AWSx (Pulumi Crosswalk for AWS) v2.3.0, Nov 22 23

AWSx (Pulumi Crosswalk for AWS) v2.3.0 published on Wednesday, Nov 22, 2023 by Pulumi

awsx.ec2.Vpc

Explore with Pulumi AI

AWSx (Pulumi Crosswalk for AWS) v2.3.0 published on Wednesday, Nov 22, 2023 by Pulumi

Subnet Layout Strategies

If no subnet arguments are passed, then a public and private subnet will be created in each AZ with default sizing. The layout of these subnets can be customised by specifying additional arguments.

All strategies are designed to help build a uniform layout of subnets each each availability zone.

If no strategy is specified, “Legacy” will be used for backward compatibility reasons. In the next major version this will change to defaulting to “Auto”.

Auto

The “Auto” strategy divides the VPC space evenly between the availability zones. Within each availability zone it allocates each subnet in the order they were specified. If a CIDR mask or size was not specified it will default to an even division of the availability zone range. If subnets have different sizes, spaces will be automatically added to ensure subnets don’t overlap (e.g. where a previous subnet is smaller than the next).

Exact

The “Exact” strategy is the same as “Auto” with the additional requirement to explicitly specify what the whole of each zone’s range will be used for. Where you expect to have a gap between or after subnets, these must be passed using the subnet specification type “Unused” to show all space has been properly accounted for.

Explicit CIDR Blocks

If you prefer to do your CIDR block calculations yourself, you can specify a list of CIDR blocks for each subnet spec which it will be allocated for in each availability zone. If using explicit layouts, all subnet specs must be declared with explicit CIDR blocks. Each list of CIDR blocks must have the same length as the number of availability zones for the VPC.

Legacy

The “Legacy” works similarly to the “Auto” strategy except that within each availability zone it allocates the private subnet first, followed by the private subnets, and lastly the isolated subnets. The order of subnet specifications of the same type can be changed, but the ordering of private, public, isolated is not overridable. For more flexibility we recommend moving to the “Auto” strategy. The output property subnetLayout shows the configuration required if specifying the “Auto” strategy to maintain the current layout.

Example Usage

Basic usage

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Awsx = Pulumi.Awsx;

return await Deployment.RunAsync(() => 
{
    var vpc = new Awsx.Ec2.Vpc("vpc");

    return new Dictionary<string, object?>
    {
        ["vpcId"] = vpc.VpcId,
        ["vpcPrivateSubnetIds"] = vpc.PrivateSubnetIds,
        ["vpcPublicSubnetIds"] = vpc.PublicSubnetIds,
    };
});

package main

import (
	"github.com/pulumi/pulumi-awsx/sdk/v2/go/awsx/ec2"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		vpc, err := ec2.NewVpc(ctx, "vpc", nil)
		if err != nil {
			return err
		}
		ctx.Export("vpcId", vpc.VpcId)
		ctx.Export("vpcPrivateSubnetIds", vpc.PrivateSubnetIds)
		ctx.Export("vpcPublicSubnetIds", vpc.PublicSubnetIds)
		return nil
	})
}

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.awsx.ec2.Vpc;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var vpc = new Vpc("vpc");

        ctx.export("vpcId", vpc.vpcId());
        ctx.export("vpcPrivateSubnetIds", vpc.privateSubnetIds());
        ctx.export("vpcPublicSubnetIds", vpc.publicSubnetIds());
    }
}

import pulumi
import pulumi_awsx as awsx

vpc = awsx.ec2.Vpc("vpc")
pulumi.export("vpcId", vpc.vpc_id)
pulumi.export("vpcPrivateSubnetIds", vpc.private_subnet_ids)
pulumi.export("vpcPublicSubnetIds", vpc.public_subnet_ids)

import * as pulumi from "@pulumi/pulumi";
import * as awsx from "@pulumi/awsx";

const vpc = new awsx.ec2.Vpc("vpc", {});
export const vpcId = vpc.vpcId;
export const vpcPrivateSubnetIds = vpc.privateSubnetIds;
export const vpcPublicSubnetIds = vpc.publicSubnetIds;

resources:
  vpc:
    type: awsx:ec2:Vpc
outputs:
  vpcId: ${vpc.vpcId}
  vpcPrivateSubnetIds: ${vpc.privateSubnetIds}
  vpcPublicSubnetIds: ${vpc.publicSubnetIds}

Create Vpc Resource

new Vpc(name: string, args?: VpcArgs, opts?: CustomResourceOptions);

