpoint_association_statuses Sequence[VpcEndpointAssociationVpcEndpointAssociationStatus]: Nested list of information about the current status of the VPC Endpoint Association.

id String: The provider-assigned unique ID for this managed resource.
tagsAll Map<String>: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
vpcEndpointAssociationArn String: ARN of the VPC Endpoint Association.
vpcEndpointAssociationId String: The unique identifier of the VPC endpoint association.
vpcEndpointAssociationStatuses List<Property Map>: Nested list of information about the current status of the VPC Endpoint Association.

Look up Existing VpcEndpointAssociation Resource

Get an existing VpcEndpointAssociation resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: VpcEndpointAssociationState, opts?: CustomResourceOptions): VpcEndpointAssociation

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        firewall_arn: Optional[str] = None,
        region: Optional[str] = None,
        subnet_mapping: Optional[VpcEndpointAssociationSubnetMappingArgs] = None,
        tags: Optional[Mapping[str, str]] = None,
        tags_all: Optional[Mapping[str, str]] = None,
        timeouts: Optional[VpcEndpointAssociationTimeoutsArgs] = None,
        vpc_endpoint_association_arn: Optional[str] = None,
        vpc_endpoint_association_id: Optional[str] = None,
        vpc_endpoint_association_statuses: Optional[Sequence[VpcEndpointAssociationVpcEndpointAssociationStatusArgs]] = None,
        vpc_id: Optional[str] = None) -> VpcEndpointAssociation

func GetVpcEndpointAssociation(ctx *Context, name string, id IDInput, state *VpcEndpointAssociationState, opts ...ResourceOption) (*VpcEndpointAssociation, error)

public static VpcEndpointAssociation Get(string name, Input<string> id, VpcEndpointAssociationState? state, CustomResourceOptions? opts = null)

public static VpcEndpointAssociation get(String name, Output<String> id, VpcEndpointAssociationState state, CustomResourceOptions options)

resources:  _:    type: aws:networkfirewall:VpcEndpointAssociation    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

Description string: A description of the VPC endpoint association.
FirewallArn string: The Amazon Resource Name (ARN) that identifies the firewall.
Region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
SubnetMapping VpcEndpointAssociationSubnetMapping: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
Tags Dictionary<string, string>: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
TagsAll Dictionary<string, string>: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
Timeouts VpcEndpointAssociationTimeouts
VpcEndpointAssociationArn string: ARN of the VPC Endpoint Association.
VpcEndpointAssociationId string: The unique identifier of the VPC endpoint association.
VpcEndpointAssociationStatuses List<VpcEndpointAssociationVpcEndpointAssociationStatus>: Nested list of information about the current status of the VPC Endpoint Association.
VpcId string: The unique identifier of the VPC for the endpoint association.

Description string: A description of the VPC endpoint association.
FirewallArn string: The Amazon Resource Name (ARN) that identifies the firewall.
Region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
SubnetMapping VpcEndpointAssociationSubnetMappingArgs: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
Tags map[string]string: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
TagsAll map[string]string: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
Timeouts VpcEndpointAssociationTimeoutsArgs
VpcEndpointAssociationArn string: ARN of the VPC Endpoint Association.
VpcEndpointAssociationId string: The unique identifier of the VPC endpoint association.
VpcEndpointAssociationStatuses []VpcEndpointAssociationVpcEndpointAssociationStatusArgs: Nested list of information about the current status of the VPC Endpoint Association.
VpcId string: The unique identifier of the VPC for the endpoint association.

description String: A description of the VPC endpoint association.
firewallArn String: The Amazon Resource Name (ARN) that identifies the firewall.
region String: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
subnetMapping VpcEndpointAssociationSubnetMapping: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
tags Map<String,String>: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
tagsAll Map<String,String>: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
timeouts VpcEndpointAssociationTimeouts
vpcEndpointAssociationArn String: ARN of the VPC Endpoint Association.
vpcEndpointAssociationId String: The unique identifier of the VPC endpoint association.
vpcEndpointAssociationStatuses List<VpcEndpointAssociationVpcEndpointAssociationStatus>: Nested list of information about the current status of the VPC Endpoint Association.
vpcId String: The unique identifier of the VPC for the endpoint association.