@overload
def Vpc(resource_name: str,
        opts: Optional[ResourceOptions] = None,
        assign_generated_ipv6_cidr_block: Optional[bool] = None,
        availability_zone_cidr_mask: Optional[int] = None,
        availability_zone_names: Optional[Sequence[str]] = None,
        cidr_block: Optional[str] = None,
        enable_dns_hostnames: Optional[bool] = None,
        enable_dns_support: Optional[bool] = None,
        enable_network_address_usage_metrics: Optional[bool] = None,
        instance_tenancy: Optional[str] = None,
        ipv4_ipam_pool_id: Optional[str] = None,
        ipv4_netmask_length: Optional[int] = None,
        ipv6_cidr_block: Optional[str] = None,
        ipv6_cidr_block_network_border_group: Optional[str] = None,
        ipv6_ipam_pool_id: Optional[str] = None,
        ipv6_netmask_length: Optional[int] = None,
        nat_gateways: Optional[NatGatewayConfigurationArgs] = None,
        number_of_availability_zones: Optional[int] = None,
        subnet_specs: Optional[Sequence[SubnetSpecArgs]] = None,
        subnet_strategy: Optional[SubnetAllocationStrategy] = None,
        tags: Optional[Mapping[str, str]] = None,
        vpc_endpoint_specs: Optional[Sequence[VpcEndpointSpecArgs]] = None)
@overload
def Vpc(resource_name: str,
        args: Optional[VpcArgs] = None,
        opts: Optional[ResourceOptions] = None)

func NewVpc(ctx *Context, name string, args *VpcArgs, opts ...ResourceOption) (*Vpc, error)

public Vpc(string name, VpcArgs? args = null, CustomResourceOptions? opts = null)

public Vpc(String name, VpcArgs args)
public Vpc(String name, VpcArgs args, CustomResourceOptions options)

type: awsx:ec2:Vpc
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VpcArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args VpcArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args VpcArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args VpcArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args VpcArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Vpc Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Vpc resource accepts the following input properties:

AssignGeneratedIpv6CidrBlock bool: Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false. Conflicts with ipv6_ipam_pool_id
AvailabilityZoneCidrMask int: The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
AvailabilityZoneNames List<string>: A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
CidrBlock string: The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
EnableDnsHostnames bool: A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
EnableDnsSupport bool: A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
EnableNetworkAddressUsageMetrics bool: Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
InstanceTenancy string: A tenancy option for instances launched into the VPC. Default is default, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is dedicated, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.
Ipv4IpamPoolId string: The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
Ipv4NetmaskLength int: The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4_ipam_pool_id.
Ipv6CidrBlock string: IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using ipv6_netmask_length.
Ipv6CidrBlockNetworkBorderGroup string: By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
Ipv6IpamPoolId string: IPAM Pool ID for a IPv6 pool. Conflicts with assign_generated_ipv6_cidr_block.
Ipv6NetmaskLength int: Netmask length to request from IPAM Pool. Conflicts with ipv6_cidr_block. This can be omitted if IPAM pool as a allocation_default_netmask_length set. Valid values: 56.
NatGateways NatGatewayConfiguration: Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
NumberOfAvailabilityZones int: A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
SubnetSpecs List<SubnetSpec>: A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Private subnets, and Isolated subnets are allocated last.
SubnetStrategy Pulumi.Awsx.Ec2.SubnetAllocationStrategy: The strategy to use when allocating subnets for the VPC. Optional. Defaults to Legacy.
Tags Dictionary<string, string>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
VpcEndpointSpecs List<VpcEndpointSpec>: A list of VPC Endpoints specs to be deployed as part of the VPC

AssignGeneratedIpv6CidrBlock bool: Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false. Conflicts with ipv6_ipam_pool_id
AvailabilityZoneCidrMask int: The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
AvailabilityZoneNames []string: A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
CidrBlock string: The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
EnableDnsHostnames bool: A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
EnableDnsSupport bool: A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
EnableNetworkAddressUsageMetrics bool: Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
InstanceTenancy string: A tenancy option for instances launched into the VPC. Default is default, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is dedicated, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.
Ipv4IpamPoolId string: The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
Ipv4NetmaskLength int: The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4_ipam_pool_id.
Ipv6CidrBlock string: IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using ipv6_netmask_length.
Ipv6CidrBlockNetworkBorderGroup string: By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
Ipv6IpamPoolId string: IPAM Pool ID for a IPv6 pool. Conflicts with assign_generated_ipv6_cidr_block.
Ipv6NetmaskLength int: Netmask length to request from IPAM Pool. Conflicts with ipv6_cidr_block. This can be omitted if IPAM pool as a allocation_default_netmask_length set. Valid values: 56.
NatGateways NatGatewayConfigurationArgs: Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
NumberOfAvailabilityZones int: A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
SubnetSpecs []SubnetSpecArgs: A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Private subnets, and Isolated subnets are allocated last.
SubnetStrategy SubnetAllocationStrategy: The strategy to use when allocating subnets for the VPC. Optional. Defaults to Legacy.
Tags map[string]string: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
VpcEndpointSpecs []VpcEndpointSpecArgs: A list of VPC Endpoints specs to be deployed as part of the VPC

assignGeneratedIpv6CidrBlock Boolean: Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false. Conflicts with ipv6_ipam_pool_id
availabilityZoneCidrMask Integer: The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
availabilityZoneNames List<String>: A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
cidrBlock String: The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
enableDnsHostnames Boolean: A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
enableDnsSupport Boolean: A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
enableNetworkAddressUsageMetrics Boolean: Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
instanceTenancy String: A tenancy option for instances launched into the VPC. Default is default, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is dedicated, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.
ipv4IpamPoolId String: The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
ipv4NetmaskLength Integer: The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4_ipam_pool_id.
ipv6CidrBlock String: IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using ipv6_netmask_length.
ipv6CidrBlockNetworkBorderGroup String: By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
ipv6IpamPoolId String: IPAM Pool ID for a IPv6 pool. Conflicts with assign_generated_ipv6_cidr_block.
ipv6NetmaskLength Integer: Netmask length to request from IPAM Pool. Conflicts with ipv6_cidr_block. This can be omitted if IPAM pool as a allocation_default_netmask_length set. Valid values: 56.
natGateways NatGatewayConfiguration: Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
numberOfAvailabilityZones Integer: A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
subnetSpecs List<SubnetSpec>: A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Private subnets, and Isolated subnets are allocated last.
subnetStrategy SubnetAllocationStrategy: The strategy to use when allocating subnets for the VPC. Optional. Defaults to Legacy.
tags Map<String,String>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointSpecs List<VpcEndpointSpec>: A list of VPC Endpoints specs to be deployed as part of the VPC

assignGeneratedIpv6CidrBlock boolean: Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false. Conflicts with ipv6_ipam_pool_id
availabilityZoneCidrMask number: The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
availabilityZoneNames string[]: A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
cidrBlock string: The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
enableDnsHostnames boolean: A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
enableDnsSupport boolean: A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
enableNetworkAddressUsageMetrics boolean: Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
instanceTenancy string: A tenancy option for instances launched into the VPC. Default is default, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is dedicated, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.
ipv4IpamPoolId string: The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
ipv4NetmaskLength number: The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4_ipam_pool_id.
ipv6CidrBlock string: IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using ipv6_netmask_length.
ipv6CidrBlockNetworkBorderGroup string: By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
ipv6IpamPoolId string: IPAM Pool ID for a IPv6 pool. Conflicts with assign_generated_ipv6_cidr_block.
ipv6NetmaskLength number: Netmask length to request from IPAM Pool. Conflicts with ipv6_cidr_block. This can be omitted if IPAM pool as a allocation_default_netmask_length set. Valid values: 56.
natGateways NatGatewayConfiguration: Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
numberOfAvailabilityZones number: A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
subnetSpecs SubnetSpec[]: A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Private subnets, and Isolated subnets are allocated last.
subnetStrategy SubnetAllocationStrategy: The strategy to use when allocating subnets for the VPC. Optional. Defaults to Legacy.
tags {[key: string]: string}: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointSpecs VpcEndpointSpec[]: A list of VPC Endpoints specs to be deployed as part of the VPC

assign_generated_ipv6_cidr_block bool: Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false. Conflicts with ipv6_ipam_pool_id
availability_zone_cidr_mask int: The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
availability_zone_names Sequence[str]: A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
cidr_block str: The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
enable_dns_hostnames bool: A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
enable_dns_support bool: A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
enable_network_address_usage_metrics bool: Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
instance_tenancy str: A tenancy option for instances launched into the VPC. Default is default, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is dedicated, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.
ipv4_ipam_pool_id str: The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
ipv4_netmask_length int: The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4_ipam_pool_id.
ipv6_cidr_block str: IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using ipv6_netmask_length.
ipv6_cidr_block_network_border_group str: By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
ipv6_ipam_pool_id str: IPAM Pool ID for a IPv6 pool. Conflicts with assign_generated_ipv6_cidr_block.
ipv6_netmask_length int: Netmask length to request from IPAM Pool. Conflicts with ipv6_cidr_block. This can be omitted if IPAM pool as a allocation_default_netmask_length set. Valid values: 56.
nat_gateways NatGatewayConfigurationArgs: Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
number_of_availability_zones int: A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
subnet_specs Sequence[SubnetSpecArgs]: A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Private subnets, and Isolated subnets are allocated last.
subnet_strategy SubnetAllocationStrategy: The strategy to use when allocating subnets for the VPC. Optional. Defaults to Legacy.
tags Mapping[str, str]: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpc_endpoint_specs Sequence[VpcEndpointSpecArgs]: A list of VPC Endpoints specs to be deployed as part of the VPC