description string: A description of the VPC endpoint association.
firewallArn string: The Amazon Resource Name (ARN) that identifies the firewall.
region string: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
subnetMapping VpcEndpointAssociationSubnetMapping: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
tags {[key: string]: string}: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
tagsAll {[key: string]: string}: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
timeouts VpcEndpointAssociationTimeouts
vpcEndpointAssociationArn string: ARN of the VPC Endpoint Association.
vpcEndpointAssociationId string: The unique identifier of the VPC endpoint association.
vpcEndpointAssociationStatuses VpcEndpointAssociationVpcEndpointAssociationStatus[]: Nested list of information about the current status of the VPC Endpoint Association.
vpcId string: The unique identifier of the VPC for the endpoint association.

description str: A description of the VPC endpoint association.
firewall_arn str: The Amazon Resource Name (ARN) that identifies the firewall.
region str: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
subnet_mapping VpcEndpointAssociationSubnetMappingArgs: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
tags Mapping[str, str]: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
tags_all Mapping[str, str]: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
timeouts VpcEndpointAssociationTimeoutsArgs
vpc_endpoint_association_arn str: ARN of the VPC Endpoint Association.
vpc_endpoint_association_id str: The unique identifier of the VPC endpoint association.
vpc_endpoint_association_statuses Sequence[VpcEndpointAssociationVpcEndpointAssociationStatusArgs]: Nested list of information about the current status of the VPC Endpoint Association.
vpc_id str: The unique identifier of the VPC for the endpoint association.

description String: A description of the VPC endpoint association.
firewallArn String: The Amazon Resource Name (ARN) that identifies the firewall.
region String: Region where this resource will be managed. Defaults to the Region set in the provider configuration.
subnetMapping Property Map: The ID for a subnet that's used in an association with a firewall. See Subnet Mapping below for details.
tags Map<String>: Map of resource tags to associate with the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
tagsAll Map<String>: A map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.
timeouts Property Map
vpcEndpointAssociationArn String: ARN of the VPC Endpoint Association.
vpcEndpointAssociationId String: The unique identifier of the VPC endpoint association.
vpcEndpointAssociationStatuses List<Property Map>: Nested list of information about the current status of the VPC Endpoint Association.
vpcId String: The unique identifier of the VPC for the endpoint association.

Supporting Types

VpcEndpointAssociationSubnetMapping, VpcEndpointAssociationSubnetMappingArgs

SubnetId string: The unique identifier for the subnet.
IpAddressType string: The subnet's IP address type. Valid values: "DUALSTACK", "IPV4".

SubnetId string: The unique identifier for the subnet.
IpAddressType string: The subnet's IP address type. Valid values: "DUALSTACK", "IPV4".

subnetId String: The unique identifier for the subnet.
ipAddressType String: The subnet's IP address type. Valid values: "DUALSTACK", "IPV4".

subnetId string: The unique identifier for the subnet.
ipAddressType string: The subnet's IP address type. Valid values: "DUALSTACK", "IPV4".

subnet_id str: The unique identifier for the subnet.
ip_address_type str: The subnet's IP address type. Valid values: "DUALSTACK", "IPV4".

subnetId String: The unique identifier for the subnet.
ipAddressType String: The subnet's IP address type. Valid values: "DUALSTACK", "IPV4".

VpcEndpointAssociationTimeouts, VpcEndpointAssociationTimeoutsArgs

Create string: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
Delete string: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.

Create string: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
Delete string: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.

create String: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
delete String: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.

create string: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
delete string: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.

create str: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
delete str: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.

create String: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
delete String: A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.