assignGeneratedIpv6CidrBlock Boolean: Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for the VPC. You cannot specify the range of IP addresses, or the size of the CIDR block. Default is false. Conflicts with ipv6_ipam_pool_id
availabilityZoneCidrMask Number: The netmask for each available zone to be aligned to. This is optional, the default value is inferred based on an even distribution of available space from the VPC's CIDR block after being divided evenly by the number of availability zones.
availabilityZoneNames List<String>: A list of availability zone names to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
cidrBlock String: The CIDR block for the VPC. Optional. Defaults to 10.0.0.0/16.
enableDnsHostnames Boolean: A boolean flag to enable/disable DNS hostnames in the VPC. Defaults false.
enableDnsSupport Boolean: A boolean flag to enable/disable DNS support in the VPC. Defaults to true.
enableNetworkAddressUsageMetrics Boolean: Indicates whether Network Address Usage metrics are enabled for your VPC. Defaults to false.
instanceTenancy String: A tenancy option for instances launched into the VPC. Default is default, which ensures that EC2 instances launched in this VPC use the EC2 instance tenancy attribute specified when the EC2 instance is launched. The only other option is dedicated, which ensures that EC2 instances launched in this VPC are run on dedicated tenancy instances regardless of the tenancy attribute specified at launch. This has a dedicated per region fee of $2 per hour, plus an hourly per instance usage fee.
ipv4IpamPoolId String: The ID of an IPv4 IPAM pool you want to use for allocating this VPC's CIDR. IPAM is a VPC feature that you can use to automate your IP address management workflows including assigning, tracking, troubleshooting, and auditing IP addresses across AWS Regions and accounts. Using IPAM you can monitor IP address usage throughout your AWS Organization.
ipv4NetmaskLength Number: The netmask length of the IPv4 CIDR you want to allocate to this VPC. Requires specifying a ipv4_ipam_pool_id.
ipv6CidrBlock String: IPv6 CIDR block to request from an IPAM Pool. Can be set explicitly or derived from IPAM using ipv6_netmask_length.
ipv6CidrBlockNetworkBorderGroup String: By default when an IPv6 CIDR is assigned to a VPC a default ipv6_cidr_block_network_border_group will be set to the region of the VPC. This can be changed to restrict advertisement of public addresses to specific Network Border Groups such as LocalZones.
ipv6IpamPoolId String: IPAM Pool ID for a IPv6 pool. Conflicts with assign_generated_ipv6_cidr_block.
ipv6NetmaskLength Number: Netmask length to request from IPAM Pool. Conflicts with ipv6_cidr_block. This can be omitted if IPAM pool as a allocation_default_netmask_length set. Valid values: 56.
natGateways Property Map: Configuration for NAT Gateways. Optional. If private and public subnets are both specified, defaults to one gateway per availability zone. Otherwise, no gateways will be created.
numberOfAvailabilityZones Number: A number of availability zones to which the subnets defined in subnetSpecs will be deployed. Optional, defaults to the first 3 AZs in the current region.
subnetSpecs List<Property Map>: A list of subnet specs that should be deployed to each AZ specified in availabilityZoneNames. Optional. Defaults to a (smaller) public subnet and a (larger) private subnet based on the size of the CIDR block for the VPC. Private subnets are allocated CIDR block ranges first, followed by Private subnets, and Isolated subnets are allocated last.
subnetStrategy "Legacy" | "Auto" | "Exact": The strategy to use when allocating subnets for the VPC. Optional. Defaults to Legacy.
tags Map<String>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointSpecs List<Property Map>: A list of VPC Endpoints specs to be deployed as part of the VPC

Outputs

All input properties are implicitly available as output properties. Additionally, the Vpc resource produces the following output properties:

AwsVpc Pulumi.Aws.Ec2.Vpc: The VPC.
Eips List<Pulumi.Aws.Ec2.Eip>: The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
InternetGateway Pulumi.Aws.Ec2.InternetGateway: The Internet Gateway for the VPC.
IsolatedSubnetIds List<string>
PrivateSubnetIds List<string>
PublicSubnetIds List<string>
RouteTableAssociations List<Pulumi.Aws.Ec2.RouteTableAssociation>: The Route Table Associations for the VPC.
RouteTables List<Pulumi.Aws.Ec2.RouteTable>: The Route Tables for the VPC.
Routes List<Pulumi.Aws.Ec2.Route>: The Routes for the VPC.
SubnetLayout List<ResolvedSubnetSpec>: The resolved subnet specs layout deployed to each availability zone.
Subnets List<Pulumi.Aws.Ec2.Subnet>: The VPC's subnets.
VpcEndpoints List<Pulumi.Aws.Ec2.VpcEndpoint>: The VPC Endpoints that are enabled
VpcId string

Eips Eip: The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
InternetGateway InternetGateway: The Internet Gateway for the VPC.
IsolatedSubnetIds []string
PrivateSubnetIds []string
PublicSubnetIds []string
RouteTableAssociations RouteTableAssociation: The Route Table Associations for the VPC.
RouteTables RouteTable: The Route Tables for the VPC.
Routes Route: The Routes for the VPC.
SubnetLayout []ResolvedSubnetSpec: The resolved subnet specs layout deployed to each availability zone.
Subnets Subnet: The VPC's subnets.
Vpc Vpc: The VPC.
VpcEndpoints VpcEndpoint: The VPC Endpoints that are enabled
VpcId string

eips List<Eip>: The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
internetGateway InternetGateway: The Internet Gateway for the VPC.
isolatedSubnetIds List<String>
privateSubnetIds List<String>
publicSubnetIds List<String>
routeTableAssociations List<RouteTableAssociation>: The Route Table Associations for the VPC.
routeTables List<RouteTable>: The Route Tables for the VPC.
routes List<Route>: The Routes for the VPC.
subnetLayout List<ResolvedSubnetSpec>: The resolved subnet specs layout deployed to each availability zone.
subnets List<Subnet>: The VPC's subnets.
vpc Vpc: The VPC.
vpcEndpoints List<VpcEndpoint>: The VPC Endpoints that are enabled
vpcId String

eips pulumiAws.Eip[]: The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
internetGateway pulumiAws.InternetGateway: The Internet Gateway for the VPC.
isolatedSubnetIds string[]
privateSubnetIds string[]
publicSubnetIds string[]
routeTableAssociations pulumiAws.RouteTableAssociation[]: The Route Table Associations for the VPC.
routeTables pulumiAws.RouteTable[]: The Route Tables for the VPC.
routes pulumiAws.Route[]: The Routes for the VPC.
subnetLayout ResolvedSubnetSpec[]: The resolved subnet specs layout deployed to each availability zone.
subnets pulumiAws.Subnet[]: The VPC's subnets.
vpc pulumiAws.Vpc: The VPC.
vpcEndpoints pulumiAws.VpcEndpoint[]: The VPC Endpoints that are enabled
vpcId string

eips Eip]: The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
internet_gateway InternetGateway: The Internet Gateway for the VPC.
isolated_subnet_ids Sequence[str]
private_subnet_ids Sequence[str]
public_subnet_ids Sequence[str]
route_table_associations RouteTableAssociation]: The Route Table Associations for the VPC.
route_tables RouteTable]: The Route Tables for the VPC.
routes Route]: The Routes for the VPC.
subnet_layout Sequence[ResolvedSubnetSpec]: The resolved subnet specs layout deployed to each availability zone.
subnets Subnet]: The VPC's subnets.
vpc Vpc: The VPC.
vpc_endpoints VpcEndpoint]: The VPC Endpoints that are enabled
vpc_id str

eips List<aws::Eip>: The EIPs for any NAT Gateways for the VPC. If no NAT Gateways are specified, this will be an empty list.
internetGateway aws::InternetGateway: The Internet Gateway for the VPC.
isolatedSubnetIds List<String>
privateSubnetIds List<String>
publicSubnetIds List<String>
routeTableAssociations List<aws::RouteTableAssociation>: The Route Table Associations for the VPC.
routeTables List<aws::RouteTable>: The Route Tables for the VPC.
routes List<aws::Route>: The Routes for the VPC.
subnetLayout List<Property Map>: The resolved subnet specs layout deployed to each availability zone.
subnets List<aws::Subnet>: The VPC's subnets.
vpc aws::Vpc: The VPC.
vpcEndpoints List<aws::VpcEndpoint>: The VPC Endpoints that are enabled
vpcId String

Supporting Types

NatGatewayConfiguration, NatGatewayConfigurationArgs

Strategy Pulumi.Awsx.Ec2.NatGatewayStrategy: The strategy for deploying NAT Gateways.
ElasticIpAllocationIds List<string>: A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).