VpcEndpointAssociationVpcEndpointAssociationStatus, VpcEndpointAssociationVpcEndpointAssociationStatusArgs

AssociationSyncStates List<VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncState>

AssociationSyncStates []VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncState

associationSyncStates List<VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncState>

associationSyncStates VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncState[]

association_sync_states Sequence[VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncState]

associationSyncStates List<Property Map>

VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncState, VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateArgs

Attachments List<VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachment>: Nested list describing the attachment status of the firewall's VPC Endpoint Association with a single VPC subnet.
AvailabilityZone string: The Availability Zone where the subnet is configured.

Attachments []VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachment: Nested list describing the attachment status of the firewall's VPC Endpoint Association with a single VPC subnet.
AvailabilityZone string: The Availability Zone where the subnet is configured.

attachments List<VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachment>: Nested list describing the attachment status of the firewall's VPC Endpoint Association with a single VPC subnet.
availabilityZone String: The Availability Zone where the subnet is configured.

attachments VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachment[]: Nested list describing the attachment status of the firewall's VPC Endpoint Association with a single VPC subnet.
availabilityZone string: The Availability Zone where the subnet is configured.

attachments Sequence[VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachment]: Nested list describing the attachment status of the firewall's VPC Endpoint Association with a single VPC subnet.
availability_zone str: The Availability Zone where the subnet is configured.

attachments List<Property Map>: Nested list describing the attachment status of the firewall's VPC Endpoint Association with a single VPC subnet.
availabilityZone String: The Availability Zone where the subnet is configured.

VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachment, VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachmentArgs

EndpointId string: The identifier of the VPC endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.
Status string
StatusMessage string
SubnetId string: The unique identifier of the subnet that you've specified to be used for a VPC Endpoint Association endpoint.

EndpointId string: The identifier of the VPC endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.
Status string
StatusMessage string
SubnetId string: The unique identifier of the subnet that you've specified to be used for a VPC Endpoint Association endpoint.

endpointId String: The identifier of the VPC endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.
status String
statusMessage String
subnetId String: The unique identifier of the subnet that you've specified to be used for a VPC Endpoint Association endpoint.

endpointId string: The identifier of the VPC endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.
status string
statusMessage string
subnetId string: The unique identifier of the subnet that you've specified to be used for a VPC Endpoint Association endpoint.

endpoint_id str: The identifier of the VPC endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.
status str
status_message str
subnet_id str: The unique identifier of the subnet that you've specified to be used for a VPC Endpoint Association endpoint.

endpointId String: The identifier of the VPC endpoint that AWS Network Firewall has instantiated in the subnet. You use this to identify the firewall endpoint in the VPC route tables, when you redirect the VPC traffic through the endpoint.
status String
statusMessage String
subnetId String: The unique identifier of the subnet that you've specified to be used for a VPC Endpoint Association endpoint.

Import

Using pulumi import, import Network Firewall VPC Endpoint Association using the vpc_endpoint_association_arn. For example:

$ pulumi import aws:networkfirewall/vpcEndpointAssociation:VpcEndpointAssociation example arn:aws:network-firewall:us-west-1:123456789012:vpc-endpoint-association/example

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: AWS Classic pulumi/pulumi-aws
License: Apache-2.0
Notes: This Pulumi package is based on the aws Terraform Provider.

AWS v7.7.0 published on Friday, Sep 5, 2025 by Pulumi

pulumi/pulumi-aws

aws.networkfirewall.VpcEndpointAssociation

On this page

On this page

Example Usage

Basic Usage

Create VpcEndpointAssociation Resource

Constructor syntax

Parameters

Constructor example

VpcEndpointAssociation Resource Properties

Inputs

Outputs

Look up Existing VpcEndpointAssociation Resource

Supporting Types

VpcEndpointAssociationSubnetMapping, VpcEndpointAssociationSubnetMappingArgs

VpcEndpointAssociationTimeouts, VpcEndpointAssociationTimeoutsArgs

VpcEndpointAssociationVpcEndpointAssociationStatus, VpcEndpointAssociationVpcEndpointAssociationStatusArgs

VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncState, VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateArgs

VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachment, VpcEndpointAssociationVpcEndpointAssociationStatusAssociationSyncStateAttachmentArgs

Import

Package Details

On this page

On this page