Strategy NatGatewayStrategy: The strategy for deploying NAT Gateways.
ElasticIpAllocationIds []string: A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).

strategy NatGatewayStrategy: The strategy for deploying NAT Gateways.
elasticIpAllocationIds List<String>: A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).

strategy NatGatewayStrategy: The strategy for deploying NAT Gateways.
elasticIpAllocationIds string[]: A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).

strategy NatGatewayStrategy: The strategy for deploying NAT Gateways.
elastic_ip_allocation_ids Sequence[str]: A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).

strategy "None" | "Single" | "OnePerAz": The strategy for deploying NAT Gateways.
elasticIpAllocationIds List<String>: A list of EIP allocation IDs to assign to the NAT Gateways. Optional. If specified, the number of supplied values must match the chosen strategy (either one, or the number of availability zones).

NatGatewayStrategy, NatGatewayStrategyArgs

None: None
Do not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
Single: Single
Create a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
OnePerAz: OnePerAz
Create a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.

NatGatewayStrategyNone: None
Do not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
NatGatewayStrategySingle: Single
Create a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
NatGatewayStrategyOnePerAz: OnePerAz
Create a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.

None: None
Do not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
Single: Single
Create a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
OnePerAz: OnePerAz
Create a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.

None: None
Do not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
Single: Single
Create a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
OnePerAz: OnePerAz
Create a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.

NONE: None
Do not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
SINGLE: Single
Create a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
ONE_PER_AZ: OnePerAz
Create a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.

"None": None
Do not create any NAT Gateways. Resources in private subnets will not be able to access the internet.
"Single": Single
Create a single NAT Gateway for the entire VPC. This configuration is not recommended for production infrastructure as it creates a single point of failure.
"OnePerAz": OnePerAz
Create a NAT Gateway in each availability zone. This is the recommended configuration for production infrastructure.

ResolvedSubnetSpec, ResolvedSubnetSpecArgs

Type Pulumi.Awsx.Ec2.SubnetType: The type of subnet.
CidrBlocks List<string>: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
CidrMask int: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
Name string: The subnet's name. Will be templated upon creation.
Size int: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.

Type SubnetType: The type of subnet.
CidrBlocks []string: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
CidrMask int: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
Name string: The subnet's name. Will be templated upon creation.
Size int: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.

type SubnetType: The type of subnet.
cidrBlocks List<String>: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
cidrMask Integer: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
name String: The subnet's name. Will be templated upon creation.
size Integer: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.

type SubnetType: The type of subnet.
cidrBlocks string[]: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
cidrMask number: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
name string: The subnet's name. Will be templated upon creation.
size number: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.

type SubnetType: The type of subnet.
cidr_blocks Sequence[str]: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
cidr_mask int: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
name str: The subnet's name. Will be templated upon creation.
size int: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.

type "Public" | "Private" | "Isolated" | "Unused": The type of subnet.
cidrBlocks List<String>: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
cidrMask Number: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
name String: The subnet's name. Will be templated upon creation.
size Number: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.

SubnetAllocationStrategy, SubnetAllocationStrategyArgs

Legacy: Legacy
Group private subnets first, followed by public subnets, followed by isolated subnets.
Auto: Auto
Order remains as specified by specs, allowing gaps where required.
Exact: Exact
Whole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.

SubnetAllocationStrategyLegacy: Legacy
Group private subnets first, followed by public subnets, followed by isolated subnets.
SubnetAllocationStrategyAuto: Auto
Order remains as specified by specs, allowing gaps where required.
SubnetAllocationStrategyExact: Exact
Whole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.

Legacy: Legacy
Group private subnets first, followed by public subnets, followed by isolated subnets.
Auto: Auto
Order remains as specified by specs, allowing gaps where required.
Exact: Exact
Whole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.

Legacy: Legacy
Group private subnets first, followed by public subnets, followed by isolated subnets.
Auto: Auto
Order remains as specified by specs, allowing gaps where required.
Exact: Exact
Whole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.

LEGACY: Legacy
Group private subnets first, followed by public subnets, followed by isolated subnets.
AUTO: Auto
Order remains as specified by specs, allowing gaps where required.
EXACT: Exact
Whole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.

"Legacy": Legacy
Group private subnets first, followed by public subnets, followed by isolated subnets.
"Auto": Auto
Order remains as specified by specs, allowing gaps where required.
"Exact": Exact
Whole range of VPC must be accounted for, using "Unused" spec types for deliberate gaps.

SubnetSpec, SubnetSpecArgs

Type Pulumi.Awsx.Ec2.SubnetType: The type of subnet.
CidrBlocks List<string>: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
CidrMask int: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
Name string: The subnet's name. Will be templated upon creation.
Size int: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
Tags Dictionary<string, string>: A map of tags to assign to the resource.

Type SubnetType: The type of subnet.
CidrBlocks []string: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
CidrMask int: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
Name string: The subnet's name. Will be templated upon creation.
Size int: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
Tags map[string]string: A map of tags to assign to the resource.

type SubnetType: The type of subnet.
cidrBlocks List<String>: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
cidrMask Integer: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
name String: The subnet's name. Will be templated upon creation.
size Integer: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
tags Map<String,String>: A map of tags to assign to the resource.

type SubnetType: The type of subnet.
cidrBlocks string[]: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
cidrMask number: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
name string: The subnet's name. Will be templated upon creation.
size number: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
tags {[key: string]: string}: A map of tags to assign to the resource.

type SubnetType: The type of subnet.
cidr_blocks Sequence[str]: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
cidr_mask int: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
name str: The subnet's name. Will be templated upon creation.
size int: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
tags Mapping[str, str]: A map of tags to assign to the resource.

type "Public" | "Private" | "Isolated" | "Unused": The type of subnet.
cidrBlocks List<String>: An optional list of CIDR blocks to assign to the subnet spec for each AZ. If specified, the count must match the number of AZs being used for the VPC, and must also be specified for all other subnet specs.
cidrMask Number: The netmask for the subnet's CIDR block. This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
name String: The subnet's name. Will be templated upon creation.
size Number: Optional size of the subnet's CIDR block - the number of hosts. This value must be a power of 2 (e.g. 256, 512, 1024, etc.). This is optional, the default value is inferred from the cidrMask, cidrBlocks or based on an even distribution of available space from the VPC's CIDR block after being divided evenly by availability zone.
tags Map<String>: A map of tags to assign to the resource.

SubnetType, SubnetTypeArgs

Public: Public
A subnet whose hosts can directly communicate with the internet.
Private: Private
A subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
Isolated: Isolated
A subnet whose hosts have no connectivity with the internet.
Unused: Unused
A subnet range which is reserved, but no subnet will be created.

SubnetTypePublic: Public
A subnet whose hosts can directly communicate with the internet.
SubnetTypePrivate: Private
A subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
SubnetTypeIsolated: Isolated
A subnet whose hosts have no connectivity with the internet.
SubnetTypeUnused: Unused
A subnet range which is reserved, but no subnet will be created.

Public: Public
A subnet whose hosts can directly communicate with the internet.
Private: Private
A subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
Isolated: Isolated
A subnet whose hosts have no connectivity with the internet.
Unused: Unused
A subnet range which is reserved, but no subnet will be created.

Public: Public
A subnet whose hosts can directly communicate with the internet.
Private: Private
A subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
Isolated: Isolated
A subnet whose hosts have no connectivity with the internet.
Unused: Unused
A subnet range which is reserved, but no subnet will be created.

PUBLIC: Public
A subnet whose hosts can directly communicate with the internet.
PRIVATE: Private
A subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
ISOLATED: Isolated
A subnet whose hosts have no connectivity with the internet.
UNUSED: Unused
A subnet range which is reserved, but no subnet will be created.

"Public": Public
A subnet whose hosts can directly communicate with the internet.
"Private": Private
A subnet whose hosts can not directly communicate with the internet, but can initiate outbound network traffic via a NAT Gateway.
"Isolated": Isolated
A subnet whose hosts have no connectivity with the internet.
"Unused": Unused
A subnet range which is reserved, but no subnet will be created.

VpcEndpointSpec, VpcEndpointSpecArgs

ServiceName string: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
AutoAccept bool: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
DnsOptions Pulumi.Aws.Ec2.Inputs.VpcEndpointDnsOptions: The DNS options for the endpoint. See dns_options below.
IpAddressType string: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
Policy string: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
PrivateDnsEnabled bool: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to false.
RouteTableIds List<string>: One or more route table IDs. Applicable for endpoints of type Gateway.
SecurityGroupIds List<string>: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
SubnetIds List<string>: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
Tags Dictionary<string, string>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
VpcEndpointType string: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

ServiceName string: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
AutoAccept bool: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
DnsOptions VpcEndpointDnsOptions: The DNS options for the endpoint. See dns_options below.
IpAddressType string: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
Policy string: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
PrivateDnsEnabled bool: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to false.
RouteTableIds []string: One or more route table IDs. Applicable for endpoints of type Gateway.
SecurityGroupIds []string: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
SubnetIds []string: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
Tags map[string]string: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
VpcEndpointType string: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

serviceName String: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
autoAccept Boolean: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
dnsOptions VpcEndpointDnsOptions: The DNS options for the endpoint. See dns_options below.
ipAddressType String: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
policy String: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
privateDnsEnabled Boolean: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to false.
routeTableIds List<String>: One or more route table IDs. Applicable for endpoints of type Gateway.
securityGroupIds List<String>: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
subnetIds List<String>: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
tags Map<String,String>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointType String: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

serviceName string: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
autoAccept boolean: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
dnsOptions pulumiAws.types.input.VpcEndpointDnsOptions: The DNS options for the endpoint. See dns_options below.
ipAddressType string: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
policy string: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
privateDnsEnabled boolean: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to false.
routeTableIds string[]: One or more route table IDs. Applicable for endpoints of type Gateway.
securityGroupIds string[]: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
subnetIds string[]: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
tags {[key: string]: string}: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointType string: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

service_name str: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
auto_accept bool: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
dns_options VpcEndpointDnsOptionsArgs: The DNS options for the endpoint. See dns_options below.
ip_address_type str: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
policy str: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
private_dns_enabled bool: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to false.
route_table_ids Sequence[str]: One or more route table IDs. Applicable for endpoints of type Gateway.
security_group_ids Sequence[str]: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
subnet_ids Sequence[str]: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
tags Mapping[str, str]: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpc_endpoint_type str: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

serviceName String: The service name. For AWS services the service name is usually in the form com.amazonaws.<region>.<service> (the SageMaker Notebook service is an exception to this rule, the service name is in the form aws.sagemaker.<region>.notebook).
autoAccept Boolean: Accept the VPC endpoint (the VPC endpoint and service need to be in the same AWS account).
dnsOptions Property Map: The DNS options for the endpoint. See dns_options below.
ipAddressType String: The IP address type for the endpoint. Valid values are ipv4, dualstack, and ipv6.
policy String: A policy to attach to the endpoint that controls access to the service. This is a JSON formatted string. Defaults to full access. All Gateway and some Interface endpoints support policies - see the relevant AWS documentation for more details.
privateDnsEnabled Boolean: Whether or not to associate a private hosted zone with the specified VPC. Applicable for endpoints of type Interface. Defaults to false.
routeTableIds List<String>: One or more route table IDs. Applicable for endpoints of type Gateway.
securityGroupIds List<String>: The ID of one or more security groups to associate with the network interface. Applicable for endpoints of type Interface. If no security groups are specified, the VPC's default security group is associated with the endpoint.
subnetIds List<String>: The ID of one or more subnets in which to create a network interface for the endpoint. Applicable for endpoints of type GatewayLoadBalancer and Interface. Interface type endpoints cannot function without being assigned to a subnet.
tags Map<String>: A map of tags to assign to the resource. If configured with a provider default_tags configuration block present, tags with matching keys will overwrite those defined at the provider-level.
vpcEndpointType String: The VPC endpoint type, Gateway, GatewayLoadBalancer, or Interface. Defaults to Gateway.

Package Details

Repository: AWSx (Pulumi Crosswalk for AWS) pulumi/pulumi-awsx
License: Apache-2.0

AWSx (Pulumi Crosswalk for AWS) v2.3.0 published on Wednesday, Nov 22, 2023 by Pulumi

pulumi/pulumi-awsx

awsx.ec2.Vpc

On this page

On this page

Subnet Layout Strategies

Auto

Exact

Explicit CIDR Blocks

Legacy

Example Usage

Create Vpc Resource

Vpc Resource Properties

Inputs

Outputs

Supporting Types

NatGatewayConfiguration, NatGatewayConfigurationArgs

NatGatewayStrategy, NatGatewayStrategyArgs

ResolvedSubnetSpec, ResolvedSubnetSpecArgs

SubnetAllocationStrategy, SubnetAllocationStrategyArgs

SubnetSpec, SubnetSpecArgs

SubnetType, SubnetTypeArgs

VpcEndpointSpec, VpcEndpointSpecArgs

Package Details

On this page

On this page